drupal/includes/authorize.inc

<?php
// $Id: authorize.inc,v 1.3 2009/10/27 03:27:00 webchick Exp $

/**
 * @file
 * Helper functions and form handlers used for the authorize.php script.
 */

/**
 * Build the form for choosing a FileTransfer type and supplying credentials.
 */
function authorize_filetransfer_form($form_state) {
  global $base_url, $is_https;
  $form = array();

  // If possible, we want to post this form securely via https.
  $form['#https'] = TRUE;

  // CSS we depend on lives in modules/system/maintenance.css, which is loaded
  // via the default maintenance theme.
  $form['#attached']['js'][] = $base_url . '/misc/authorize.js';
  
  // Get all the available ways to transfer files.
  if (empty($_SESSION['authorize_filetransfer_backends'])) {
    drupal_set_message(t('Unable to continue, no available methods of file transfer'), 'error');
    return array();
  }
  $available_backends = $_SESSION['authorize_filetransfer_backends'];
  uasort($available_backends, 'drupal_sort_weight');

  if (!$is_https) {
    drupal_set_message(t('WARNING: You are not using an encrypted connection, so your password will be sent in plain text. <a href="@https-link">Learn more</a>.', array('@https-link' => 'http://drupal.org/https-information')), 'error');
  }

  // Decide on a default backend.
  if (isset($form_state['values']['connection_settings']['authorize_filetransfer_default'])) {
    $authorize_filetransfer_default = $form_state['values']['connection_settings']['authorize_filetransfer_default'];
  }
  elseif ($authorize_filetransfer_default = variable_get('authorize_filetransfer_default', NULL));
  else {
    $authorize_filetransfer_default = key($available_backends);
  }

  $form['information']['main_header'] = array(
    '#prefix' => '<h3>',
    '#markup' => t('To continue, please provide your server connection details'),
    '#suffix' => '</h3>',
  );

  $form['connection_settings']['#tree'] = TRUE;
  $form['connection_settings']['authorize_filetransfer_default'] = array(
    '#type' => 'select',
    '#title' => t('Connection method'),
    '#default_value' => $authorize_filetransfer_default,
    '#weight' => -10,
  );

  /*
   * Here we create two submit buttons. For a JS enabled client, they will
   * only ever see submit_process. However, if a client doesn't have JS
   * enabled, they will see submit_connection on the first form (when picking
   * what filetranfer type to use, and submit_process on the second one (which
   * leads to the actual operation).
   */
  $form['submit_connection'] = array(
    '#prefix' => "<br style='clear:both'/>",
    '#name' => 'enter_connection_settings',
    '#type' => 'submit',
    '#value' => t('Enter connection settings'),
    '#weight' => 100,
  );

  $form['submit_process'] = array(
    '#name' => 'process_updates',
    '#type' => 'submit',
    '#value' => t('Continue'),
    '#weight' => 100,
    '#attributes' => array('style' => 'display:none'),
  );

  // Build a hidden fieldset for each one.
  foreach ($available_backends as $name => $backend) {
    $form['connection_settings']['authorize_filetransfer_default']['#options'][$name] = $backend['title'];
    $form['connection_settings'][$name] = array(
      '#type' => 'fieldset',
      '#attributes' => array('class' => "filetransfer-$name filetransfer"),
      '#title' => t('@backend connection settings', array('@backend' => $backend['title'])),
    );

    $current_settings = variable_get('authorize_filetransfer_connection_settings_' . $name, array());
    $form['connection_settings'][$name] += system_get_filetransfer_settings_form($name, $current_settings);

    // Start non-JS code.
    if (isset($form_state['values']['connection_settings']['authorize_filetransfer_default']) && $form_state['values']['connection_settings']['authorize_filetransfer_default'] == $name) {

      // If the user switches from JS to non-JS, Drupal (and Batch API) will
      // barf. This is a known bug: http://drupal.org/node/229825.
      setcookie('has_js', '', time() - 3600, '/');
      unset($_COOKIE['has_js']);

      // Change the submit button to the submit_process one.
      $form['submit_process']['#attributes'] = array();
      unset($form['submit_connection']);

      // Activate the proper filetransfer settings form.
      $form['connection_settings'][$name]['#attributes']['style'] = 'display:block';
      // Disable the select box.
      $form['connection_settings']['authorize_filetransfer_default']['#disabled'] = TRUE;

      // Create a button for changing the type of connection.
      $form['connection_settings']['change_connection_type'] = array(
        '#name' => 'change_connection_type',
        '#type' => 'submit',
        '#value' => t('Change connection type'),
        '#weight' => -5,
        '#attributes' => array('class' => 'filetransfer-change-connection-type'),
      );
    }
    // End non-JS code.
  }
  return $form;
}

/**
 * Validate callback for the filetransfer authorization form.
 *
 * @see authorize_filetransfer_form()
 */
function authorize_filetransfer_form_validate($form, &$form_state) {
  if (isset($form_state['values']['connection_settings'])) {
    $backend = $form_state['values']['connection_settings']['authorize_filetransfer_default'];
    $filetransfer = authorize_get_filetransfer($backend, $form_state['values']['connection_settings'][$backend]);
    try {
      if (!$filetransfer) {
        throw new Exception(t('Error, this type of connection protocol (%backend) does not exist.', array('%backend' => $backend)));
      }
      $filetransfer->connect();
    }
    catch (Exception $e) {
      form_set_error('connection_settings', $e->getMessage());
    }
  }
}

/**
 * Submit callback when a file transfer is being authorized.
 *
 * @see authorize_filetransfer_form()
 */
function authorize_filetransfer_form_submit($form, &$form_state) {
  global $base_url;
  switch ($form_state['clicked_button']['#name']) {
    case 'process_updates':

      // Save the connection settings to the DB.
      $filetransfer_backend = $form_state['values']['connection_settings']['authorize_filetransfer_default'];

      // If the database is available then try to save our settings. We have
      // to make sure it is available since this code could potentially (will
      // likely) be called during the installation process, before the
      // database is set up.
      if (db_is_active()) {
        $connection_settings = array();
        foreach ($form_state['values']['connection_settings'][$filetransfer_backend] as $key => $value) {
          // We do *not* want to store passwords in the database, unless the
          // backend explicitly says so via the magic #filetransfer_save form
          // property. Otherwise, we store everything that's not explicitly
          // marked with #filetransfer_save set to FALSE.
          if (!isset($form['connection_settings'][$filetransfer_backend][$key]['#filetransfer_save'])) {
            if ($form['connection_settings'][$filetransfer_backend][$key]['#type'] != 'password') {
              $connection_settings[$key] = $value;
            }
          }
          // The attribute is defined, so only save if set to TRUE.
          elseif ($form['connection_settings'][$filetransfer_backend][$key]['#filetransfer_save']) {
            $connection_settings[$key] = $value;
          }
        }
        // Set this one as the default authorize method.
        variable_set('authorize_filetransfer_default', $filetransfer_backend);
        // Save the connection settings minus the password.
        variable_set('authorize_filetransfer_connection_settings_' . $filetransfer_backend, $connection_settings);

        $filetransfer = authorize_get_filetransfer($filetransfer_backend, $form_state['values']['connection_settings'][$filetransfer_backend]);
        
        // Now run the operation.
        authorize_run_operation($filetransfer);
      }
      break;

    case 'enter_connection_settings':
      $form_state['rebuild'] = TRUE;
      break;

    case 'change_connection_type':
      $form_state['rebuild'] = TRUE;
      unset($form_state['values']['connection_settings']['authorize_filetransfer_default']);
      break;
  }
}

/**
 * Run the operation specified in $_SESSION['authorize_operation']
 *
 * @param $filetransfer
 *   The FileTransfer object to use for running the operation.
 */
function authorize_run_operation($filetransfer) {
  $operation = $_SESSION['authorize_operation'];
  unset($_SESSION['authorize_operation']);

  if (!empty($operation['page_title'])) {
    drupal_set_title(check_plain($operation['page_title']));
  }

  require_once DRUPAL_ROOT . '/' . $operation['file'];
  call_user_func_array($operation['callback'], array_merge(array($filetransfer), $operation['arguments']));
}

/**
 * Get a FileTransfer class for a specific transfer method and settings.
 *
 * @param $backend
 *   The FileTransfer backend to get the class for.
 * @param $settings
 *   Array of settings for the FileTransfer.
 * @return
 *   An instantiated FileTransfer object for the requested method and settings,
 *   or FALSE if there was an error finding or instantiating it.
 */
function authorize_get_filetransfer($backend, $settings = array()) {
  $filetransfer = FALSE;
  if (!empty($_SESSION['authorize_filetransfer_backends'][$backend])) {
    $filetransfer = call_user_func_array(array($_SESSION['authorize_filetransfer_backends'][$backend]['class'], 'factory'), array(DRUPAL_ROOT, $settings));
  }
  return $filetransfer;
}

1	<?php
2	// $Id: authorize.inc,v 1.3 2009/10/27 03:27:00 webchick Exp $
3
4	/**
5	* @file
6	* Helper functions and form handlers used for the authorize.php script.
7	*/
8
9	/**
10	* Build the form for choosing a FileTransfer type and supplying credentials.
11	*/
12	function authorize_filetransfer_form($form_state) {
13	global $base_url, $is_https;
14	$form = array();
15
16	// If possible, we want to post this form securely via https.
17	$form['#https'] = TRUE;
18
19	// CSS we depend on lives in modules/system/maintenance.css, which is loaded
20	// via the default maintenance theme.
21	$form['#attached']['js'][] = $base_url . '/misc/authorize.js';
22
23	// Get all the available ways to transfer files.
24	if (empty($_SESSION['authorize_filetransfer_backends'])) {
25	drupal_set_message(t('Unable to continue, no available methods of file transfer'), 'error');
26	return array();
27	}
28	$available_backends = $_SESSION['authorize_filetransfer_backends'];
29	uasort($available_backends, 'drupal_sort_weight');
30
31	if (!$is_https) {
32	drupal_set_message(t('WARNING: You are not using an encrypted connection, so your password will be sent in plain text. <a href="@https-link">Learn more</a>.', array('@https-link' => 'http://drupal.org/https-information')), 'error');
33	}
34
35	// Decide on a default backend.
36	if (isset($form_state['values']['connection_settings']['authorize_filetransfer_default'])) {
37	$authorize_filetransfer_default = $form_state['values']['connection_settings']['authorize_filetransfer_default'];
38	}
39	elseif ($authorize_filetransfer_default = variable_get('authorize_filetransfer_default', NULL));
40	else {
41	$authorize_filetransfer_default = key($available_backends);
42	}
43
44	$form['information']['main_header'] = array(
45	'#prefix' => '<h3>',
46	'#markup' => t('To continue, please provide your server connection details'),
47	'#suffix' => '</h3>',
48	);
49
50	$form['connection_settings']['#tree'] = TRUE;
51	$form['connection_settings']['authorize_filetransfer_default'] = array(
52	'#type' => 'select',
53	'#title' => t('Connection method'),
54	'#default_value' => $authorize_filetransfer_default,
55	'#weight' => -10,
56	);
57
58	/*
59	* Here we create two submit buttons. For a JS enabled client, they will
60	* only ever see submit_process. However, if a client doesn't have JS
61	* enabled, they will see submit_connection on the first form (when picking
62	* what filetranfer type to use, and submit_process on the second one (which
63	* leads to the actual operation).
64	*/
65	$form['submit_connection'] = array(
66	'#prefix' => "<br style='clear:both'/>",
67	'#name' => 'enter_connection_settings',
68	'#type' => 'submit',
69	'#value' => t('Enter connection settings'),
70	'#weight' => 100,
71	);
72
73	$form['submit_process'] = array(
74	'#name' => 'process_updates',
75	'#type' => 'submit',
76	'#value' => t('Continue'),
77	'#weight' => 100,
78	'#attributes' => array('style' => 'display:none'),
79	);
80
81	// Build a hidden fieldset for each one.
82	foreach ($available_backends as $name => $backend) {
83	$form['connection_settings']['authorize_filetransfer_default']['#options'][$name] = $backend['title'];
84	$form['connection_settings'][$name] = array(
85	'#type' => 'fieldset',
86	'#attributes' => array('class' => "filetransfer-$name filetransfer"),
87	'#title' => t('@backend connection settings', array('@backend' => $backend['title'])),
88	);
89
90	$current_settings = variable_get('authorize_filetransfer_connection_settings_' . $name, array());
91	$form['connection_settings'][$name] += system_get_filetransfer_settings_form($name, $current_settings);
92
93	// Start non-JS code.
94	if (isset($form_state['values']['connection_settings']['authorize_filetransfer_default']) && $form_state['values']['connection_settings']['authorize_filetransfer_default'] == $name) {
95
96	// If the user switches from JS to non-JS, Drupal (and Batch API) will
97	// barf. This is a known bug: http://drupal.org/node/229825.
98	setcookie('has_js', '', time() - 3600, '/');
99	unset($_COOKIE['has_js']);
100
101	// Change the submit button to the submit_process one.
102	$form['submit_process']['#attributes'] = array();
103	unset($form['submit_connection']);
104
105	// Activate the proper filetransfer settings form.
106	$form['connection_settings'][$name]['#attributes']['style'] = 'display:block';
107	// Disable the select box.
108	$form['connection_settings']['authorize_filetransfer_default']['#disabled'] = TRUE;
109
110	// Create a button for changing the type of connection.
111	$form['connection_settings']['change_connection_type'] = array(
112	'#name' => 'change_connection_type',
113	'#type' => 'submit',
114	'#value' => t('Change connection type'),
115	'#weight' => -5,
116	'#attributes' => array('class' => 'filetransfer-change-connection-type'),
117	);
118	}
119	// End non-JS code.
120	}
121	return $form;
122	}
123
124	/**
125	* Validate callback for the filetransfer authorization form.
126	*
127	* @see authorize_filetransfer_form()
128	*/
129	function authorize_filetransfer_form_validate($form, &$form_state) {
130	if (isset($form_state['values']['connection_settings'])) {
131	$backend = $form_state['values']['connection_settings']['authorize_filetransfer_default'];
132	$filetransfer = authorize_get_filetransfer($backend, $form_state['values']['connection_settings'][$backend]);
133	try {
134	if (!$filetransfer) {
135	throw new Exception(t('Error, this type of connection protocol (%backend) does not exist.', array('%backend' => $backend)));
136	}
137	$filetransfer->connect();
138	}
139	catch (Exception $e) {
140	form_set_error('connection_settings', $e->getMessage());
141	}
142	}
143	}
144
145	/**
146	* Submit callback when a file transfer is being authorized.
147	*
148	* @see authorize_filetransfer_form()
149	*/
150	function authorize_filetransfer_form_submit($form, &$form_state) {
151	global $base_url;
152	switch ($form_state['clicked_button']['#name']) {
153	case 'process_updates':
154
155	// Save the connection settings to the DB.
156	$filetransfer_backend = $form_state['values']['connection_settings']['authorize_filetransfer_default'];
157
158	// If the database is available then try to save our settings. We have
159	// to make sure it is available since this code could potentially (will
160	// likely) be called during the installation process, before the
161	// database is set up.
162	if (db_is_active()) {
163	$connection_settings = array();
164	foreach ($form_state['values']['connection_settings'][$filetransfer_backend] as $key => $value) {
165	// We do not want to store passwords in the database, unless the
166	// backend explicitly says so via the magic #filetransfer_save form
167	// property. Otherwise, we store everything that's not explicitly
168	// marked with #filetransfer_save set to FALSE.
169	if (!isset($form['connection_settings'][$filetransfer_backend][$key]['#filetransfer_save'])) {
170	if ($form['connection_settings'][$filetransfer_backend][$key]['#type'] != 'password') {
171	$connection_settings[$key] = $value;
172	}
173	}
174	// The attribute is defined, so only save if set to TRUE.
175	elseif ($form['connection_settings'][$filetransfer_backend][$key]['#filetransfer_save']) {
176	$connection_settings[$key] = $value;
177	}
178	}
179	// Set this one as the default authorize method.
180	variable_set('authorize_filetransfer_default', $filetransfer_backend);
181	// Save the connection settings minus the password.
182	variable_set('authorize_filetransfer_connection_settings_' . $filetransfer_backend, $connection_settings);
183
184	$filetransfer = authorize_get_filetransfer($filetransfer_backend, $form_state['values']['connection_settings'][$filetransfer_backend]);
185
186	// Now run the operation.
187	authorize_run_operation($filetransfer);
188	}
189	break;
190
191	case 'enter_connection_settings':
192	$form_state['rebuild'] = TRUE;
193	break;
194
195	case 'change_connection_type':
196	$form_state['rebuild'] = TRUE;
197	unset($form_state['values']['connection_settings']['authorize_filetransfer_default']);
198	break;
199	}
200	}
201
202	/**
203	* Run the operation specified in $_SESSION['authorize_operation']
204	*
205	* @param $filetransfer
206	* The FileTransfer object to use for running the operation.
207	*/
208	function authorize_run_operation($filetransfer) {
209	$operation = $_SESSION['authorize_operation'];
210	unset($_SESSION['authorize_operation']);
211
212	if (!empty($operation['page_title'])) {
213	drupal_set_title(check_plain($operation['page_title']));
214	}
215
216	require_once DRUPAL_ROOT . '/' . $operation['file'];
217	call_user_func_array($operation['callback'], array_merge(array($filetransfer), $operation['arguments']));
218	}
219
220	/**
221	* Get a FileTransfer class for a specific transfer method and settings.
222	*
223	* @param $backend
224	* The FileTransfer backend to get the class for.
225	* @param $settings
226	* Array of settings for the FileTransfer.
227	* @return
228	* An instantiated FileTransfer object for the requested method and settings,
229	* or FALSE if there was an error finding or instantiating it.
230	*/
231	function authorize_get_filetransfer($backend, $settings = array()) {
232	$filetransfer = FALSE;
233	if (!empty($_SESSION['authorize_filetransfer_backends'][$backend])) {
234	$filetransfer = call_user_func_array(array($_SESSION['authorize_filetransfer_backends'][$backend]['class'], 'factory'), array(DRUPAL_ROOT, $settings));
235	}
236	return $filetransfer;
237	}
238