Issue #1110650 follow-up by sun: Oops. No entity_create() in 7.x. :)
[project/drupal.git] / update.php
CommitLineData
0a4f99ef 1<?php
94e30bf7
DB
2
3/**
a3bb66e4
AB
4 * Root directory of Drupal installation.
5 */
d802c69a 6define('DRUPAL_ROOT', getcwd());
a3bb66e4
AB
7
8/**
94e30bf7
DB
9 * @file
10 * Administrative page for handling updates from one Drupal version to another.
11 *
a5bbf6ca 12 * Point your browser to "http://www.example.com/update.php" and follow the
94e30bf7
DB
13 * instructions.
14 *
7df3f372
AB
15 * If you are not logged in using either the site maintenance account or an
16 * account with the "Administer software updates" permission, you will need to
17 * modify the access check statement inside your settings.php file. After
18 * finishing the upgrade, be sure to open settings.php again, and change it
19 * back to its original state!
94e30bf7 20 */
780a345f 21
66b7a5cb 22/**
967f4a1b
DB
23 * Global flag indicating that update.php is being run.
24 *
25 * When this flag is set, various operations do not take place, such as invoking
26 * hook_init() and hook_exit(), css/js preprocessing, and translation.
66b7a5cb 27 */
e9f52b42
H
28define('MAINTENANCE_MODE', 'update');
29
a19acb21 30function update_selection_page() {
7de41539 31 drupal_set_title('Drupal database update');
ff301288
DB
32 $elements = drupal_get_form('update_script_selection_form');
33 $output = drupal_render($elements);
7de41539 34
ba0ff1a9
SW
35 update_task_list('select');
36
7de41539
DB
37 return $output;
38}
39
b006ec6c 40function update_script_selection_form($form, &$form_state) {
74a7badf 41 $count = 0;
ec407ec9 42 $incompatible_count = 0;
7e1527ee 43 $form['start'] = array(
a19acb21
DB
44 '#tree' => TRUE,
45 '#type' => 'fieldset',
a19acb21 46 '#collapsed' => TRUE,
78e1919a 47 '#collapsible' => TRUE,
a19acb21 48 );
6a13ffef 49
967f4a1b 50 // Ensure system.module's updates appear first.
6a13ffef
SW
51 $form['start']['system'] = array();
52
d151ea91 53 $updates = update_get_update_list();
ec407ec9
AB
54 $starting_updates = array();
55 $incompatible_updates_exist = FALSE;
d151ea91
AB
56 foreach ($updates as $module => $update) {
57 if (!isset($update['start'])) {
58 $form['start'][$module] = array(
ff5cdeee
DB
59 '#type' => 'item',
60 '#title' => $module . ' module',
61 '#markup' => $update['warning'],
62 '#prefix' => '<div class="messages warning">',
d151ea91
AB
63 '#suffix' => '</div>',
64 );
ec407ec9 65 $incompatible_updates_exist = TRUE;
d151ea91
AB
66 continue;
67 }
68 if (!empty($update['pending'])) {
ec407ec9 69 $starting_updates[$module] = $update['start'];
d151ea91
AB
70 $form['start'][$module] = array(
71 '#type' => 'hidden',
72 '#value' => $update['start'],
73 );
74 $form['start'][$module . '_updates'] = array(
ec407ec9
AB
75 '#theme' => 'item_list',
76 '#items' => $update['pending'],
77 '#title' => $module . ' module',
d151ea91
AB
78 );
79 }
80 if (isset($update['pending'])) {
81 $count = $count + count($update['pending']);
a19acb21
DB
82 }
83 }
84
ec407ec9
AB
85 // Find and label any incompatible updates.
86 foreach (update_resolve_dependencies($starting_updates) as $function => $data) {
87 if (!$data['allowed']) {
88 $incompatible_updates_exist = TRUE;
89 $incompatible_count++;
90 $module_update_key = $data['module'] . '_updates';
91 if (isset($form['start'][$module_update_key]['#items'][$data['number']])) {
92 $text = $data['missing_dependencies'] ? 'This update will been skipped due to the following missing dependencies: <em>' . implode(', ', $data['missing_dependencies']) . '</em>' : "This update will be skipped due to an error in the module's code.";
93 $form['start'][$module_update_key]['#items'][$data['number']] .= '<div class="warning">' . $text . '</div>';
94 }
95 // Move the module containing this update to the top of the list.
96 $form['start'] = array($module_update_key => $form['start'][$module_update_key]) + $form['start'];
97 }
98 }
99
100 // Warn the user if any updates were incompatible.
101 if ($incompatible_updates_exist) {
102 drupal_set_message('Some of the pending updates cannot be applied because their dependencies were not met.', 'warning');
103 }
104
74a7badf 105 if (empty($count)) {
78e1919a
DB
106 drupal_set_message(t('No pending updates.'));
107 unset($form);
108 $form['links'] = array(
c05f2181 109 '#markup' => theme('item_list', array('items' => update_helpful_links())),
78e1919a 110 );
58237ba0 111
112 // No updates to run, so caches won't get flushed later. Clear them now.
113 drupal_flush_all_caches();
78e1919a
DB
114 }
115 else {
116 $form['help'] = array(
117 '#markup' => '<p>The version of Drupal you are updating from has been automatically detected.</p>',
118 '#weight' => -5,
119 );
ec407ec9
AB
120 if ($incompatible_count) {
121 $form['start']['#title'] = format_plural(
122 $count,
123 '1 pending update (@number_applied to be applied, @number_incompatible skipped)',
124 '@count pending updates (@number_applied to be applied, @number_incompatible skipped)',
125 array('@number_applied' => $count - $incompatible_count, '@number_incompatible' => $incompatible_count)
126 );
127 }
128 else {
129 $form['start']['#title'] = format_plural($count, '1 pending update', '@count pending updates');
130 }
78e1919a
DB
131 $form['has_js'] = array(
132 '#type' => 'hidden',
133 '#default_value' => FALSE,
78e1919a 134 );
45f4a1e1
DB
135 $form['actions'] = array('#type' => 'actions');
136 $form['actions']['submit'] = array(
78e1919a 137 '#type' => 'submit',
0de74c1b 138 '#value' => 'Apply pending updates',
78e1919a
DB
139 );
140 }
7de41539 141 return $form;
a19acb21
DB
142}
143
78e1919a 144function update_helpful_links() {
967f4a1b
DB
145 // NOTE: we can't use l() here because the URL would point to
146 // 'update.php?q=admin'.
a81858f5 147 $links[] = '<a href="' . base_path() . '">Front page</a>';
56d2664a 148 $links[] = '<a href="' . base_path() . '?q=admin">Administration pages</a>';
78e1919a
DB
149 return $links;
150}
151
152function update_results_page() {
153 drupal_set_title('Drupal database update');
154 $links = update_helpful_links();
3f2b287d 155
ba0ff1a9 156 update_task_list();
967f4a1b 157 // Report end result.
6cc4cc21 158 if (module_exists('dblog')) {
56d2664a 159 $log_message = ' All errors have been <a href="' . base_path() . '?q=admin/reports/dblog">logged</a>.';
6cc4cc21
H
160 }
161 else {
162 $log_message = ' All errors have been logged.';
163 }
164
c740ac7f 165 if ($_SESSION['update_success']) {
56d2664a 166 $output = '<p>Updates were attempted. If you see no failures below, you may proceed happily to the <a href="' . base_path() . '?q=admin">administration pages</a>. Otherwise, you may need to update your database manually.' . $log_message . '</p>';
3f2b287d
SW
167 }
168 else {
c740ac7f 169 list($module, $version) = array_pop(reset($_SESSION['updates_remaining']));
56d2664a 170 $output = '<p class="error">The update process was aborted prematurely while running <strong>update #' . $version . ' in ' . $module . '.module</strong>.' . $log_message;
6cc4cc21
H
171 if (module_exists('dblog')) {
172 $output .= ' You may need to check the <code>watchdog</code> database table manually.';
173 }
174 $output .= '</p>';
3f2b287d
SW
175 }
176
13727009
H
177 if (!empty($GLOBALS['update_free_access'])) {
178 $output .= "<p><strong>Reminder: don't forget to set the <code>\$update_free_access</code> value in your <code>settings.php</code> file back to <code>FALSE</code>.</strong></p>";
0a4f99ef 179 }
e66371ca 180
c05f2181 181 $output .= theme('item_list', array('items' => $links));
a19acb21 182
967f4a1b 183 // Output a list of queries executed.
cb34d838 184 if (!empty($_SESSION['update_results'])) {
6cff2ebd 185 $all_messages = '';
a19acb21 186 foreach ($_SESSION['update_results'] as $module => $updates) {
ec407ec9 187 if ($module != '#abort') {
6cff2ebd
AB
188 $module_has_message = FALSE;
189 $query_messages = '';
ec407ec9 190 foreach ($updates as $number => $queries) {
95e95bfb 191 $messages = array();
b05a49e4 192 foreach ($queries as $query) {
95e95bfb
DB
193 // If there is no message for this update, don't show anything.
194 if (empty($query['query'])) {
195 continue;
196 }
6cff2ebd 197
b05a49e4 198 if ($query['success']) {
95e95bfb 199 $messages[] = '<li class="success">' . $query['query'] . '</li>';
b05a49e4
H
200 }
201 else {
95e95bfb 202 $messages[] = '<li class="failure"><strong>Failed:</strong> ' . $query['query'] . '</li>';
b05a49e4 203 }
a19acb21 204 }
95e95bfb
DB
205
206 if ($messages) {
6cff2ebd
AB
207 $module_has_message = TRUE;
208 $query_messages .= '<h4>Update #' . $number . "</h4>\n";
209 $query_messages .= '<ul>' . implode("\n", $messages) . "</ul>\n";
a19acb21
DB
210 }
211 }
6cff2ebd
AB
212
213 // If there were any messages in the queries then prefix them with the
214 // module name and add it to the global message list.
215 if ($module_has_message) {
216 $all_messages .= '<h3>' . $module . " module</h3>\n" . $query_messages;
217 }
a19acb21
DB
218 }
219 }
6cff2ebd
AB
220 if ($all_messages) {
221 $output .= '<div id="update-results"><h2>The following updates returned messages</h2>';
222 $output .= $all_messages;
223 $output .= '</div>';
224 }
a19acb21 225 }
c740ac7f
H
226 unset($_SESSION['update_results']);
227 unset($_SESSION['update_success']);
a19acb21 228
05014a31 229 return $output;
0a4f99ef
KM
230}
231
05014a31 232function update_info_page() {
66b7a5cb
H
233 // Change query-strings on css/js files to enforce reload for all users.
234 _drupal_flush_css_js();
46c1d923
H
235 // Flush the cache of all data for the update status module.
236 if (db_table_exists('cache_update')) {
17e3d1fc 237 cache_clear_all('*', 'cache_update', TRUE);
46c1d923 238 }
66b7a5cb 239
ba0ff1a9 240 update_task_list('info');
e5ad13e3 241 drupal_set_title('Drupal database update');
c11454db 242 $token = drupal_get_token('update');
a2ab3fd8 243 $output = '<p>Use this utility to update your database whenever a new release of Drupal or a module is installed.</p><p>For more detailed information, see the <a href="http://drupal.org/upgrade">upgrading handbook</a>. If you are unsure what these terms mean you should probably contact your hosting provider.</p>';
eaaba7cb
SW
244 $output .= "<ol>\n";
245 $output .= "<li><strong>Back up your database</strong>. This process will change your database values and in case of emergency you may need to revert to a backup.</li>\n";
246 $output .= "<li><strong>Back up your code</strong>. Hint: when backing up module code, do not leave that backup in the 'modules' or 'sites/*/modules' directories as this may confuse Drupal's auto-discovery mechanism.</li>\n";
9a34f7a1 247 $output .= '<li>Put your site into <a href="' . base_path() . '?q=admin/config/development/maintenance">maintenance mode</a>.</li>' . "\n";
eaaba7cb
SW
248 $output .= "<li>Install your new files in the appropriate location, as described in the handbook.</li>\n";
249 $output .= "</ol>\n";
250 $output .= "<p>When you have performed the steps above, you may proceed.</p>\n";
56467535 251 $form_action = check_url(drupal_current_script_url(array('op' => 'selection', 'token' => $token)));
252 $output .= '<form method="post" action="' . $form_action . '"><p><input type="submit" value="Continue" class="form-submit" /></p></form>';
eaaba7cb 253 $output .= "\n";
05014a31
SW
254 return $output;
255}
256
257function update_access_denied_page() {
e1ce11da 258 drupal_add_http_header('Status', '403 Forbidden');
7df3f372 259 watchdog('access denied', 'update.php', NULL, WATCHDOG_WARNING);
05014a31 260 drupal_set_title('Access denied');
364238c5 261 return '<p>Access denied. You are not authorized to access this page. Log in using either an account with the <em>administer software updates</em> permission or the site maintenance account (the account you created during installation). If you cannot log in, you will have to edit <code>settings.php</code> to bypass this access check. To do this:</p>
05014a31 262<ol>
13727009
H
263 <li>With a text editor find the settings.php file on your system. From the main Drupal directory that you installed all the files into, go to <code>sites/your_site_name</code> if such directory exists, or else to <code>sites/default</code> which applies otherwise.</li>
264 <li>There is a line inside your settings.php file that says <code>$update_free_access = FALSE;</code>. Change it to <code>$update_free_access = TRUE;</code>.</li>
265 <li>As soon as the update.php script is done, you must change the settings.php file back to its original form with <code>$update_free_access = FALSE;</code>.</li>
7df3f372 266 <li>To avoid having this problem in the future, remember to log in to your website using either an account with the <em>administer software updates</em> permission or the site maintenance account (the account you created during installation) before you backup your database at the beginning of the update process.</li>
05014a31 267</ol>';
0a4f99ef 268}
497ab799 269
ba0ff1a9 270/**
7df3f372
AB
271 * Determines if the current user is allowed to run update.php.
272 *
273 * @return
274 * TRUE if the current user should be granted access, or FALSE otherwise.
275 */
276function update_access_allowed() {
277 global $update_free_access, $user;
278
279 // Allow the global variable in settings.php to override the access check.
280 if (!empty($update_free_access)) {
281 return TRUE;
282 }
283 // Calls to user_access() might fail during the Drupal 6 to 7 update process,
284 // so we fall back on requiring that the user be logged in as user #1.
285 try {
d4200e26 286 require_once DRUPAL_ROOT . '/' . drupal_get_path('module', 'user') . '/user.module';
7df3f372
AB
287 return user_access('administer software updates');
288 }
289 catch (Exception $e) {
290 return ($user->uid == 1);
291 }
292}
293
294/**
ba0ff1a9
SW
295 * Add the update task list to the current page.
296 */
297function update_task_list($active = NULL) {
298 // Default list of tasks.
299 $tasks = array(
bbe7b774 300 'requirements' => 'Verify requirements',
ba0ff1a9 301 'info' => 'Overview',
78e1919a 302 'select' => 'Review updates',
ba0ff1a9
SW
303 'run' => 'Run updates',
304 'finished' => 'Review log',
305 );
306
c05f2181 307 drupal_add_region_content('sidebar_first', theme('task_list', array('items' => $tasks, 'active' => $active)));
ba0ff1a9
SW
308}
309
44d71e1e 310/**
bbe7b774
DB
311 * Returns (and optionally stores) extra requirements that only apply during
312 * particular parts of the update.php process.
44d71e1e 313 */
bbe7b774
DB
314function update_extra_requirements($requirements = NULL) {
315 static $extra_requirements = array();
316 if (isset($requirements)) {
317 $extra_requirements += $requirements;
44d71e1e 318 }
bbe7b774 319 return $extra_requirements;
27369e8b
AB
320}
321
322/**
56467535 323 * Check update requirements and report any errors or (optionally) warnings.
324 *
325 * @param $skip_warnings
326 * (optional) If set to TRUE, requirement warnings will be ignored, and a
327 * report will only be issued if there are requirement errors. Defaults to
328 * FALSE.
27369e8b 329 */
56467535 330function update_check_requirements($skip_warnings = FALSE) {
729a23e1
DB
331 // Check requirements of all loaded modules.
332 $requirements = module_invoke_all('requirements', 'update');
bbe7b774
DB
333 $requirements += update_extra_requirements();
334 $severity = drupal_requirements_severity($requirements);
335
56467535 336 // If there are errors, always display them. If there are only warnings, skip
337 // them if the caller has indicated they should be skipped.
338 if ($severity == REQUIREMENT_ERROR || ($severity == REQUIREMENT_WARNING && !$skip_warnings)) {
bbe7b774
DB
339 update_task_list('requirements');
340 drupal_set_title('Requirements problem');
c05f2181 341 $status_report = theme('status_report', array('requirements' => $requirements));
56467535 342 $status_report .= 'Check the error messages and <a href="' . check_url(drupal_requirements_url($severity)) . '">try again</a>.';
c05f2181 343 print theme('update_page', array('content' => $status_report));
bbe7b774 344 exit();
27369e8b 345 }
44d71e1e
H
346}
347
a5bbf6ca 348// Some unavoidable errors happen because the database is not yet up-to-date.
70aae83c 349// Our custom error handler is not yet installed, so we just suppress them.
3f2b287d
SW
350ini_set('display_errors', FALSE);
351
bbe7b774
DB
352// We prepare a minimal bootstrap for the update requirements check to avoid
353// reaching the PHP memory limit.
a3bb66e4 354require_once DRUPAL_ROOT . '/includes/bootstrap.inc';
40c8986a 355require_once DRUPAL_ROOT . '/includes/update.inc';
3f36af04 356require_once DRUPAL_ROOT . '/includes/common.inc';
97b7f029 357require_once DRUPAL_ROOT . '/includes/file.inc';
3f36af04 358require_once DRUPAL_ROOT . '/includes/entity.inc';
8e22c485 359require_once DRUPAL_ROOT . '/includes/unicode.inc';
bbe7b774 360update_prepare_d7_bootstrap();
44d71e1e 361
faa920f9
DB
362// Temporarily disable configurable timezones so the upgrade process uses the
363// site-wide timezone. This prevents a PHP notice during session initlization
364// and before offsets have been converted in user_update_7002().
365$configurable_timezones = variable_get('configurable_timezones', 1);
366$conf['configurable_timezones'] = 0;
367
bbe7b774
DB
368// Determine if the current user has access to run update.php.
369drupal_bootstrap(DRUPAL_BOOTSTRAP_SESSION);
44d71e1e 370
faa920f9
DB
371// Reset configurable timezones.
372$conf['configurable_timezones'] = $configurable_timezones;
373
bbe7b774
DB
374// Only allow the requirements check to proceed if the current user has access
375// to run updates (since it may expose sensitive information about the site's
376// configuration).
377$op = isset($_REQUEST['op']) ? $_REQUEST['op'] : '';
7df3f372 378if (empty($op) && update_access_allowed()) {
a3bb66e4 379 require_once DRUPAL_ROOT . '/includes/install.inc';
a3bb66e4 380 require_once DRUPAL_ROOT . '/modules/system/system.install';
44d71e1e
H
381
382 // Load module basics.
a3bb66e4 383 include_once DRUPAL_ROOT . '/includes/module.inc';
44d71e1e 384 $module_list['system']['filename'] = 'modules/system/system.module';
2c552193 385 module_list(TRUE, FALSE, FALSE, $module_list);
44d71e1e 386 drupal_load('module', 'system');
44d71e1e 387
a8b3369b
DB
388 // Reset the module_implements() cache so that any new hook implementations
389 // in updated code are picked up.
390 module_implements('', FALSE, TRUE);
391
44d71e1e 392 // Set up $language, since the installer components require it.
ef09cf93 393 drupal_language_initialize();
44d71e1e
H
394
395 // Set up theme system for the maintenance page.
396 drupal_maintenance_theme();
397
56467535 398 // Check the update requirements for Drupal. Only report on errors at this
399 // stage, since the real requirements check happens further down.
400 update_check_requirements(TRUE);
27369e8b 401
bbe7b774 402 // Redirect to the update information page if all requirements were met.
44d71e1e
H
403 install_goto('update.php?op=info');
404}
cb49e19e 405
cc88a199
AB
406// update_fix_d7_requirements() needs to run before bootstrapping beyond path.
407// So bootstrap to DRUPAL_BOOTSTRAP_LANGUAGE then include unicode.inc.
408
409drupal_bootstrap(DRUPAL_BOOTSTRAP_LANGUAGE);
410include_once DRUPAL_ROOT . '/includes/unicode.inc';
411
412update_fix_d7_requirements();
413
414// Now proceed with a full bootstrap.
415
a19acb21 416drupal_bootstrap(DRUPAL_BOOTSTRAP_FULL);
e5ad13e3 417drupal_maintenance_theme();
3029da00 418
cb49e19e
GK
419// Turn error reporting back on. From now on, only fatal errors (which are
420// not passed through the error handler) will cause a message to be printed.
421ini_set('display_errors', TRUE);
422
bbe7b774 423// Only proceed with updates if the user is allowed to run them.
7df3f372 424if (update_access_allowed()) {
cb49e19e 425
a3bb66e4
AB
426 include_once DRUPAL_ROOT . '/includes/install.inc';
427 include_once DRUPAL_ROOT . '/includes/batch.inc';
90acf993 428 drupal_load_updates();
d026d15d 429
29eb5a62 430 update_fix_compatibility();
05014a31 431
56467535 432 // Check the update requirements for all modules. If there are warnings, but
433 // no errors, skip reporting them if the user has provided a URL parameter
434 // acknowledging the warnings and indicating a desire to continue anyway. See
435 // drupal_requirements_url().
436 $skip_warnings = !empty($_GET['continue']);
437 update_check_requirements($skip_warnings);
729a23e1 438
a19acb21
DB
439 $op = isset($_REQUEST['op']) ? $_REQUEST['op'] : '';
440 switch ($op) {
967f4a1b 441 // update.php ops.
a19acb21 442
c740ac7f 443 case 'selection':
c11454db
DB
444 if (isset($_GET['token']) && $_GET['token'] == drupal_get_token('update')) {
445 $output = update_selection_page();
446 break;
447 }
a19acb21 448
7cc7e080 449 case 'Apply pending updates':
c11454db 450 if (isset($_GET['token']) && $_GET['token'] == drupal_get_token('update')) {
56467535 451 // Generate absolute URLs for the batch processing (using $base_root),
452 // since the batch API will pass them to url() which does not handle
453 // update.php correctly by default.
454 $batch_url = $base_root . drupal_current_script_url();
455 $redirect_url = $base_root . drupal_current_script_url(array('op' => 'results'));
456 update_batch($_POST['start'], $redirect_url, $batch_url);
c11454db
DB
457 break;
458 }
459
460 case 'info':
461 $output = update_info_page();
a19acb21
DB
462 break;
463
c740ac7f
H
464 case 'results':
465 $output = update_results_page();
a19acb21
DB
466 break;
467
967f4a1b 468 // Regular batch ops : defer to batch processing API.
a19acb21 469 default:
c740ac7f
H
470 update_task_list('run');
471 $output = _batch_page();
a19acb21 472 break;
c1f6ab3b
KM
473 }
474}
475else {
a19acb21 476 $output = update_access_denied_page();
05014a31 477}
c740ac7f 478if (isset($output) && $output) {
d967abdf 479 // Explicitly start a session so that the update.php token will be accepted.
63ac367e 480 drupal_session_start();
fc8b22c6
H
481 // We defer the display of messages until all updates are done.
482 $progress_page = ($batch = batch_get()) && isset($batch['running']);
c05f2181 483 print theme('update_page', array('content' => $output, 'show_messages' => !$progress_page));
599fae43 484}