Club Drupal

<?php

/**

 * @file

 * Functions that need to be loaded on every Drupal request.

 */

/**

 * The current system version.

 */

define('VERSION', '7.26');

/**

 * Core API compatibility.

 */

define('DRUPAL_CORE_COMPATIBILITY', '7.x');

/**

 * Minimum supported version of PHP.

 */

define('DRUPAL_MINIMUM_PHP', '5.2.4');

/**

 * Minimum recommended value of PHP memory_limit.

 */

define('DRUPAL_MINIMUM_PHP_MEMORY_LIMIT', '32M');

/**

 * Error reporting level: display no errors.

 */

define('ERROR_REPORTING_HIDE', 0);

/**

 * Error reporting level: display errors and warnings.

 */

define('ERROR_REPORTING_DISPLAY_SOME', 1);

/**

 * Error reporting level: display all messages.

 */

define('ERROR_REPORTING_DISPLAY_ALL', 2);

/**

 * Indicates that the item should never be removed unless explicitly selected.

 *

 * The item may be removed using cache_clear_all() with a cache ID.

 */

define('CACHE_PERMANENT', 0);

/**

 * Indicates that the item should be removed at the next general cache wipe.

 */

define('CACHE_TEMPORARY', -1);

/**

 * @defgroup logging_severity_levels Logging severity levels

 * @{

 * Logging severity levels as defined in RFC 3164.

 *

 * The WATCHDOG_* constant definitions correspond to the logging severity levels

 * defined in RFC 3164, section 4.1.1. PHP supplies predefined LOG_* constants

 * for use in the syslog() function, but their values on Windows builds do not

 * correspond to RFC 3164. The associated PHP bug report was closed with the

 * comment, "And it's also not a bug, as Windows just have less log levels,"

 * and "So the behavior you're seeing is perfectly normal."

 *

 * @see http://www.faqs.org/rfcs/rfc3164.html

 * @see http://bugs.php.net/bug.php?id=18090

 * @see http://php.net/manual/function.syslog.php

 * @see http://php.net/manual/network.constants.php

 * @see watchdog()

 * @see watchdog_severity_levels()

 */

/**

 * Log message severity -- Emergency: system is unusable.

 */

define('WATCHDOG_EMERGENCY', 0);

/**

 * Log message severity -- Alert: action must be taken immediately.

 */

define('WATCHDOG_ALERT', 1);

/**

 * Log message severity -- Critical conditions.

 */

define('WATCHDOG_CRITICAL', 2);

/**

 * Log message severity -- Error conditions.

 */

define('WATCHDOG_ERROR', 3);

/**

 * Log message severity -- Warning conditions.

 */

define('WATCHDOG_WARNING', 4);

/**

 * Log message severity -- Normal but significant conditions.

 */

define('WATCHDOG_NOTICE', 5);

/**

 * Log message severity -- Informational messages.

 */

define('WATCHDOG_INFO', 6);

/**

 * Log message severity -- Debug-level messages.

 */

define('WATCHDOG_DEBUG', 7);

/**

 * @} End of "defgroup logging_severity_levels".

 */

/**

 * First bootstrap phase: initialize configuration.

 */

define('DRUPAL_BOOTSTRAP_CONFIGURATION', 0);

/**

 * Second bootstrap phase: try to serve a cached page.

 */

define('DRUPAL_BOOTSTRAP_PAGE_CACHE', 1);

/**

 * Third bootstrap phase: initialize database layer.

 */

define('DRUPAL_BOOTSTRAP_DATABASE', 2);

/**

 * Fourth bootstrap phase: initialize the variable system.

 */

define('DRUPAL_BOOTSTRAP_VARIABLES', 3);

/**

 * Fifth bootstrap phase: initialize session handling.

 */

define('DRUPAL_BOOTSTRAP_SESSION', 4);

/**

 * Sixth bootstrap phase: set up the page header.

 */

define('DRUPAL_BOOTSTRAP_PAGE_HEADER', 5);

/**

 * Seventh bootstrap phase: find out language of the page.

 */

define('DRUPAL_BOOTSTRAP_LANGUAGE', 6);

/**

 * Final bootstrap phase: Drupal is fully loaded; validate and fix input data.

 */

define('DRUPAL_BOOTSTRAP_FULL', 7);

/**

 * Role ID for anonymous users; should match what's in the "role" table.

 */

define('DRUPAL_ANONYMOUS_RID', 1);

/**

 * Role ID for authenticated users; should match what's in the "role" table.

 */

define('DRUPAL_AUTHENTICATED_RID', 2);

/**

 * The number of bytes in a kilobyte.

 *

 * For more information, visit http://en.wikipedia.org/wiki/Kilobyte.

 */

define('DRUPAL_KILOBYTE', 1024);

/**

 * The language code used when no language is explicitly assigned.

 *

 * Defined by ISO639-2 for "Undetermined".

 */

define('LANGUAGE_NONE', 'und');

/**

 * The type of language used to define the content language.

 */

define('LANGUAGE_TYPE_CONTENT', 'language_content');

/**

 * The type of language used to select the user interface.

 */

define('LANGUAGE_TYPE_INTERFACE', 'language');

/**

 * The type of language used for URLs.

 */

define('LANGUAGE_TYPE_URL', 'language_url');

/**

 * Language written left to right. Possible value of $language->direction.

 */

define('LANGUAGE_LTR', 0);

/**

 * Language written right to left. Possible value of $language->direction.

 */

define('LANGUAGE_RTL', 1);

/**

 * Time of the current request in seconds elapsed since the Unix Epoch.

 *

 * This differs from $_SERVER['REQUEST_TIME'], which is stored as a float

 * since PHP 5.4.0. Float timestamps confuse most PHP functions

 * (including date_create()).

 *

 * @see http://php.net/manual/reserved.variables.server.php

 * @see http://php.net/manual/function.time.php

 */

define('REQUEST_TIME', (int) $_SERVER['REQUEST_TIME']);

/**

 * Flag used to indicate that text is not sanitized, so run check_plain().

 *

 * @see drupal_set_title()

 */

define('CHECK_PLAIN', 0);

/**

 * Flag used to indicate that text has already been sanitized.

 *

 * @see drupal_set_title()

 */

define('PASS_THROUGH', -1);

/**

 * Signals that the registry lookup cache should be reset.

 */

define('REGISTRY_RESET_LOOKUP_CACHE', 1);

/**

 * Signals that the registry lookup cache should be written to storage.

 */

define('REGISTRY_WRITE_LOOKUP_CACHE', 2);

/**

 * Regular expression to match PHP function names.

 *

 * @see http://php.net/manual/language.functions.php

 */

define('DRUPAL_PHP_FUNCTION_PATTERN', '[a-zA-Z_\x7f-\xff][a-zA-Z0-9_\x7f-\xff]*');

/**

 * Provides a caching wrapper to be used in place of large array structures.

 *

 * This class should be extended by systems that need to cache large amounts

 * of data and have it represented as an array to calling functions. These

 * arrays can become very large, so ArrayAccess is used to allow different

 * strategies to be used for caching internally (lazy loading, building caches

 * over time etc.). This can dramatically reduce the amount of data that needs

 * to be loaded from cache backends on each request, and memory usage from

 * static caches of that same data.

 *

 * Note that array_* functions do not work with ArrayAccess. Systems using

 * DrupalCacheArray should use this only internally. If providing API functions

 * that return the full array, this can be cached separately or returned

 * directly. However since DrupalCacheArray holds partial content by design, it

 * should be a normal PHP array or otherwise contain the full structure.

 *

 * Note also that due to limitations in PHP prior to 5.3.4, it is impossible to

 * write directly to the contents of nested arrays contained in this object.

 * Only writes to the top-level array elements are possible. So if you

 * previously had set $object['foo'] = array(1, 2, 'bar' => 'baz'), but later

 * want to change the value of 'bar' from 'baz' to 'foobar', you cannot do so

 * a targeted write like $object['foo']['bar'] = 'foobar'. Instead, you must

 * overwrite the entire top-level 'foo' array with the entire set of new

 * values: $object['foo'] = array(1, 2, 'bar' => 'foobar'). Due to this same

 * limitation, attempts to create references to any contained data, nested or

 * otherwise, will fail silently. So $var = &$object['foo'] will not throw an

 * error, and $var will be populated with the contents of $object['foo'], but

 * that data will be passed by value, not reference. For more information on

 * the PHP limitation, see the note in the official PHP documentation at·

 * http://php.net/manual/arrayaccess.offsetget.php on

 * ArrayAccess::offsetGet().

 *

 * By default, the class accounts for caches where calling functions might

 * request keys in the array that won't exist even after a cache rebuild. This

 * prevents situations where a cache rebuild would be triggered over and over

 * due to a 'missing' item. These cases are stored internally as a value of

 * NULL. This means that the offsetGet() and offsetExists() methods

 * must be overridden if caching an array where the top level values can

 * legitimately be NULL, and where $object->offsetExists() needs to correctly

 * return (equivalent to array_key_exists() vs. isset()). This should not

 * be necessary in the majority of cases.

 *

 * Classes extending this class must override at least the

 * resolveCacheMiss() method to have a working implementation.

 *

 * offsetSet() is not overridden by this class by default. In practice this

 * means that assigning an offset via arrayAccess will only apply while the

 * object is in scope and will not be written back to the persistent cache.

 * This follows a similar pattern to static vs. persistent caching in

 * procedural code. Extending classes may wish to alter this behavior, for

 * example by overriding offsetSet() and adding an automatic call to persist().

 *

 * @see SchemaCache

 */

abstract class DrupalCacheArray implements ArrayAccess {

  /**

   * A cid to pass to cache_set() and cache_get().

   */

  protected $cid;

  /**

   * A bin to pass to cache_set() and cache_get().

   */

  protected $bin;

  /**

   * An array of keys to add to the cache at the end of the request.

   */

  protected $keysToPersist = array();

  /**

   * Storage for the data itself.

   */

  protected $storage = array();

  /**

   * Constructs a DrupalCacheArray object.

   *

   * @param $cid

   *   The cid for the array being cached.

   * @param $bin

   *   The bin to cache the array.

   */

  public function __construct($cid, $bin) {

    $this->cid = $cid;

    $this->bin = $bin;

    if ($cached = cache_get($this->cid, $this->bin)) {

     $this->storage = $cached->data;

    }

  }

  /**

   * Implements ArrayAccess::offsetExists().

   */

  public function offsetExists($offset) {

    return $this->offsetGet($offset) !== NULL;

  }

  /**

   * Implements ArrayAccess::offsetGet().

   */

  public function offsetGet($offset) {

    if (isset($this->storage[$offset]) || array_key_exists($offset, $this->storage)) {

      return $this->storage[$offset];

    }

    else {

      return $this->resolveCacheMiss($offset);

    }

  }

  /**

   * Implements ArrayAccess::offsetSet().

   */

  public function offsetSet($offset, $value) {

    $this->storage[$offset] = $value;

  }

  /**

   * Implements ArrayAccess::offsetUnset().

   */

  public function offsetUnset($offset) {

    unset($this->storage[$offset]);

  }

  /**

   * Flags an offset value to be written to the persistent cache.

   *

   * If a value is assigned to a cache object with offsetSet(), by default it

   * will not be written to the persistent cache unless it is flagged with this

   * method. This allows items to be cached for the duration of a request,

   * without necessarily writing back to the persistent cache at the end.

   *

   * @param $offset

   *   The array offset that was requested.

   * @param $persist

   *   Optional boolean to specify whether the offset should be persisted or

   *   not, defaults to TRUE. When called with $persist = FALSE the offset will

   *   be unflagged so that it will not be written at the end of the request.

   */

  protected function persist($offset, $persist = TRUE) {

    $this->keysToPersist[$offset] = $persist;

  }

  /**

   * Resolves a cache miss.

   *

   * When an offset is not found in the object, this is treated as a cache

   * miss. This method allows classes implementing the interface to look up

   * the actual value and allow it to be cached.

   *

   * @param $offset

   *   The offset that was requested.

   *

   * @return

   *   The value of the offset, or NULL if no value was found.

   */

  abstract protected function resolveCacheMiss($offset);

  /**

   * Writes a value to the persistent cache immediately.

   *

   * @param $data

   *   The data to write to the persistent cache.

   * @param $lock

   *   Whether to acquire a lock before writing to cache.

   */

  protected function set($data, $lock = TRUE) {

    // Lock cache writes to help avoid stampedes.

    // To implement locking for cache misses, override __construct().

    $lock_name = $this->cid . ':' . $this->bin;

    if (!$lock || lock_acquire($lock_name)) {

      if ($cached = cache_get($this->cid, $this->bin)) {

        $data = $cached->data + $data;

      }

      cache_set($this->cid, $data, $this->bin);

      if ($lock) {

        lock_release($lock_name);

      }

    }

  }

  /**

   * Destructs the DrupalCacheArray object.

   */

  public function __destruct() {

    $data = array();

    foreach ($this->keysToPersist as $offset => $persist) {

      if ($persist) {

        $data[$offset] = $this->storage[$offset];

      }

    }

    if (!empty($data)) {

      $this->set($data);

    }

  }

}

/**

 * Starts the timer with the specified name.

 *

 * If you start and stop the same timer multiple times, the measured intervals

 * will be accumulated.

 *

 * @param $name

 *   The name of the timer.

 */

function timer_start($name) {

  global $timers;

  $timers[$name]['start'] = microtime(TRUE);

  $timers[$name]['count'] = isset($timers[$name]['count']) ? ++$timers[$name]['count'] : 1;

}

/**

 * Reads the current timer value without stopping the timer.

 *

 * @param $name

 *   The name of the timer.

 *

 * @return

 *   The current timer value in ms.

 */

function timer_read($name) {

  global $timers;

  if (isset($timers[$name]['start'])) {

    $stop = microtime(TRUE);

    $diff = round(($stop - $timers[$name]['start']) * 1000, 2);

    if (isset($timers[$name]['time'])) {

      $diff += $timers[$name]['time'];

    }

    return $diff;

  }

  return $timers[$name]['time'];

}

/**

 * Stops the timer with the specified name.

 *

 * @param $name

 *   The name of the timer.

 *

 * @return

 *   A timer array. The array contains the number of times the timer has been

 *   started and stopped (count) and the accumulated timer value in ms (time).

 */

function timer_stop($name) {

  global $timers;

  if (isset($timers[$name]['start'])) {

    $stop = microtime(TRUE);

    $diff = round(($stop - $timers[$name]['start']) * 1000, 2);

    if (isset($timers[$name]['time'])) {

      $timers[$name]['time'] += $diff;

    }

    else {

      $timers[$name]['time'] = $diff;

    }

    unset($timers[$name]['start']);

  }

  return $timers[$name];

}

/**

 * Returns the appropriate configuration directory.

 *

 * Returns the configuration path based on the site's hostname, port, and

 * pathname. Uses find_conf_path() to find the current configuration directory.

 * See default.settings.php for examples on how the URL is converted to a

 * directory.

 *

 * @param bool $require_settings

 *   Only configuration directories with an existing settings.php file

 *   will be recognized. Defaults to TRUE. During initial installation,

 *   this is set to FALSE so that Drupal can detect a matching directory,

 *   then create a new settings.php file in it.

 * @param bool $reset

 *   Force a full search for matching directories even if one had been

 *   found previously. Defaults to FALSE.

 *

 * @return

 *   The path of the matching directory.

 *

 * @see default.settings.php

 */

function conf_path($require_settings = TRUE, $reset = FALSE) {

  $conf = &drupal_static(__FUNCTION__, '');

  if ($conf && !$reset) {

    return $conf;

  }

  $confdir = 'sites';

  $sites = array();

  if (file_exists(DRUPAL_ROOT . '/' . $confdir . '/sites.php')) {

    // This will overwrite $sites with the desired mappings.

    include(DRUPAL_ROOT . '/' . $confdir . '/sites.php');

  }

  $uri = explode('/', $_SERVER['SCRIPT_NAME'] ? $_SERVER['SCRIPT_NAME'] : $_SERVER['SCRIPT_FILENAME']);

  $server = explode('.', implode('.', array_reverse(explode(':', rtrim($_SERVER['HTTP_HOST'], '.')))));

  for ($i = count($uri) - 1; $i > 0; $i--) {

    for ($j = count($server); $j > 0; $j--) {

      $dir = implode('.', array_slice($server, -$j)) . implode('.', array_slice($uri, 0, $i));

      if (isset($sites[$dir]) && file_exists(DRUPAL_ROOT . '/' . $confdir . '/' . $sites[$dir])) {

        $dir = $sites[$dir];

      }

      if (file_exists(DRUPAL_ROOT . '/' . $confdir . '/' . $dir . '/settings.php') || (!$require_settings && file_exists(DRUPAL_ROOT . '/' . $confdir . '/' . $dir))) {

        $conf = "$confdir/$dir";

        return $conf;

      }

    }

  }

  $conf = "$confdir/default";

  return $conf;

}

/**

 * Sets appropriate server variables needed for command line scripts to work.

 *

 * This function can be called by command line scripts before bootstrapping

 * Drupal, to ensure that the page loads with the desired server parameters.

 * This is because many parts of Drupal assume that they are running in a web

 * browser and therefore use information from the global PHP $_SERVER variable

 * that does not get set when Drupal is run from the command line.

 *

 * In many cases, the default way in which this function populates the $_SERVER

 * variable is sufficient, and it can therefore be called without passing in

 * any input. However, command line scripts running on a multisite installation

 * (or on any installation that has settings.php stored somewhere other than

 * the sites/default folder) need to pass in the URL of the site to allow

 * Drupal to detect the correct location of the settings.php file. Passing in

 * the 'url' parameter is also required for functions like request_uri() to

 * return the expected values.

 *

 * Most other parameters do not need to be passed in, but may be necessary in

 * some cases; for example, if Drupal's ip_address() function needs to return

 * anything but the standard localhost value ('127.0.0.1'), the command line

 * script should pass in the desired value via the 'REMOTE_ADDR' key.

 *

 * @param $variables

 *   (optional) An associative array of variables within $_SERVER that should

 *   be replaced. If the special element 'url' is provided in this array, it

 *   will be used to populate some of the server defaults; it should be set to

 *   the URL of the current page request, excluding any $_GET request but

 *   including the script name (e.g., http://www.example.com/mysite/index.php).

 *

 * @see conf_path()

 * @see request_uri()

 * @see ip_address()

 */

function drupal_override_server_variables($variables = array()) {

  // Allow the provided URL to override any existing values in $_SERVER.

  if (isset($variables['url'])) {

    $url = parse_url($variables['url']);

    if (isset($url['host'])) {

      $_SERVER['HTTP_HOST'] = $url['host'];

    }

    if (isset($url['path'])) {

      $_SERVER['SCRIPT_NAME'] = $url['path'];

    }

    unset($variables['url']);

  }

  // Define default values for $_SERVER keys. These will be used if $_SERVER

  // does not already define them and no other values are passed in to this

  // function.

  $defaults = array(

    'HTTP_HOST' => 'localhost',

    'SCRIPT_NAME' => NULL,

    'REMOTE_ADDR' => '127.0.0.1',

    'REQUEST_METHOD' => 'GET',

    'SERVER_NAME' => NULL,

    'SERVER_SOFTWARE' => NULL,

    'HTTP_USER_AGENT' => NULL,

  );

  // Replace elements of the $_SERVER array, as appropriate.

  $_SERVER = $variables + $_SERVER + $defaults;

}

/**

 * Initializes the PHP environment.

 */

function drupal_environment_initialize() {

  if (!isset($_SERVER['HTTP_REFERER'])) {

    $_SERVER['HTTP_REFERER'] = '';

  }

  if (!isset($_SERVER['SERVER_PROTOCOL']) || ($_SERVER['SERVER_PROTOCOL'] != 'HTTP/1.0' && $_SERVER['SERVER_PROTOCOL'] != 'HTTP/1.1')) {

    $_SERVER['SERVER_PROTOCOL'] = 'HTTP/1.0';

  }

  if (isset($_SERVER['HTTP_HOST'])) {

    // As HTTP_HOST is user input, ensure it only contains characters allowed

    // in hostnames. See RFC 952 (and RFC 2181).

    // $_SERVER['HTTP_HOST'] is lowercased here per specifications.

    $_SERVER['HTTP_HOST'] = strtolower($_SERVER['HTTP_HOST']);

    if (!drupal_valid_http_host($_SERVER['HTTP_HOST'])) {

      // HTTP_HOST is invalid, e.g. if containing slashes it may be an attack.

      header($_SERVER['SERVER_PROTOCOL'] . ' 400 Bad Request');

      exit;

    }

  }

  else {

    // Some pre-HTTP/1.1 clients will not send a Host header. Ensure the key is

    // defined for E_ALL compliance.

    $_SERVER['HTTP_HOST'] = '';

  }

  // When clean URLs are enabled, emulate ?q=foo/bar using REQUEST_URI. It is

  // not possible to append the query string using mod_rewrite without the B

  // flag (this was added in Apache 2.2.8), because mod_rewrite unescapes the

  // path before passing it on to PHP. This is a problem when the path contains

  // e.g. "&" or "%" that have special meanings in URLs and must be encoded.

  $_GET['q'] = request_path();

  // Enforce E_ALL, but allow users to set levels not part of E_ALL.

  error_reporting(E_ALL | error_reporting());

  // Override PHP settings required for Drupal to work properly.

  // sites/default/default.settings.php contains more runtime settings.

  // The .htaccess file contains settings that cannot be changed at runtime.

  // Don't escape quotes when reading files from the database, disk, etc.

  ini_set('magic_quotes_runtime', '0');

  // Use session cookies, not transparent sessions that puts the session id in

  // the query string.

  ini_set('session.use_cookies', '1');

  ini_set('session.use_only_cookies', '1');

  ini_set('session.use_trans_sid', '0');

  // Don't send HTTP headers using PHP's session handler.

  // An empty string is used here to disable the cache limiter.

  ini_set('session.cache_limiter', '');

  // Use httponly session cookies.

  ini_set('session.cookie_httponly', '1');

  // Set sane locale settings, to ensure consistent string, dates, times and

  // numbers handling.

  setlocale(LC_ALL, 'C');

}

/**

 * Validates that a hostname (for example $_SERVER['HTTP_HOST']) is safe.

 *

 * @return

 *  TRUE if only containing valid characters, or FALSE otherwise.

 */

function drupal_valid_http_host($host) {

  return preg_match('/^\[?(?:[a-zA-Z0-9-:\]_]+\.?)+$/', $host);

}

/**

 * Sets the base URL, cookie domain, and session name from configuration.

 */

function drupal_settings_initialize() {

  global $base_url, $base_path, $base_root;

  // Export these settings.php variables to the global namespace.

  global $databases, $cookie_domain, $conf, $installed_profile, $update_free_access, $db_url, $db_prefix, $drupal_hash_salt, $is_https, $base_secure_url, $base_insecure_url;

  $conf = array();

  if (file_exists(DRUPAL_ROOT . '/' . conf_path() . '/settings.php')) {

    include_once DRUPAL_ROOT . '/' . conf_path() . '/settings.php';

  }

  $is_https = isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on';

  if (isset($base_url)) {

    // Parse fixed base URL from settings.php.

    $parts = parse_url($base_url);

    if (!isset($parts['path'])) {

      $parts['path'] = '';

    }

    $base_path = $parts['path'] . '/';

    // Build $base_root (everything until first slash after "scheme://").

    $base_root = substr($base_url, 0, strlen($base_url) - strlen($parts['path']));

  }

  else {

    // Create base URL.

    $http_protocol = $is_https ? 'https' : 'http';

    $base_root = $http_protocol . '://' . $_SERVER['HTTP_HOST'];

    $base_url = $base_root;

    // $_SERVER['SCRIPT_NAME'] can, in contrast to $_SERVER['PHP_SELF'], not

    // be modified by a visitor.

    if ($dir = rtrim(dirname($_SERVER['SCRIPT_NAME']), '\/')) {

      $base_path = $dir;

      $base_url .= $base_path;

      $base_path .= '/';

    }

    else {

      $base_path = '/';

    }

  }

  $base_secure_url = str_replace('http://', 'https://', $base_url);

  $base_insecure_url = str_replace('https://', 'http://', $base_url);

  if ($cookie_domain) {

    // If the user specifies the cookie domain, also use it for session name.

    $session_name = $cookie_domain;

  }

  else {

    // Otherwise use $base_url as session name, without the protocol

    // to use the same session identifiers across HTTP and HTTPS.

    list( , $session_name) = explode('://', $base_url, 2);

    // HTTP_HOST can be modified by a visitor, but we already sanitized it

    // in drupal_settings_initialize().

    if (!empty($_SERVER['HTTP_HOST'])) {

      $cookie_domain = $_SERVER['HTTP_HOST'];

      // Strip leading periods, www., and port numbers from cookie domain.

      $cookie_domain = ltrim($cookie_domain, '.');

      if (strpos($cookie_domain, 'www.') === 0) {

        $cookie_domain = substr($cookie_domain, 4);

      }

      $cookie_domain = explode(':', $cookie_domain);

      $cookie_domain = '.' . $cookie_domain[0];

    }

  }

  // Per RFC 2109, cookie domains must contain at least one dot other than the

  // first. For hosts such as 'localhost' or IP Addresses we don't set a cookie domain.

  if (count(explode('.', $cookie_domain)) > 2 && !is_numeric(str_replace('.', '', $cookie_domain))) {

    ini_set('session.cookie_domain', $cookie_domain);

  }

  // To prevent session cookies from being hijacked, a user can configure the

  // SSL version of their website to only transfer session cookies via SSL by

  // using PHP's session.cookie_secure setting. The browser will then use two

  // separate session cookies for the HTTPS and HTTP versions of the site. So we

  // must use different session identifiers for HTTPS and HTTP to prevent a

  // cookie collision.

  if ($is_https) {

    ini_set('session.cookie_secure', TRUE);

  }

  $prefix = ini_get('session.cookie_secure') ? 'SSESS' : 'SESS';

  session_name($prefix . substr(hash('sha256', $session_name), 0, 32));

}

/**

 * Returns and optionally sets the filename for a system resource.

 *

 * The filename, whether provided, cached, or retrieved from the database, is

 * only returned if the file exists.

 *

 * This function plays a key role in allowing Drupal's resources (modules

 * and themes) to be located in different places depending on a site's

 * configuration. For example, a module 'foo' may legally be located

 * in any of these three places:

 *

 * modules/foo/foo.module

 * sites/all/modules/foo/foo.module

 * sites/example.com/modules/foo/foo.module

 *

 * Calling drupal_get_filename('module', 'foo') will give you one of

 * the above, depending on where the module is located.

 *

 * @param $type

 *   The type of the item (theme, theme_engine, module, profile).

 * @param $name

 *   The name of the item for which the filename is requested.

 * @param $filename

 *   The filename of the item if it is to be set explicitly rather

 *   than by consulting the database.

 *

 * @return

 *   The filename of the requested item or NULL if the item is not found.

 */

function drupal_get_filename($type, $name, $filename = NULL) {

  // The location of files will not change during the request, so do not use

  // drupal_static().

  static $files = array(), $dirs = array();

  // Profiles are a special case: they have a fixed location and naming.

  if ($type == 'profile') {

    $profile_filename = "profiles/$name/$name.profile";

    $files[$type][$name] = file_exists($profile_filename) ? $profile_filename : FALSE;

  }

  if (!isset($files[$type])) {

    $files[$type] = array();

  }

  if (!empty($filename) && file_exists($filename)) {

    $files[$type][$name] = $filename;

  }

  elseif (isset($files[$type][$name])) {

    // nothing

  }

  // Verify that we have an active database connection, before querying

  // the database. This is required because this function is called both

  // before we have a database connection (i.e. during installation) and

  // when a database connection fails.

  else {

    try {

      if (function_exists('db_query')) {

        $file = db_query("SELECT filename FROM {system} WHERE name = :name AND type = :type", array(':name' => $name, ':type' => $type))->fetchField();

        if (file_exists(DRUPAL_ROOT . '/' . $file)) {

          $files[$type][$name] = $file;

        }

      }

    }

    catch (Exception $e) {

      // The database table may not exist because Drupal is not yet installed,

      // or the database might be down. We have a fallback for this case so we

      // hide the error completely.

    }

    // Fallback to searching the filesystem if the database could not find the

    // file or the file returned by the database is not found.

    if (!isset($files[$type][$name])) {

      // We have a consistent directory naming: modules, themes...

      $dir = $type . 's';

      if ($type == 'theme_engine') {

        $dir = 'themes/engines';

        $extension = 'engine';

      }

      elseif ($type == 'theme') {

        $extension = 'info';

      }

      else {

        $extension = $type;

      }

      if (!isset($dirs[$dir][$extension])) {

        $dirs[$dir][$extension] = TRUE;

        if (!function_exists('drupal_system_listing')) {

          require_once DRUPAL_ROOT . '/includes/common.inc';

        }

        // Scan the appropriate directories for all files with the requested

        // extension, not just the file we are currently looking for. This

        // prevents unnecessary scans from being repeated when this function is

        // called more than once in the same page request.

        $matches = drupal_system_listing("/^" . DRUPAL_PHP_FUNCTION_PATTERN . "\.$extension$/", $dir, 'name', 0);

        foreach ($matches as $matched_name => $file) {

          $files[$type][$matched_name] = $file->uri;

        }

      }

    }

  }

  if (isset($files[$type][$name])) {

    return $files[$type][$name];

  }

}

/**

 * Loads the persistent variable table.

 *

 * The variable table is composed of values that have been saved in the table

 * with variable_set() as well as those explicitly specified in the

 * configuration file.

 */

function variable_initialize($conf = array()) {

  // NOTE: caching the variables improves performance by 20% when serving

  // cached pages.

  if ($cached = cache_get('variables', 'cache_bootstrap')) {

    $variables = $cached->data;

  }

  else {

    // Cache miss. Avoid a stampede.

    $name = 'variable_init';

    if (!lock_acquire($name, 1)) {

      // Another request is building the variable cache.

      // Wait, then re-run this function.

      lock_wait($name);

      return variable_initialize($conf);

    }

    else {

      // Proceed with variable rebuild.

      $variables = array_map('unserialize', db_query('SELECT name, value FROM {variable}')->fetchAllKeyed());

      cache_set('variables', $variables, 'cache_bootstrap');

      lock_release($name);

    }

  }

  foreach ($conf as $name => $value) {

    $variables[$name] = $value;

  }

  return $variables;

}

/**

 * Returns a persistent variable.

 *

 * Case-sensitivity of the variable_* functions depends on the database

 * collation used. To avoid problems, always use lower case for persistent

 * variable names.

 *

 * @param $name

 *   The name of the variable to return.

 * @param $default

 *   The default value to use if this variable has never been set.

 *

 * @return

 *   The value of the variable. Unserialization is taken care of as necessary.

 *

 * @see variable_del()

 * @see variable_set()

 */

function variable_get($name, $default = NULL) {

  global $conf;

  return isset($conf[$name]) ? $conf[$name] : $default;

}

/**

 * Sets a persistent variable.

 *

 * Case-sensitivity of the variable_* functions depends on the database

 * collation used. To avoid problems, always use lower case for persistent

 * variable names.

 *

 * @param $name

 *   The name of the variable to set.

 * @param $value

 *   The value to set. This can be any PHP data type; these functions take care

 *   of serialization as necessary.

 *

 * @see variable_del()

 * @see variable_get()

 */

function variable_set($name, $value) {

  global $conf;

  db_merge('variable')->key(array('name' => $name))->fields(array('value' => serialize($value)))->execute();

  cache_clear_all('variables', 'cache_bootstrap');

  $conf[$name] = $value;

}

/**

 * Unsets a persistent variable.

 *

 * Case-sensitivity of the variable_* functions depends on the database

 * collation used. To avoid problems, always use lower case for persistent

 * variable names.

 *

 * @param $name

 *   The name of the variable to undefine.

 *

 * @see variable_get()

 * @see variable_set()

 */

function variable_del($name) {

  global $conf;

  db_delete('variable')

    ->condition('name', $name)

    ->execute();

  cache_clear_all('variables', 'cache_bootstrap');

  unset($conf[$name]);

}

/**

 * Retrieves the current page from the cache.

 *

 * Note: we do not serve cached pages to authenticated users, or to anonymous

 * users when $_SESSION is non-empty. $_SESSION may contain status messages

 * from a form submission, the contents of a shopping cart, or other user-

 * specific content that should not be cached and displayed to other users.

 *

 * @param $check_only

 *   (optional) Set to TRUE to only return whether a previous call found a

 *   cache entry.

 *

 * @return

 *   The cache object, if the page was found in the cache, NULL otherwise.

 */

function drupal_page_get_cache($check_only = FALSE) {

  global $base_root;

  static $cache_hit = FALSE;

  if ($check_only) {

    return $cache_hit;

  }

  if (drupal_page_is_cacheable()) {

    $cache = cache_get($base_root . request_uri(), 'cache_page');

    if ($cache !== FALSE) {

      $cache_hit = TRUE;

    }

    return $cache;

  }

}

/**

 * Determines the cacheability of the current page.

 *

 * @param $allow_caching

 *   Set to FALSE if you want to prevent this page to get cached.

 *

 * @return

 *   TRUE if the current page can be cached, FALSE otherwise.

 */

function drupal_page_is_cacheable($allow_caching = NULL) {

  $allow_caching_static = &drupal_static(__FUNCTION__, TRUE);

  if (isset($allow_caching)) {

    $allow_caching_static = $allow_caching;

  }

  return $allow_caching_static && ($_SERVER['REQUEST_METHOD'] == 'GET' || $_SERVER['REQUEST_METHOD'] == 'HEAD')

    && !drupal_is_cli();

}

/**

 * Invokes a bootstrap hook in all bootstrap modules that implement it.

 *

 * @param $hook

 *   The name of the bootstrap hook to invoke.

 *

 * @see bootstrap_hooks()

 */

function bootstrap_invoke_all($hook) {

  // Bootstrap modules should have been loaded when this function is called, so

  // we don't need to tell module_list() to reset its internal list (and we

  // therefore leave the first parameter at its default value of FALSE). We

  // still pass in TRUE for the second parameter, though; in case this is the

  // first time during the bootstrap that module_list() is called, we want to

  // make sure that its internal cache is primed with the bootstrap modules

  // only.

  foreach (module_list(FALSE, TRUE) as $module) {

    drupal_load('module', $module);

    module_invoke($module, $hook);

  }

}

/**

 * Includes a file with the provided type and name.

 *

 * This prevents including a theme, engine, module, etc., more than once.

 *

 * @param $type

 *   The type of item to load (i.e. theme, theme_engine, module).

 * @param $name

 *   The name of the item to load.

 *

 * @return

 *   TRUE if the item is loaded or has already been loaded.

 */

function drupal_load($type, $name) {

  // Once a file is included this can't be reversed during a request so do not

  // use drupal_static() here.

  static $files = array();

  if (isset($files[$type][$name])) {

    return TRUE;

  }

  $filename = drupal_get_filename($type, $name);

  if ($filename) {

    include_once DRUPAL_ROOT . '/' . $filename;

    $files[$type][$name] = TRUE;

    return TRUE;

  }

  return FALSE;

}

/**

 * Sets an HTTP response header for the current page.

 *

 * Note: When sending a Content-Type header, always include a 'charset' type,

 * too. This is necessary to avoid security bugs (e.g. UTF-7 XSS).

 *

 * @param $name

 *   The HTTP header name, or the special 'Status' header name.

 * @param $value

 *   The HTTP header value; if equal to FALSE, the specified header is unset.

 *   If $name is 'Status', this is expected to be a status code followed by a