bachir/materio-base-legacy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

security updates

Browse Source 
have to check views and entityreference for custom patches
This commit is contained in:
Bachir Soussi Chiadmi
2015-04-19 20:45:16 +02:00
parent 802ec0c6f3
commit b3221c71e2
516 changed files with 14267 additions and 7349 deletions
Download Patch File Download Diff File Expand all files Collapse all files

60
sites/all/modules/contrib/dev/ctools/page_manager/page_manager.admin.inc
View File

@@ -14,7 +14,7 @@
function page_manager_list_page($js = NULL) {
// Prevent this page from showing up when random other links fail.
if ($js && $js != 'ajax' && $js != 'nojs') {
return drupal_not_found();
return MENU_NOT_FOUND;
}
// TRUE if 'ajax', FALSE if otherwise.
@@ -62,7 +62,7 @@ function page_manager_list_page($js = NULL) {
if (isset($input['op']) && $input['op'] == t('Reset')) {
unset($_SESSION['page_manager']['#admin']);
if (!$js) {
return drupal_goto($_GET['q']);
drupal_goto($_GET['q']);
}
// clear everything but form id, form build id and form token:
$keys = array_keys($input);
@@ -95,6 +95,7 @@ function page_manager_list_page($js = NULL) {
$header = array(
array('data' => t('Type'), 'class' => array('page-manager-page-type')),
array('data' => t('Module'), 'class' => array('page-manager-page-module')),
array('data' => t('Name'), 'class' => array('page-manager-page-name')),
array('data' => t('Title'), 'class' => array('page-manager-page-title')),
array('data' => t('Path'), 'class' => array('page-manager-page-path')),
@@ -175,9 +176,18 @@ function page_manager_get_pages($tasks, &$pages, $task_id = NULL) {
$row = array('data' => array(), 'class' => $class, 'title' => strip_tags($task['admin description']));
$type = isset($task['admin type']) ? $task['admin type'] : t('System');
if (isset($task['module'])) {
$module = $task['module'];
}
elseif (isset($task['subtask']->export_module)) {
$module = $task['subtask']->export_module;
}
else {
$module = '';
}
$pages['types'][$type] = $type;
$row['data']['type'] = array('data' => $type, 'class' => array('page-manager-page-type'));
$row['data']['module'] = array('data' => $module, 'class' => array('page-manager-page-module'));
$row['data']['name'] = array('data' => $task_name, 'class' => array('page-manager-page-name'));
$row['data']['title'] = array('data' => $task['admin title'], 'class' => array('page-manager-page-title'));
$row['data']['path'] = array('data' => $visible_path, 'class' => array('page-manager-page-path'));
@@ -401,7 +411,7 @@ function page_manager_list_pages_form_submit(&$form, &$form_state) {
* Render the edit page for a a page, custom or system.
*/
function page_manager_edit_page($page) {
drupal_set_title($page->subtask['admin title']);
drupal_set_title($page->subtask['admin title'], PASS_THROUGH);
// Provide and process the save page form before anything else.
$form_state = array('page' => &$page);
$built_form = drupal_build_form('page_manager_save_page_form', $form_state);
@@ -464,7 +474,7 @@ function page_manager_edit_page_operation() {
return;
}
drupal_set_title($page->subtask['admin title']);
drupal_set_title($page->subtask['admin title'], PASS_THROUGH);
return $output;
}
@@ -577,8 +587,8 @@ function page_manager_get_operations($page, $operations = NULL) {
),
);
// Restrict variant import to users who can already execute arbitrary PHP
if (user_access('use PHP for settings')) {
// Restrict variant import due to security implications.
if (user_access('use ctools import')) {
$result['actions']['children']['import'] = array(
'title' => t('Import variant'),
'description' => t('Add a new variant to this page from code exported from another page.'),
@@ -930,7 +940,7 @@ function _page_manager_get_operation_content($js, &$page, $active, $operation, $
$output = drupal_render($built_form);
$title = empty($form_state['title']) ? $operation['title'] : $form_state['title'];
$titles[] = $title;
$title = implode(' &raquo ', array_filter($titles));
$title = implode(' » ', array_filter($titles));
// If there are messages for the form, render them.
if ($messages = theme('status_messages')) {
@@ -1308,6 +1318,7 @@ function page_manager_handler_add_submit(&$form, &$form_state) {
else {
$handler->conf['title'] = $plugin['title'];
}
$handler->conf['name'] = $form_state['values']['name'];
$cache->new_handler = $handler;
// Figure out which forms to present them with
@@ -1398,6 +1409,21 @@ function page_manager_handler_add_form($form, $form_state, $features = array())
'#title' => t('Title'),
'#description' => t('Administrative title of this variant. If you leave blank it will be automatically assigned.'),
);
$form['name'] = array(
'#type' => 'machine_name',
'#title' => t('Machine name'),
'#required' => FALSE,
'#description' => t("A unique machine-readable name for this variant. It must only contain lowercase letters, numbers, and underscores. This name will be used when exporting the variant. If left empty the variant's name will be used instead."),
'#size' => 32,
'#maxlength' => 32,
'#machine_name' => array(
'exists' => 'page_manager_handler_check_machine_name',
'source' => array('title'),
),
'#field_prefix' => '<span dir="ltr">' . $form_state['task_name'] . '__',
'#field_suffix' => '</span>&lrm;',
);
}
$form['handler'] = array(
@@ -1436,6 +1462,15 @@ function page_manager_handler_add_form($form, $form_state, $features = array())
return $form;
}
/*
* Check if handler's machine-name is unique
*/
function page_manager_handler_check_machine_name($name, $element, $form_state) {
$name = $form_state['task_name'] . '__' . $name;
return count(ctools_export_load_object('page_manager_handlers', 'names', array($name)));
}
/**
* Rearrange the order of variants.
*/
@@ -1446,15 +1481,16 @@ function page_manager_handler_import($form, &$form_state) {
'#description' => t('Enter the name of the new variant.'),
);
if (user_access('use PHP for settings')) {
if (user_access('use ctools import')) {
$form['object'] = array(
'#type' => 'textarea',
'#title' => t('Paste variant code here'),
'#rows' => 15,
);
}
// Users ordinarily can't get here without the PHP block visibility perm.
// In case they somehow do, though, disable the form widget for extra safety.
// Users ordinarily can't get here without the 'import' permission, due to
// security implications. In case they somehow do, though, disable the form
// widget for extra safety.
else {
$form['shoveoff'] = array(
'#markup' => '<div>' . t('You do not have sufficient permissions to perform this action.') . '</div>',
@@ -1468,7 +1504,7 @@ function page_manager_handler_import($form, &$form_state) {
* Make sure that an import actually provides a handler.
*/
function page_manager_handler_import_validate($form, &$form_state) {
if (!user_access('use PHP for settings')) {
if (!user_access('use ctools import')) {
form_error($form['shoveoff'], t('You account permissions do not permit you to import.'));
return;
}

7
sites/all/modules/contrib/dev/ctools/page_manager/page_manager.info
View File

@@ -3,10 +3,11 @@ description = Provides a UI and API to manage pages within the site.
core = 7.x
dependencies[] = ctools
package = Chaos tool suite
version = CTOOLS_MODULE_VERSION
; Information added by drupal.org packaging script on 2013-04-03
version = "7.x-1.3"
; Information added by Drupal.org packaging script on 2015-03-18
version = "7.x-1.7"
core = "7.x"
project = "ctools"
datestamp = "1365013512"
datestamp = "1426696183"

43
sites/all/modules/contrib/dev/ctools/page_manager/page_manager.module
View File

@@ -213,6 +213,30 @@ function page_manager_menu_alter(&$items) {
}
}
// Override the core node revisions display to use the configured Page
// display handler.
if (!variable_get('page_manager_node_view_disabled', TRUE) && isset($items['node/%node/revisions/%/view'])) {
// Abstract the basic settings.
$item = array(
// Handle the page arguments.
'load arguments' => array(3),
'page arguments' => array(1, TRUE),
// Replace the normal node_show call with Page Manager's node view.
'page callback' => 'page_manager_node_view_page',
// Provide the correct path to the Page Manager file.
'file' => 'node_view.inc',
'file path' => drupal_get_path('module', 'page_manager') . '/plugins/tasks',
);
// Re-build the menu item using the normal values from node.module.
$items['node/%node/revisions/%/view'] = array(
'title' => 'Revisions',
'access callback' => '_node_revision_access',
'access arguments' => array(1),
) + $item;
}
return $items;
}
@@ -416,16 +440,17 @@ function page_manager_cache_load($task_name) {
*/
function page_manager_handler_get_name($task_name, $handlers, $handler) {
$base = str_replace('-', '_', $task_name);
// Generate a unique name. Unlike most named objects, we don't let people choose
// names for task handlers because they mostly don't make sense.
$base .= '_' . $handler->handler;
// Optional machine name.
if (!empty($handler->conf['name'])) {
$name = $base . '__' . $handler->conf['name'];
}
// Once we have a base, check to see if it is used. If it is, start counting up.
$name = $base;
$count = 1;
// If taken
while (isset($handlers[$name])) {
$name = $base . '_' . ++$count;
// If no machine name was provided, generate a unique name.
else {
$base .= '__' . $handler->handler;
// Use the ctools uuid generator to generate a unique id.
$name = $base . '_' . ctools_uuid_generate();
}
return $name;

70
sites/all/modules/contrib/dev/ctools/page_manager/plugins/cache/page_manager_context.inc vendored Normal file
View File

@@ -0,0 +1,70 @@
<?php
/**
* @file
* A page_manager cache indirection mechanism that just attaches context
* caching to the larger page cache.
*/
$plugin = array(
// cache plugins are the rare plugin types that have no real UI but
// we're providing a title just in case.
'title' => t('Page manager context'),
'cache get' => 'page_manager_cache_page_manager_context_cache_get',
'cache set' => 'page_manager_cache_page_manager_context_cache_set',
'cache finalize' => 'page_manager_cache_page_manager_context_cache_finalize',
// We don't support a clear because the general uses of clear have no effect
// on us.
);
function page_manager_cache_page_manager_context_cache_get($data, $key) {
$page = page_manager_get_page_cache($data);
if ($page) {
if (!empty($page->context_cache[$key])) {
return $page->context_cache[$key];
}
else {
ctools_include('context-task-handler');
if ($key == 'temp') {
$handler = $page->new_handler;
}
else {
$handler = $page->handlers[$key];
}
return ctools_context_handler_get_task_object($page->task, $page->subtask, $handler);
}
}
}
function page_manager_cache_page_manager_context_cache_set($data, $key, $object) {
$page = page_manager_get_page_cache($data);
if ($page) {
$page->context_cache[$key] = $object;
return page_manager_set_page_cache($page);
}
}
/**
* Copy temporary data from the page manager cache
*/
function page_manager_cache_page_manager_context_cache_finalize($data, $key, $object) {
// Statically cached so there shouldn't be any worries. It's an object so
// referencing ensures that we'll get the right one.
$page = page_manager_get_page_cache($data);
if ($page) {
if ($key == 'temp') {
$handler = $page->new_handler;
}
else {
$handler = $page->handlers[$key];
}
$handler->conf['contexts'] = $object->contexts;
$handler->conf['relationships'] = $object->relationships;
if (isset($page->context_cache[$key])) {
unset($page->context_cache[$key]);
}
return page_manager_set_page_cache($page);
}
}

46
sites/all/modules/contrib/dev/ctools/page_manager/plugins/task_handlers/http_response.inc
View File

@@ -216,6 +216,9 @@ function page_manager_http_response_title($handler, $task, $subtask) {
* General settings for the panel
*/
function page_manager_http_response_edit_settings($form, &$form_state) {
ctools_include('page_manager.admin', 'page_manager', '');
ctools_include('export', 'ctools');
$conf = $form_state['handler']->conf;
$form['title'] = array(
'#type' => 'textfield',
@@ -224,6 +227,23 @@ function page_manager_http_response_edit_settings($form, &$form_state) {
'#description' => t('Administrative title of this variant.'),
);
$name = isset($conf['name']) ? $conf['name'] : FALSE;
$form['name'] = array(
'#type' => 'machine_name',
'#title' => t('Machine name'),
'#required' => FALSE,
'#default_value' => $name,
'#description' => t("A unique machine-readable name for this variant. It must only contain lowercase letters, numbers, and underscores. This name will be used when exporting the variant. If left empty the variant's name will be used instead."),
'#size' => 32,
'#maxlength' => 32,
'#machine_name' => array(
'exists' => 'page_manager_handler_check_machine_name',
'source' => array('title'),
),
'#field_prefix' => '<span dir="ltr">' . $form_state['task_name'] . '__',
'#field_suffix' => '</span>&lrm;',
);
$form['code'] = array(
'#title' => t('Response code'),
'#type' => 'select',
@@ -244,7 +264,33 @@ function page_manager_http_response_edit_settings($form, &$form_state) {
}
function page_manager_http_response_edit_settings_submit($form, &$form_state) {
$machine_name = $form_state['handler']->name;
$name = $form_state['task_name'] . '__' . $form_state['values']['name'];
// If new name doesn't equal machine name, we need to update and redirect.
if ($machine_name !== $name) {
$form_state['handler']->name = $name;
// If there's a trail, we need to replace it for redirection.
if (isset($form_state['trail'])) {
$form_state['new trail'] = $form_state['trail'];
$delta = array_search($machine_name, $form_state['new trail']);
$form_state['new trail'][$delta] = $name;
}
// If handler id is set, replace it.
if ($form_state['handler_id']) {
$form_state['handler_id'] = $name;
}
// If we're defining a new custom handler, move page handler to new name.
if (isset($form_state['page']->handlers[$machine_name]) && isset($form_state['page']->handler_info[$machine_name])) {
$form_state['page']->handlers[$name] = $form_state['page']->handlers[$machine_name];
unset($form_state['page']->handlers[$machine_name]);
$form_state['page']->handler_info[$name] = $form_state['page']->handler_info[$machine_name];
unset($form_state['page']->handler_info[$machine_name]);
}
}
$form_state['handler']->conf['title'] = $form_state['values']['title'];
$form_state['handler']->conf['name'] = $form_state['values']['name'];
$form_state['handler']->conf['code'] = $form_state['values']['code'];
$form_state['handler']->conf['destination'] = $form_state['values']['destination'];
}

2
sites/all/modules/contrib/dev/ctools/page_manager/plugins/tasks/comment_reply.inc
View File

@@ -67,7 +67,7 @@ function page_manager_comment_reply_page($node, $pid = NULL){
}
$output = ctools_context_handler_render($task, '', $contexts, array($node, $pid));
if ($output != FALSE) {
if ($output !== FALSE) {
return $output;
}

2
sites/all/modules/contrib/dev/ctools/page_manager/plugins/tasks/node_edit.inc
View File

@@ -126,7 +126,7 @@ function page_manager_node_add($type) {
'language' => LANGUAGE_NONE,
);
drupal_set_title(t('Create @name', array('@name' => $types[$type]->name)));
drupal_set_title(t('Create @name', array('@name' => $types[$type]->name)), PASS_THROUGH);
return page_manager_node_edit($node);
}

24
sites/all/modules/contrib/dev/ctools/page_manager/plugins/tasks/node_view.inc
View File

@@ -78,6 +78,10 @@ function page_manager_node_view_menu_alter(&$items, $task) {
* node view, which is node_page_view().
*/
function page_manager_node_view_page($node) {
// Prep the node to be displayed so all of the regular hooks are triggered.
// Also save the output for later, in case it is needed.
$default_output = node_page_view($node);
// Load my task plugin
$task = page_manager_get_task('node_view');
@@ -85,32 +89,26 @@ function page_manager_node_view_page($node) {
ctools_include('context');
ctools_include('context-task-handler');
// We need to mimic Drupal's behavior of setting the node title here.
drupal_set_title($node->title);
$uri = entity_uri('node', $node);
// Set the node path as the canonical URL to prevent duplicate content.
drupal_add_html_head_link(array('rel' => 'canonical', 'href' => url($uri['path'], $uri['options'])), TRUE);
// Set the non-aliased path as a default shortlink.
drupal_add_html_head_link(array('rel' => 'shortlink', 'href' => url($uri['path'], array_merge($uri['options'], array('alias' => TRUE)))), TRUE);
// Load all contexts.
$contexts = ctools_context_handler_get_task_contexts($task, '', array($node));
// Build the full output using the configured CTools plugin.
$output = ctools_context_handler_render($task, '', $contexts, array($node->nid));
if ($output != FALSE) {
if ($output !== FALSE) {
node_tag_new($node);
return $output;
}
$function = 'node_page_view';
// Try loading an override plugin.
foreach (module_implements('page_manager_override') as $module) {
$call = $module . '_page_manager_override';
if (($rc = $call('node_view')) && function_exists($rc)) {
$function = $rc;
break;
return $rc($node);
}
}
// Otherwise, fall back.
return $function($node);
// Otherwise, fall back to the default output generated by node_page_view().
return $default_output;
}
/**

12
sites/all/modules/contrib/dev/ctools/page_manager/plugins/tasks/page.admin.inc
View File

@@ -38,7 +38,7 @@ function page_manager_page_menu(&$items, $task) {
) + $base;
if ($access_callback == 'user_access') {
$items['admin/structure/pages/import']['access callback'] = 'ctools_access_multiperm';
$items['admin/structure/pages/import']['access arguments'][] = 'use PHP for settings';
$items['admin/structure/pages/import']['access arguments'][] = 'use ctools import';
}
// AJAX callbacks for argument modal.
@@ -237,7 +237,7 @@ function page_manager_page_add_subtask($task_name = NULL, $step = NULL) {
if ($task_name) {
$page = page_manager_get_page_cache($task_name);
if (empty($page)) {
return drupal_not_found();
return MENU_NOT_FOUND;
}
$form_info['path'] = "admin/structure/pages/add/$task_name/%step";
@@ -443,7 +443,7 @@ function page_manager_page_form_basic($form, &$form_state) {
'#type' => 'checkbox',
'#default_value' => !empty($page->make_frontpage),
'#title' => t('Make this your site home page.'),
'#description' => t('To set this panel as your home page you must create a unique path name with no % placeholders in the path. The site home page is currently set to %homepage on the !siteinfo configuration form.', array('!siteinfo' => l(t('Site Information'), 'admin/settings/site-information'), '%homepage' => '/' . $frontpage)),
'#description' => t('To set this panel as your home page you must create a unique path name with no % placeholders in the path. The site home page is currently set to %homepage on the !siteinfo configuration form.', array('!siteinfo' => l(t('Site Information'), 'admin/config/system/site-information'), '%homepage' => '/' . $frontpage)),
);
$form['admin_paths'] = array(
'#type' => 'checkbox',
@@ -769,12 +769,12 @@ function page_manager_page_form_menu($form, &$form_state) {
);
}
$form['menu']['parent']['weight'] = array(
'#title' => t('Tab weight'),
'#title' => t('Parent weight'),
'#type' => 'textfield',
'#default_value' => $menu['parent']['weight'],
'#size' => 5,
'#description' => t('If the parent menu item is a tab, enter the weight of the tab. The lower the number, the more to the left it will be.'),
'#dependency' => array('radio:menu[type]' => array('default tab'), 'radio:menu[parent][type]' => array('tab')),
'#description' => t('Enter the weight of the parent item. The lower the number, the more to the left it will be.'),
'#dependency' => array('radio:menu[type]' => array('default tab'), 'radio:menu[parent][type]' => array('tab', 'normal')),
'#dependency_count' => 2,
);

2
sites/all/modules/contrib/dev/ctools/page_manager/plugins/tasks/page.inc
View File

@@ -321,7 +321,7 @@ function page_manager_page_execute($subtask_id) {
ctools_include('context-task-handler');
$output = ctools_context_handler_render($task, $subtask, $contexts, $args);
if ($output === FALSE) {
return drupal_not_found();
return MENU_NOT_FOUND;
}
return $output;

4
sites/all/modules/contrib/dev/ctools/page_manager/plugins/tasks/term_view.inc
View File

@@ -138,7 +138,7 @@ function page_manager_term_view_page($term, $depth = NULL) {
$contexts = ctools_context_handler_get_task_contexts($task, '', array($term, $depth));
if (empty($contexts)) {
return drupal_not_found();
return MENU_NOT_FOUND;
}
// Build the full output using the configured CTools plugin.
@@ -151,7 +151,7 @@ function page_manager_term_view_page($term, $depth = NULL) {
foreach (module_implements('page_manager_override') as $module) {
$call = $module . '_page_manager_override';
if (($rc = $call('term_view')) && function_exists($rc)) {
return $rc($node);
return $rc($term, $depth);
}
}

6
sites/all/modules/contrib/dev/ctools/page_manager/plugins/tasks/user_edit.inc
View File

@@ -97,8 +97,8 @@ function page_manager_user_edit_page($account, $category = 'account') {
$output = ctools_context_handler_render($task, '', $contexts, array($account->uid));
if (is_array($output)) {
$output = drupal_render($output);
}
if ($output != FALSE) {
}
if ($output !== FALSE) {
return $output;
}
@@ -119,7 +119,7 @@ function page_manager_user_edit_page($account, $category = 'account') {
//call drupal_build_form.
$form_state = array();
$form_id = 'user_profile_form';
$args = array($account);
$args = array($account, $category);
$form_state['build_info']['args'] = $args;
form_load_include($form_state, 'inc', 'user', 'user.pages');
$output = drupal_build_form($form_id, $form_state);

2
sites/all/modules/contrib/dev/ctools/page_manager/plugins/tasks/user_view.inc
View File

@@ -81,7 +81,7 @@ function page_manager_user_view_page($account) {
user_build_content($account);
$output = ctools_context_handler_render($task, '', $contexts, array($account->uid));
if ($output != FALSE) {
if ($output !== FALSE) {
return $output;
}