Drupal
/
drupal
mirror of https://git.drupalcode.org/project/drupal.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Revert of Issue #1998638, since it broke drush si and other command-line scripts.

8.0.x
webchick 2013-12-04 21:13:05 -08:00
parent 340c023cf6
commit dc7a5b27ef
45 changed files with 190 additions and 221 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
core/includes/ajax.inc
View File

@ -241,7 +241,7 @@ function ajax_render($commands = array()) {
// since the base page ought to have at least one JS file and one CSS file
// loaded. It probably indicates an error, and rather than making the page
// reload all of the files, instead we return no new files.
if (!\Drupal::request()->request->get("ajax_page_state[$type]", NULL, TRUE)) {
if (empty($_POST['ajax_page_state'][$type])) {
$items[$type] = array();
}
else {

19
core/includes/bootstrap.inc
View File

@ -457,28 +457,25 @@ function config_get_config_directory($type = CONFIG_ACTIVE_DIRECTORY) {
* 'REMOTE_ADDR' key.
*
* @param $variables
* (optional) An associative array of variables within
* \Drupal::request()->server that should be replaced. If the special element
* 'url' is provided in this array, it will be used to populate some of the
* server defaults; it should be set to the URL of the current page request,
* excluding any GET request but including the script name
* (e.g., http://www.example.com/mysite/index.php).
* (optional) An associative array of variables within $_SERVER that should
* be replaced. If the special element 'url' is provided in this array, it
* will be used to populate some of the server defaults; it should be set to
* the URL of the current page request, excluding any $_GET request but
* including the script name (e.g., http://www.example.com/mysite/index.php).
*
* @see conf_path()
* @see request_uri()
* @see \Symfony\Component\HttpFoundation\Request::getClientIP()
*/
function drupal_override_server_variables($variables = array()) {
$request = \Drupal::request();
$server_vars = $request->server->all();
// Allow the provided URL to override any existing values in $_SERVER.
if (isset($variables['url'])) {
$url = parse_url($variables['url']);
if (isset($url['host'])) {
$server_vars['HTTP_HOST'] = $url['host'];
$_SERVER['HTTP_HOST'] = $url['host'];
}
if (isset($url['path'])) {
$server_vars['SCRIPT_NAME'] = $url['path'];
$_SERVER['SCRIPT_NAME'] = $url['path'];
}
unset($variables['url']);
}
@ -495,7 +492,7 @@ function drupal_override_server_variables($variables = array()) {
'HTTP_USER_AGENT' => NULL,
);
// Replace elements of the $_SERVER array, as appropriate.
$request->server->replace($variables + $server_vars + $defaults);
$_SERVER = $variables + $_SERVER + $defaults;
}
/**

12
core/includes/common.inc
View File

@ -411,8 +411,7 @@ function drupal_get_feeds($delimiter = "\n") {
* Processes a URL query parameter array to remove unwanted elements.
*
* @param $query
* (optional) An array to be processed. Defaults to \Drupal::request()->query
* parameters.
* (optional) An array to be processed. Defaults to $_GET.
* @param $exclude
* (optional) A list of $query array keys to remove. Use "parent[child]" to
* exclude nested items.
@ -491,7 +490,7 @@ function drupal_get_destination() {
* The returned array contains a 'path' that may be passed separately to url().
* For example:
* @code
* $options = drupal_parse_url(\Drupal::request()->query->get('destination'));
* $options = drupal_parse_url($_GET['destination']);
* $my_url = url($options['path'], $options);
* $my_link = l('Example link', $options['path'], $options);
* @endcode
@ -502,7 +501,7 @@ function drupal_get_destination() {
* $options['query'] and the fragment into $options['fragment'].
*
* @param $url
* The URL string to parse.
* The URL string to parse, f.e. $_GET['destination'].
*
* @return
* An associative array containing the keys:
@ -1887,7 +1886,6 @@ function drupal_html_id($id) {
// take into account IDs that are already in use on the base page.
$seen_ids_init = &drupal_static(__FUNCTION__ . ':init');
if (!isset($seen_ids_init)) {
$ajax_html_ids = \Drupal::request()->request->get('ajax_html_ids');
// Ideally, Drupal would provide an API to persist state information about
// prior page requests in the database, and we'd be able to add this
// function's $seen_ids static variable to that state information in order
@ -1897,7 +1895,7 @@ function drupal_html_id($id) {
// normally not recommended as it could open up security risks, but because
// the raw POST data is cast to a number before being returned by this
// function, this usage is safe.
if (empty($ajax_html_ids)) {
if (empty($_POST['ajax_html_ids'])) {
$seen_ids_init = array();
}
else {
@ -1906,7 +1904,7 @@ function drupal_html_id($id) {
// requested id. $_POST['ajax_html_ids'] contains the ids as they were
// returned by this function, potentially with the appended counter, so
// we parse that to reconstruct the $seen_ids array.
$ajax_html_ids = explode(' ', $ajax_html_ids);
$ajax_html_ids = explode(' ', $_POST['ajax_html_ids']);
foreach ($ajax_html_ids as $seen_id) {
// We rely on '--' being used solely for separating a base id from the
// counter, which this function ensures when returning an id.

3
core/includes/form.inc
View File

@ -495,8 +495,7 @@ function form_type_checkboxes_value($element, $input = FALSE) {
// NULL elements from the array before constructing the return value, to
// simulate the behavior of web browsers (which do not send unchecked
// checkboxes to the server at all). This will not affect non-programmatic
// form submissions, since all values in \Drupal::request()->request are
// strings.
// form submissions, since all values in $_POST are strings.
foreach ($input as $key => $value) {
if (!isset($value)) {
unset($input[$key]);

36
core/includes/install.core.inc
View File

@ -253,19 +253,9 @@ function install_state_defaults() {
* modified with information gleaned from the beginning of the page request.
*/
function install_begin_request(&$install_state) {
// A request object from the HTTPFoundation to tell us about the request.
$request = Request::createFromGlobals();
// Create a minimal container so that t() and $request will work. This
// container will be overriden but it's needed for the very early installation
// process when database tasks run.
$container = new ContainerBuilder();
$container->set('request', $request);
\Drupal::setContainer($container);
// Add any installation parameters passed in via the URL.
if ($install_state['interactive']) {
$install_state['parameters'] += $request->query->all();
$install_state['parameters'] += $_GET;
}
// Validate certain core settings that are used throughout the installation.
@ -298,10 +288,13 @@ function install_begin_request(&$install_state) {
// _drupal_load_test_overrides() sets the simpletest_conf_path in-memory
// setting in this case.
if ($install_state['interactive'] && drupal_valid_test_ua() && !settings()->get('simpletest_conf_path')) {
header($request->server->get('SERVER_PROTOCOL') . ' 403 Forbidden');
header($_SERVER['SERVER_PROTOCOL'] . ' 403 Forbidden');
exit;
}
// A request object from the HTTPFoundation to tell us about the request.
$request = Request::createFromGlobals();
// If we have a language selected and it is not yet saved in the system
// (eg. pre-database data screens we are unable to persistently store
// the default language), we should set language_default so the proper
@ -331,6 +324,10 @@ function install_begin_request(&$install_state) {
// Determine whether the configuration system is ready to operate.
$install_state['config_verified'] = install_verify_config_directory(CONFIG_ACTIVE_DIRECTORY) && install_verify_config_directory(CONFIG_STAGING_DIRECTORY);
// Create a minimal container for t() to work.
// This container will be overriden but it needed for the very early
// installation process when database tasks run.
$container = new ContainerBuilder();
// Register the translation services.
install_register_translation_service($container);
\Drupal::setContainer($container);
@ -1351,7 +1348,7 @@ function install_select_profile(&$install_state) {
*
* A profile will be selected if:
* - Only one profile is available,
* - A profile was submitted through \Drupal::request()->request,
* - A profile was submitted through $_POST,
* - Exactly one of the profiles is marked as "exclusive".
* If multiple profiles are marked as "exclusive" then no profile will be
* selected.
@ -1365,13 +1362,12 @@ function install_select_profile(&$install_state) {
*/
function _install_select_profile($profiles) {
// Don't need to choose profile if only one available.
$request_params = \Drupal::request()->request;
if (count($profiles) == 1) {
$profile = array_pop($profiles);
return $profile->name;
}
elseif ($request_params->has('profile') && ($profile = $request_params->get('profile')) && isset($profiles[$profile])) {
return $profiles[$profile]->name;
elseif (!empty($_POST['profile']) && isset($profiles[$_POST['profile']])) {
return $profiles[$_POST['profile']]->name;
}
// Check for a profile marked as "exclusive" and ensure that only one
// profile is marked as such.
@ -1552,7 +1548,6 @@ function install_select_language(&$install_state) {
// Find all available translation files.
$files = install_find_translations();
$install_state['translations'] += $files;
$request_params = \Drupal::request()->request;
// If a valid language code is set, continue with the next installation step.
// When translations from the localization server are used, any language code
@ -1560,9 +1555,9 @@ function install_select_language(&$install_state) {
// langauges available at http://localize.drupal.org.
// When files from the translation directory are used, we only accept
// languages for which a file is available.
if ($request_params->has('langcode')) {
if (!empty($_POST['langcode'])) {
$standard_languages = LanguageManager::getStandardLanguageList();
$langcode = $request_params->get('langcode');
$langcode = $_POST['langcode'];
if ($langcode == 'en' || isset($files[$langcode]) || isset($standard_languages[$langcode])) {
$install_state['parameters']['langcode'] = $langcode;
return;
@ -2104,8 +2099,7 @@ function install_configure_form($form, &$form_state, &$install_state) {
// especially out of place on the last page of the installer, where it would
// distract from the message that the Drupal installation has completed
// successfully.)
$post_params = \Drupal::request()->request->all();
if (empty($post_params) && (!drupal_verify_install_file(DRUPAL_ROOT . '/' . $settings_file, FILE_EXIST|FILE_READABLE|FILE_NOT_WRITABLE) || !drupal_verify_install_file(DRUPAL_ROOT . '/' . $settings_dir, FILE_NOT_WRITABLE, 'dir'))) {
if (empty($_POST) && (!drupal_verify_install_file(DRUPAL_ROOT . '/' . $settings_file, FILE_EXIST|FILE_READABLE|FILE_NOT_WRITABLE) || !drupal_verify_install_file(DRUPAL_ROOT . '/' . $settings_dir, FILE_NOT_WRITABLE, 'dir'))) {
drupal_set_message(t('All necessary changes to %dir and %file have been made, so you should remove write permissions to them now in order to avoid security risks. If you are unsure how to do so, consult the <a href="@handbook_url">online handbook</a>.', array('%dir' => $settings_dir, '%file' => $settings_file, '@handbook_url' => 'http://drupal.org/server-permissions')), 'warning');
}

3
core/includes/language.inc
View File

@ -100,8 +100,7 @@ const LANGUAGE_NEGOTIATION_INTERFACE = 'language-interface';
* $langcode = language_from_url($languages);
*
* // If we are on an administrative path, override with the default language.
* $query = \Drupal::request()->query;
* if ($query->has('q') && strtok($query->get('q'), '/') == 'admin') {
* if (isset($_GET['q']) && strtok($_GET['q'], '/') == 'admin') {
* return language_default()->id;
* }
* return $langcode;

23
core/includes/pager.inc
View File

@ -16,13 +16,13 @@ use Drupal\Component\Utility\Url;
*
* @return
* The number of the current requested page, within the pager represented by
* $element. This is determined from the URL query parameter
* \Drupal::request()->query->get('page'), or 0 by default. Note that this
* number may differ from the actual page being displayed. For example, if a
* search for "example text" brings up three pages of results, but a users
* visits search/node/example+text?page=10, this function will return 10, even
* though the default pager implementation adjusts for this and still displays
* the third page of search results at that URL.
* $element. This is determined from the URL query parameter $_GET['page'], or
* 0 by default. Note that this number may differ from the actual page being
* displayed. For example, if a search for "example text" brings up three
* pages of results, but a users visits search/node/example+text?page=10, this
* function will return 10, even though the default pager implementation
* adjusts for this and still displays the third page of search results at
* that URL.
*
* @see pager_default_initialize()
*/
@ -109,11 +109,10 @@ function pager_find_page($element = 0) {
*
* @return
* The number of the current page, within the pager represented by $element.
* This is determined from the URL query parameter
* \Drupal::request()->query->get('page), or 0 by default. However, if a page
* that does not correspond to the actual range of the result set was
* requested, this function will return the closest page actually within the
* result set.
* This is determined from the URL query parameter $_GET['page'], or 0 by
* default. However, if a page that does not correspond to the actual range
* of the result set was requested, this function will return the closest
* page actually within the result set.
*/
function pager_default_initialize($total, $limit, $element = 0) {
global $pager_page_array, $pager_total, $pager_total_items, $pager_limits;

34
core/includes/session.inc
View File

@ -83,8 +83,7 @@ function _drupal_session_read($sid) {
// Handle the case of first time visitors and clients that don't store
// cookies (eg. web crawlers).
$insecure_session_name = substr(session_name(), 1);
$cookies = \Drupal::request()->cookies;
if (!$cookies->has(session_name()) && !$cookies->has($insecure_session_name)) {
if (!isset($_COOKIE[session_name()]) && !isset($_COOKIE[$insecure_session_name])) {
$user = new UserSession();
return '';
}
@ -96,9 +95,9 @@ function _drupal_session_read($sid) {
if (\Drupal::request()->isSecure()) {
$values = db_query("SELECT u.*, s.* FROM {users} u INNER JOIN {sessions} s ON u.uid = s.uid WHERE s.ssid = :ssid", array(':ssid' => $sid))->fetchAssoc();
if (!$values) {
if ($cookies->has($insecure_session_name)) {
if (isset($_COOKIE[$insecure_session_name])) {
$values = db_query("SELECT u.*, s.* FROM {users} u INNER JOIN {sessions} s ON u.uid = s.uid WHERE s.sid = :sid AND s.uid = 0", array(
':sid' => $cookies->get($insecure_session_name)))
':sid' => $_COOKIE[$insecure_session_name]))
->fetchAssoc();
}
}
@ -189,14 +188,13 @@ function _drupal_session_write($sid, $value) {
// On HTTPS connections, use the session ID as both 'sid' and 'ssid'.
if (\Drupal::request()->isSecure()) {
$key['ssid'] = $sid;
$cookies = \Drupal::request()->cookies;
// The "secure pages" setting allows a site to simultaneously use both
// secure and insecure session cookies. If enabled and both cookies are
// presented then use both keys.
if (settings()->get('mixed_mode_sessions', FALSE)) {
$insecure_session_name = substr(session_name(), 1);
if ($cookies->has($insecure_session_name)) {
$key['sid'] = $cookies->get($insecure_session_name);
if (isset($_COOKIE[$insecure_session_name])) {
$key['sid'] = $_COOKIE[$insecure_session_name];
}
}
}
@ -243,8 +241,9 @@ function drupal_session_initialize() {
session_set_save_handler('_drupal_session_open', '_drupal_session_close', '_drupal_session_read', '_drupal_session_write', '_drupal_session_destroy', '_drupal_session_garbage_collection');
$is_https = \Drupal::request()->isSecure();
$cookies = \Drupal::request()->cookies;
if (($cookies->has(session_name()) && ($session_name = $cookies->get(session_name()))) || ($is_https && settings()->get('mixed_mode_sessions', FALSE) && ($cookies->has(substr(session_name(), 1))) && ($session_name = $cookies->get(substr(session_name(), 1))))) {
// We use !empty() in the following check to ensure that blank session IDs
// are not valid.
if (!empty($_COOKIE[session_name()]) || ($is_https && settings()->get('mixed_mode_sessions', FALSE) && !empty($_COOKIE[substr(session_name(), 1)]))) {
// If a session cookie exists, initialize the session. Otherwise the
// session is only started on demand in drupal_session_commit(), making
// anonymous users not use a session cookie unless something is stored in
@ -268,7 +267,7 @@ function drupal_session_initialize() {
if ($is_https && settings()->get('mixed_mode_sessions', FALSE)) {
$insecure_session_name = substr(session_name(), 1);
$session_id = Crypt::hashBase64(uniqid(mt_rand(), TRUE));
$cookies->set($insecure_session_name, $session_id);
$_COOKIE[$insecure_session_name] = $session_id;
}
}
date_default_timezone_set(drupal_get_user_timezone());
@ -324,8 +323,7 @@ function drupal_session_commit() {
$insecure_session_name = substr(session_name(), 1);
$params = session_get_cookie_params();
$expire = $params['lifetime'] ? REQUEST_TIME + $params['lifetime'] : 0;
$cookie_params = \Drupal::request()->cookies;
setcookie($insecure_session_name, $cookie_params->get($insecure_session_name), $expire, $params['path'], $params['domain'], FALSE, $params['httponly']);
setcookie($insecure_session_name, $_COOKIE[$insecure_session_name], $expire, $params['path'], $params['domain'], FALSE, $params['httponly']);
}
}
// Write the session data.
@ -358,12 +356,11 @@ function drupal_session_regenerate() {
}
$is_https = \Drupal::request()->isSecure();
$cookies = \Drupal::request()->cookies;
if ($is_https && settings()->get('mixed_mode_sessions', FALSE)) {
$insecure_session_name = substr(session_name(), 1);
if (!isset($GLOBALS['lazy_session']) && $cookies->has($insecure_session_name)) {
$old_insecure_session_id = $cookies->get($insecure_session_name);
if (!isset($GLOBALS['lazy_session']) && isset($_COOKIE[$insecure_session_name])) {
$old_insecure_session_id = $_COOKIE[$insecure_session_name];
}
$params = session_get_cookie_params();
$session_id = Crypt::hashBase64(uniqid(mt_rand(), TRUE) . Crypt::randomBytes(55));
@ -372,7 +369,7 @@ function drupal_session_regenerate() {
// it will expire when the browser is closed.
$expire = $params['lifetime'] ? REQUEST_TIME + $params['lifetime'] : 0;
setcookie($insecure_session_name, $session_id, $expire, $params['path'], $params['domain'], FALSE, $params['httponly']);
$cookies->set($insecure_session_name, $session_id);
$_COOKIE[$insecure_session_name] = $session_id;
}
if (drupal_session_started()) {
@ -464,14 +461,13 @@ function _drupal_session_destroy($sid) {
* Force the secure value of the cookie.
*/
function _drupal_session_delete_cookie($name, $secure = NULL) {
$cookies = \Drupal::request()->cookies;
if ($cookies->has($name) || (!\Drupal::request()->isSecure() && $secure === TRUE)) {
if (isset($_COOKIE[$name]) || (!\Drupal::request()->isSecure() && $secure === TRUE)) {
$params = session_get_cookie_params();
if ($secure !== NULL) {
$params['secure'] = $secure;
}
setcookie($name, '', REQUEST_TIME - 3600, $params['path'], $params['domain'], $params['secure'], $params['httponly']);
$cookies->remove($name);
unset($_COOKIE[$name]);
}
}

8
core/lib/Drupal/Component/Utility/Url.php
View File

@ -34,8 +34,7 @@ class Url {
* http_build_query() directly.
*
* @param array $query
* The query parameter array to be processed,
* e.g. \Drupal::request()->query->all().
* The query parameter array to be processed, e.g. $_GET.
* @param string $parent
* Internal use only. Used to build the $query array key for nested items.
*
@ -119,14 +118,13 @@ class Url {
* The returned array contains a 'path' that may be passed separately to url().
* For example:
* @code
* $options = Url::parse(\Drupal::request()->query->get('destination'));
* $options = Url::parse($_GET['destination']);
* $my_url = url($options['path'], $options);
* $my_link = l('Example link', $options['path'], $options);
* @endcode
*
* @param string $url
* The URL string to parse, i.e.
* \Drupal::request()->query->get('destination').
* The URL string to parse, f.e. $_GET['destination'].
*
* @return
* An associative array containing the keys:

9
core/lib/Drupal/Core/Ajax/AjaxResponse.php
View File

@ -95,11 +95,10 @@ class AjaxResponse extends JsonResponse {
// diffing logic using array_diff_key().
$ajax_page_state = $request->request->get('ajax_page_state');
foreach (array('css', 'js') as $type) {
// It is highly suspicious if
// $request->request->get("ajax_page_state[$type]") is empty, since the
// base page ought to have at least one JS file and one CSS file loaded.
// It probably indicates an error, and rather than making the page reload
// all of the files, instead we return no new files.
// It is highly suspicious if $_POST['ajax_page_state'][$type] is empty,
// since the base page ought to have at least one JS file and one CSS file
// loaded. It probably indicates an error, and rather than making the page
// reload all of the files, instead we return no new files.
if (empty($ajax_page_state[$type])) {
$items[$type] = array();
}

7
core/lib/Drupal/Core/EventSubscriber/RedirectResponseSubscriber.php
View File

@ -48,10 +48,9 @@ class RedirectResponseSubscriber implements EventSubscriberInterface {
$options = array();
$destination = $event->getRequest()->query->get('destination');
// A destination from \Drupal::request()->query always overrides the
// current RedirectResponse. We do not allow absolute URLs to be passed
// via \Drupal::request()->query, as this can be an attack vector, with
// the following exception:
// A destination in $_GET always overrides the current RedirectResponse.
// We do not allow absolute URLs to be passed via $_GET, as this can be an
// attack vector, with the following exception:
// - Absolute URLs that point to this site (i.e. same base URL and
// base path) are allowed.
if ($destination && (!url_is_external($destination) || _external_url_is_local($destination))) {

18
core/lib/Drupal/Core/Form/FormBuilder.php
View File

@ -569,7 +569,7 @@ class FormBuilder implements FormBuilderInterface {
public function processForm($form_id, &$form, &$form_state) {
$form_state['values'] = array();
// With GET, these forms are always submitted if requested.
// With $_GET, these forms are always submitted if requested.
if ($form_state['method'] == 'get' && !empty($form_state['always_process'])) {
if (!isset($form_state['input']['form_build_id'])) {
$form_state['input']['form_build_id'] = $form['#build_id'];
@ -1490,10 +1490,9 @@ class FormBuilder implements FormBuilderInterface {
$name = array_shift($element['#parents']);
$element['#name'] = $name;
if ($element['#type'] == 'file') {
// To make it easier to handle files in file.inc, we place all
// To make it easier to handle $_FILES in file.inc, we place all
// file fields in the 'files' array. Also, we do not support
// nested file names.
// @todo Remove this files prefix now?
$element['#name'] = 'files[' . $element['#name'] . ']';
}
elseif (count($element['#parents'])) {
@ -1609,8 +1608,7 @@ class FormBuilder implements FormBuilderInterface {
if (!empty($element['#is_button'])) {
// All buttons in the form need to be tracked for
// form_state_values_clean() and for the self::doBuildForm() code that
// handles a form submission containing no button information in
// \Drupal::request()->request.
// handles a form submission containing no button information in $_POST.
$form_state['buttons'][] = $element;
if ($this->buttonWasClicked($element, $form_state)) {
$form_state['triggering_element'] = $element;
@ -1670,15 +1668,15 @@ class FormBuilder implements FormBuilderInterface {
// buttons on a form share the same name (usually 'op'), and the specific
// return value is used to determine which was clicked. This ONLY works as
// long as $form['#name'] puts the value at the top level of the tree of
// \Drupal::request()->request data.
// $_POST data.
if (isset($form_state['input'][$element['#name']]) && $form_state['input'][$element['#name']] == $element['#value']) {
return TRUE;
}
// When image buttons are clicked, browsers do NOT pass the form element
// value in \Drupal::request()->Request. Instead they pass an integer
// representing the coordinates of the click on the button image. This means
// that image buttons MUST have unique $form['#name'] values, but the
// details of their \Drupal::request()->request data should be ignored.
// value in $_POST. Instead they pass an integer representing the
// coordinates of the click on the button image. This means that image
// buttons MUST have unique $form['#name'] values, but the details of their
// $_POST data should be ignored.
elseif (!empty($element['#has_garbage_value']) && isset($element['#value']) && $element['#value'] !== '') {
return TRUE;
}

31
core/lib/Drupal/Core/Form/FormBuilderInterface.php
View File

@ -154,9 +154,8 @@ interface FormBuilderInterface extends FormErrorInterface {
* understanding of security implications. In almost all cases, code
* should use the data in the 'values' array exclusively. The most common
* use of this key is for multi-step forms that need to clear some of the
* user input when setting 'rebuild'. The values correspond to
* \Drupal::request()->request or \Drupal::request()->query, depending on
* the 'method' chosen.
* user input when setting 'rebuild'. The values correspond to $_POST or
* $_GET, depending on the 'method' chosen.
* - always_process: If TRUE and the method is GET, a form_id is not
* necessary. This should only be used on RESTful GET forms that do NOT
* write data, as this could lead to security issues. It is useful so that
@ -170,8 +169,8 @@ interface FormBuilderInterface extends FormErrorInterface {
* invoked via self::submitForm(). Defaults to FALSE.
* - process_input: Boolean flag. TRUE signifies correct form submission.
* This is always TRUE for programmed forms coming from self::submitForm()
* (see 'programmed' key), or if the form_id coming from the
* \Drupal::request()->request data is set and matches the current form_id.
* (see 'programmed' key), or if the form_id coming from the $_POST data
* is set and matches the current form_id.
* - submitted: If TRUE, the form has been submitted. Defaults to FALSE.
* - executed: If TRUE, the form was submitted and has been processed and
* executed. Defaults to FALSE.
@ -310,12 +309,11 @@ interface FormBuilderInterface extends FormErrorInterface {
* @param $form_state
* A keyed array containing the current state of the form. Most important is
* the $form_state['values'] collection, a tree of data used to simulate the
* incoming \Drupal::request()->request information from a user's form
* submission. If a key is not filled in $form_state['values'], then the
* default value of the respective element is used. To submit an unchecked
* checkbox or other control that browsers submit by not having a
* \Drupal::request()->request entry, include the key, but set the value to
* NULL.
* incoming $_POST information from a user's form submission. If a key is
* not filled in $form_state['values'], then the default value of the
* respective element is used. To submit an unchecked checkbox or other
* control that browsers submit by not having a $_POST entry, include the
* key, but set the value to NULL.
* @param ...
* Any additional arguments are passed on to the functions called by
* self::submitForm(), including the unique form constructor function.
@ -380,8 +378,8 @@ interface FormBuilderInterface extends FormErrorInterface {
* A keyed array containing the current state of the form. This
* includes the current persistent storage data for the form, and
* any data passed along by earlier steps when displaying a
* multi-step form. Additional information, like the sanitized
* \Drupal::request()->request data, is also accumulated here.
* multi-step form. Additional information, like the sanitized $_POST
* data, is also accumulated here.
*
* @return \Symfony\Component\HttpFoundation\RedirectResponse|null
*/
@ -479,9 +477,8 @@ interface FormBuilderInterface extends FormErrorInterface {
* redirect is accomplished by returning a RedirectResponse, passing in the
* value of $form_state['redirect'] if it is set, or the current path if it
* is not. RedirectResponse preferentially uses the value of
* \Drupal::request->query->get('destination') (the 'destination' URL query
* string) if it is present, so this will override any values set by
* $form_state['redirect'].
* $_GET['destination'] (the 'destination' URL query string) if it is
* present, so this will override any values set by $form_state['redirect'].
*
* @param $form_state
* An associative array containing the current state of the form.
@ -602,7 +599,7 @@ interface FormBuilderInterface extends FormErrorInterface {
* A keyed array containing the current state of the form. In this
* context, it is used to accumulate information about which button
* was clicked when the form was submitted, as well as the sanitized
* \Drupal::request()->request data.
* $_POST data.
*
* @return array
*/

3
core/modules/aggregator/lib/Drupal/aggregator/Form/OpmlFeedAdd.php
View File

@ -138,8 +138,7 @@ class OpmlFeedAdd extends FormBase {
*/
public function validateForm(array &$form, array &$form_state) {
// If both fields are empty or filled, cancel.
$file_upload = $this->getRequest()->files->get('files[upload]', NULL, TRUE);
if (empty($form_state['values']['remote']) == empty($file_upload)) {
if (empty($form_state['values']['remote']) == empty($_FILES['files']['name']['upload'])) {
form_set_error('remote', $form_state, $this->t('You must <em>either</em> upload a file or enter a URL.'));
}
}

7
core/modules/config/lib/Drupal/config/Form/ConfigImportForm.php
View File

@ -74,12 +74,11 @@ class ConfigImportForm extends FormBase {
* {@inheritdoc}
*/
public function validateForm(array &$form, array &$form_state) {
$file_upload = $this->getRequest()->files->get('files[import_tarball]', NULL, TRUE);
if ($file_upload && $file_upload->isValid()) {
$form_state['values']['import_tarball'] = $file_upload->getRealPath();
if (!empty($_FILES['files']['error']['import_tarball'])) {
form_set_error('import_tarball', $form_state, $this->t('The import tarball could not be uploaded.'));
}
else {
form_set_error('import_tarball', $form_state, $this->t('The import tarball could not be uploaded.'));
$form_state['values']['import_tarball'] = $_FILES['files']['tmp_name']['import_tarball'];
}
}

4
core/modules/editor/lib/Drupal/editor/Form/EditorImageDialog.php
View File

@ -33,8 +33,8 @@ class EditorImageDialog extends FormBase {
* The filter format for which this dialog corresponds.
*/
public function buildForm(array $form, array &$form_state, FilterFormat $filter_format = NULL) {
// The default values are set directly from \Drupal::request()->request,
// provided by the editor plugin opening the dialog.
// The default values are set directly from $_POST, provided by the
// editor plugin opening the dialog.
if (!isset($form_state['image_element'])) {
$form_state['image_element'] = isset($form_state['input']['editor_object']) ? $form_state['input']['editor_object'] : array();
}

4
core/modules/editor/lib/Drupal/editor/Form/EditorLinkDialog.php
View File

@ -33,8 +33,8 @@ class EditorLinkDialog extends FormBase {
* The filter format for which this dialog corresponds.
*/
public function buildForm(array $form, array &$form_state, FilterFormat $filter_format = NULL) {
// The default values are set directly from \Drupal::request()->request,
// provided by the editor plugin opening the dialog.
// The default values are set directly from $_POST, provided by the
// editor plugin opening the dialog.
$input = isset($form_state['input']['editor_object']) ? $form_state['input']['editor_object'] : array();
$form['#tree'] = TRUE;

37
core/modules/file/file.module
View File

@ -777,9 +777,8 @@ function file_save_upload($form_field_name, array &$form_state, $validators = ar
$user = \Drupal::currentUser();
static $upload_cache;
$file_upload = \Drupal::request()->files->get("files[$form_field_name]", NULL, TRUE);
// Make sure there's an upload to process.
if (empty($file_upload)) {
if (empty($_FILES['files']['name'][$form_field_name])) {
return NULL;
}
@ -794,39 +793,40 @@ function file_save_upload($form_field_name, array &$form_state, $validators = ar
// Prepare uploaded files info. Representation is slightly different
// for multiple uploads and we fix that here.
$uploaded_files = $file_upload;
if (!is_array($file_upload)) {
$uploaded_files = array($file_upload);
$uploaded_files = $_FILES;
if (!is_array($uploaded_files['files']['name'][$form_field_name])) {
foreach (array('name', 'type', 'tmp_name', 'error', 'size') as $value)
$uploaded_files['files'][$value][$form_field_name] = array($uploaded_files['files'][$value][$form_field_name]);
}
$files = array();
foreach ($uploaded_files as $i => $file_info) {
foreach ($uploaded_files['files']['name'][$form_field_name] as $i => $name) {
// Check for file upload errors and return FALSE for this file if a lower
// level system error occurred. For a complete list of errors:
// See http://php.net/manual/features.file-upload.errors.php.
switch ($file_info->getError()) {
switch ($uploaded_files['files']['error'][$form_field_name][$i]) {
case UPLOAD_ERR_INI_SIZE:
case UPLOAD_ERR_FORM_SIZE:
drupal_set_message(t('The file %file could not be saved because it exceeds %maxsize, the maximum allowed size for uploads.', array('%file' => $file_info->getFilename(), '%maxsize' => format_size(file_upload_max_size()))), 'error');
drupal_set_message(t('The file %file could not be saved because it exceeds %maxsize, the maximum allowed size for uploads.', array('%file' => $name, '%maxsize' => format_size(file_upload_max_size()))), 'error');
$files[$i] = FALSE;
continue;
case UPLOAD_ERR_PARTIAL:
case UPLOAD_ERR_NO_FILE:
drupal_set_message(t('The file %file could not be saved because the upload did not complete.', array('%file' => $file_info->getFilename())), 'error');
drupal_set_message(t('The file %file could not be saved because the upload did not complete.', array('%file' => $name)), 'error');
$files[$i] = FALSE;
continue;
case UPLOAD_ERR_OK:
// Final check that this is a valid upload, if it isn't, use the
// default error handler.
if (is_uploaded_file($file_info->getRealPath())) {
if (is_uploaded_file($uploaded_files['files']['tmp_name'][$form_field_name][$i])) {
break;
}
// Unknown error
default:
drupal_set_message(t('The file %file could not be saved. An unknown error has occurred.', array('%file' => $file_info->getFilename())), 'error');
drupal_set_message(t('The file %file could not be saved. An unknown error has occurred.', array('%file' => $name)), 'error');
$files[$i] = FALSE;
continue;
@ -835,9 +835,9 @@ function file_save_upload($form_field_name, array &$form_state, $validators = ar
$values = array(
'uid' => $user->id(),
'status' => 0,
'filename' => $file_info->getClientOriginalName(),
'uri' => $file_info->getRealPath(),
'filesize' => $file_info->getSize(),
'filename' => trim(drupal_basename($name, '.')),
'uri' => $uploaded_files['files']['tmp_name'][$form_field_name][$i],
'filesize' => $uploaded_files['files']['size'][$form_field_name][$i],
);
$values['filemime'] = file_get_mimetype($values['filename']);
$file = entity_create('file', $values);
@ -940,7 +940,7 @@ function file_save_upload($form_field_name, array &$form_state, $validators = ar
// directory. This overcomes open_basedir restrictions for future file
// operations.
$file->uri = $file->destination;
if (!drupal_move_uploaded_file($file_info->getRealPath(), $file->getFileUri())) {
if (!drupal_move_uploaded_file($uploaded_files['files']['tmp_name'][$form_field_name][$i], $file->getFileUri())) {
form_set_error($form_field_name, $form_state, t('File upload error. Could not move uploaded file.'));
watchdog('file', 'Upload error. Could not move uploaded file %file to destination %destination.', array('%file' => $file->filename, '%destination' => $file->uri));
$files[$i] = FALSE;
@ -1470,8 +1470,7 @@ function file_managed_file_submit($form, &$form_state) {
*/
function file_managed_file_save_upload($element, array &$form_state) {
$upload_name = implode('_', $element['#parents']);
$file_upload = \Drupal::request()->files->get("files[$upload_name]", NULL, TRUE);
if (empty($file_upload)) {
if (empty($_FILES['files']['name'][$upload_name])) {
return FALSE;
}
@ -1483,8 +1482,8 @@ function file_managed_file_save_upload($element, array &$form_state) {
}
// Save attached files to the database.
$files_uploaded = $element['#multiple'] && count(array_filter($file_upload)) > 0;
$files_uploaded |= !$element['#multiple'] && !empty($file_upload);
$files_uploaded = $element['#multiple'] && count(array_filter($_FILES['files']['name'][$upload_name])) > 0;
$files_uploaded |= !$element['#multiple'] && !empty($_FILES['files']['name'][$upload_name]);
if ($files_uploaded) {
if (!$files = file_save_upload($upload_name, $form_state, $element['#upload_validators'], $destination)) {
watchdog('file', 'The file upload failed. %upload', array('%upload' => $upload_name));

4
core/modules/node/lib/Drupal/node/Plugin/Search/NodeSearch.php
View File

@ -176,8 +176,8 @@ class NodeSearch extends SearchPluginBase implements AccessibleInterface, Search
->searchExpression($keys, $this->getPluginId());
// Handle advanced search filters in the f query string.
// \Drupal::request()->query->get('f') is an array that looks like this in
// the URL: ?f[]=type:page&f[]=term:27&f[]=term:13&f[]=langcode:en
// $_GET['f'] is an array that looks like this in the URL:
// ?f[]=type:page&f[]=term:27&f[]=term:13&f[]=langcode:en
// So $parameters['f'] looks like:
// array('type:page', 'term:27', 'term:13', 'langcode:en');
// We need to parse this out into query conditions.

14
core/modules/search/lib/Drupal/search/Controller/SearchController.php
View File

@ -72,8 +72,8 @@ class SearchController extends ControllerBase implements ContainerInjectionInter
public function view(Request $request, $plugin_id = NULL, $keys = NULL) {
$info = FALSE;
$keys = trim($keys);
// Also try to pull search keywords from the request to support old GET
// format of searches for existing links.
// Also try to pull search keywords out of the $_REQUEST variable to
// support old GET format of searches for existing links.
if (!$keys && $request->query->has('keys')) {
$keys = trim($request->query->get('keys'));
}
@ -105,11 +105,11 @@ class SearchController extends ControllerBase implements ContainerInjectionInter
// Default results output is an empty string.
$results = array('#markup' => '');
// Process the search form. Note that if there is
// \Drupal::request()->request data, search_form_submit() will cause a
// redirect to search/[path]/[keys], which will get us back to this page
// callback. In other words, the search form submits with POST but redirects
// to GET. This way we can keep the search query URL clean as a whistle.
// Process the search form. Note that if there is $_POST data,
// search_form_submit() will cause a redirect to search/[path]/[keys],
// which will get us back to this page callback. In other words, the search
// form submits with POST but redirects to GET. This way we can keep
// the search query URL clean as a whistle.
if ($request->request->has('form_id') || $request->request->get('form_id') != 'search_form') {
// Only search if there are keywords or non-empty conditions.
if ($plugin->isSearchExecutable()) {

11
core/modules/simpletest/lib/Drupal/simpletest/WebTestBase.php
View File

@ -1139,16 +1139,13 @@ abstract class WebTestBase extends TestBase {
// debug the code running on the child site. In order to make debuggers work
// this bit of information is forwarded. Make sure that the debugger listens
// to at least three external connections.
$request = \Drupal::request();
$cookie_params = $request->cookies;
if ($cookie_params->has('XDEBUG_SESSION')) {
$cookies[] = 'XDEBUG_SESSION=' . $cookie_params->get('XDEBUG_SESSION');
if (isset($_COOKIE['XDEBUG_SESSION'])) {
$cookies[] = 'XDEBUG_SESSION=' . $_COOKIE['XDEBUG_SESSION'];
}
// For CLI requests, the information is stored in $_SERVER.
$server = $request->server;
if ($server->has('XDEBUG_CONFIG')) {
if (isset($_SERVER['XDEBUG_CONFIG'])) {
// $_SERVER['XDEBUG_CONFIG'] has the form "key1=value1 key2=value2 ...".
$pairs = explode(' ', $server->get('XDEBUG_CONFIG'));
$pairs = explode(' ', $_SERVER['XDEBUG_CONFIG']);
foreach ($pairs as $pair) {
list($key, $value) = explode('=', $pair);
// Account for key-value pairs being separated by multiple spaces.

18
core/modules/system/lib/Drupal/system/Tests/Bootstrap/OverrideServerVariablesUnitTest.php
View File

@ -8,17 +8,11 @@
namespace Drupal\system\Tests\Bootstrap;
use Drupal\simpletest\UnitTestBase;
use Symfony\Component\DependencyInjection\ContainerBuilder;
use Symfony\Component\HttpFoundation\Request;
/**
* Tests for overriding server variables via the API.
*/
class OverrideServerVariablesUnitTest extends UnitTestBase {
/**
* {@inheritdoc}
*/
public static function getInfo() {
return array(
'name' => 'Overriding server variables',
@ -46,17 +40,17 @@ class OverrideServerVariablesUnitTest extends UnitTestBase {
),
);
foreach ($tests as $url => $expected_server_values) {
$container = \Drupal::getContainer();
$request = Request::createFromGlobals();
$container->set('request', $request);
\Drupal::setContainer($container);
// Remember the original value of $_SERVER, since the function call below
// will modify it.
$original_server = $_SERVER;
// Call drupal_override_server_variables() and ensure that all expected
// $_SERVER variables were modified correctly.
drupal_override_server_variables(array('url' => $url));
foreach ($expected_server_values as $key => $value) {
$this->assertIdentical(\Drupal::request()->server->get($key), $value);
$this->assertIdentical($_SERVER[$key], $value);
}
// Restore the original value of $_SERVER.
$_SERVER = $original_server;
}
}
}

13
core/modules/system/lib/Drupal/system/Tests/Common/HtmlIdentifierUnitTest.php
View File

@ -8,7 +8,6 @@
namespace Drupal\system\Tests\Common;
use Drupal\simpletest\UnitTestBase;
use Symfony\Component\HttpFoundation\Request;
/**
* Tests cleaning HTML identifiers.
@ -22,18 +21,6 @@ class HtmlIdentifierUnitTest extends UnitTestBase {
);
}
/**
* {@inheritdoc}
*/
public function setUp() {
parent::setUp();
$container = \Drupal::getContainer();
$request = new Request();
$container->set('request', $request);
\Drupal::setContainer($container);
}
/**
* Tests that drupal_clean_css_identifier() cleans the identifier properly.
*/

25
core/modules/system/lib/Drupal/system/Tests/Common/TableSortExtenderUnitTest.php
View File

@ -15,6 +15,13 @@ use Symfony\Component\HttpFoundation\Request;
*/
class TableSortExtenderUnitTest extends UnitTestBase {
/**
* Storage for initial value of $_GET.
*
* @var array
*/
protected $GET = array();
public static function getInfo() {
return array(
'name' => 'Tablesort',
@ -23,6 +30,20 @@ class TableSortExtenderUnitTest extends UnitTestBase {
);
}
function setUp() {
// Save the original $_GET to be restored later.
$this->GET = $_GET;
parent::setUp();
}
function tearDown() {
// Revert $_GET.
$_GET = $this->GET;
parent::tearDown();
}
/**
* Tests tablesort_init().
*/
@ -31,8 +52,8 @@ class TableSortExtenderUnitTest extends UnitTestBase {
// Test simple table headers.
$headers = array('foo', 'bar', 'baz');
// Reset $requesr->query to prevent parameters from Simpletest and Batch API
// ending up in $ts['query'].
// Reset $_GET to prevent parameters from Simpletest and Batch API ending
// up in $ts['query'].
$expected_ts = array(
'name' => 'foo',
'sql' => '',

4
core/modules/system/lib/Drupal/system/Tests/Entity/EntityViewBuilderTest.php
View File

@ -40,7 +40,7 @@ class EntityViewBuilderTest extends EntityUnitTestBase {
*/
public function testEntityViewBuilderCache() {
// Force a request via GET so we can get drupal_render() cache working.
$request_method = \Drupal::request()->server->get('REQUEST_METHOD');
$request_method = $_SERVER['REQUEST_METHOD'];
$this->container->get('request')->setMethod('GET');
$entity_test = $this->createTestEntity('entity_test');
@ -85,7 +85,7 @@ class EntityViewBuilderTest extends EntityUnitTestBase {
*/
public function testEntityViewBuilderCacheWithReferences() {
// Force a request via GET so we can get drupal_render() cache working.
$request_method = \Drupal::request()->server->get('REQUEST_METHOD');
$request_method = $_SERVER['REQUEST_METHOD'];
$this->container->get('request')->setMethod('GET');
// Create an entity reference field and an entity that will be referenced.

2
core/modules/system/lib/Drupal/system/Tests/Form/TriggeringElementTest.php
View File

@ -95,7 +95,7 @@ class TriggeringElementTest extends WebTestBase {
// trying to get around security safeguards could easily do. We have to do
// a little trickery here, to work around the safeguards in drupalPostForm(): by
// renaming the text field that is in the form to 'button1', we can get the
// data we want into \Drupal::request()->request.
// data we want into $_POST.
$elements = $this->xpath('//form[@id="' . $form_html_id . '"]//input[@name="text"]');
$elements[0]['name'] = 'button1';
$this->drupalPostForm(NULL, array('button1' => 'button1'), NULL, array(), array(), $form_html_id);

2
core/modules/system/system.install
View File

@ -44,7 +44,7 @@ function system_requirements($phase) {
}
// Web server information.
$software = \Drupal::request()->server->get('SERVER_SOFTWARE');
$software = $_SERVER['SERVER_SOFTWARE'];
$requirements['webserver'] = array(
'title' => t('Web server'),
'value' => $software,

2
core/modules/system/system.module
View File

@ -2733,7 +2733,7 @@ function system_default_region($theme) {
function system_admin_compact_mode() {
// PHP converts dots into underscores in cookie names to avoid problems with
// its parser, so we use a converted cookie name.
return \Drupal::request()->cookies->get('Drupal_visitor_admin_compact_mode', \Drupal::config('system.site')->get('admin_compact_mode'));
return isset($_COOKIE['Drupal_visitor_admin_compact_mode']) ? $_COOKIE['Drupal_visitor_admin_compact_mode'] : \Drupal::config('system.site')->get('admin_compact_mode');
}
/**

5
core/modules/system/tests/modules/ajax_test/ajax_test.module
View File

@ -78,9 +78,8 @@ function ajax_test_order() {
*/
function ajax_test_error() {
$message = '';
$query = \Drupal::request()->query;
if ($query->has('message')) {
$message = $query->get('message');
if (!empty($_GET['message'])) {
$message = $_GET['message'];
}
$response = new AjaxResponse();
$response->addCommand(new AlertCommand($message));

8
core/modules/system/tests/modules/form_test/form_test.module
View File

@ -605,7 +605,7 @@ function form_test_storage_form($form, &$form_state) {
'#value' => 'Save',
);
if (\Drupal::request()->get('cache')) {
if (isset($_REQUEST['cache'])) {
// Manually activate caching, so we can test that the storage keeps working
// when it's enabled.
$form_state['cache'] = TRUE;
@ -624,7 +624,7 @@ function form_test_storage_element_validate_value_cached($element, &$form_state)
// This presumes that another submitted form value triggers a validation error
// elsewhere in the form. Form API should still update the cached form storage
// though.
if (\Drupal::request()->get('cache') && $form_state['values']['value'] == 'change_title') {
if (isset($_REQUEST['cache']) && $form_state['values']['value'] == 'change_title') {
$form_state['storage']['thing']['changed'] = TRUE;
}
}
@ -1760,7 +1760,7 @@ function form_test_state_persist_submit($form, &$form_state) {
function form_test_form_form_test_state_persist_alter(&$form, &$form_state) {
// Simulate a form alter implementation inserting form elements that enable
// caching of the form, e.g. elements having #ajax.
if (\Drupal::request()->get('cache')) {
if (!empty($_REQUEST['cache'])) {
$form_state['cache'] = TRUE;
}
}
@ -1973,7 +1973,7 @@ function form_test_form_user_register_form_alter(&$form, &$form_state) {
'#submit' => array('form_test_user_register_form_rebuild'),
);
// If requested, add the test field by attaching the node page form.
if (\Drupal::request()->request->has('field')) {
if (!empty($_REQUEST['field'])) {
$node = entity_create('node', array(
'type' => 'page',
));

2
core/modules/system/tests/modules/menu_test/menu_test.module
View File

@ -11,7 +11,7 @@ use Drupal\menu_link\Entity\MenuLink;
* Implements hook_menu().
*/
function menu_test_menu() {
// The name of the menu changes during the course of the test. Using a GET.
// The name of the menu changes during the course of the test. Using a $_GET.
$items['menu_name_test'] = array(
'title' => 'Test menu_name router item',
'route_name' => 'menu_test.menu_name_test',

5
core/modules/system/tests/modules/system_test/system_test.module
View File

@ -8,9 +8,8 @@ use Symfony\Component\HttpFoundation\RedirectResponse;
* @deprecated \Drupal\system_test\Controller\SystemTestController::setHeader()
*/
function system_test_set_header() {
$query = \Drupal::request()->query->all();
drupal_add_http_header($query['name'], $query['value']);
return t('The following header was set: %name: %value', array('%name' => $query['name'], '%value' => $query['value']));
drupal_add_http_header($_GET['name'], $_GET['value']);
return t('The following header was set: %name: %value', array('%name' => $_GET['name'], '%value' => $_GET['value']));
}
/**

2
core/modules/taxonomy/lib/Drupal/taxonomy/Form/OverviewTerms.php
View File

@ -170,7 +170,7 @@ class OverviewTerms extends FormBase {
// error. Ensure the form is rebuilt in the same order as the user
// submitted.
if (!empty($form_state['input'])) {
// Get the POST order.
// Get the $_POST order.
$order = array_flip(array_keys($form_state['input']['terms']));
// Update our form with the new order.
$current_page = array_merge($order, $current_page);

3
core/modules/update/update.manager.inc
View File

@ -632,8 +632,7 @@ function _update_manager_check_backends(&$form, $operation) {
* @see update_manager_install_form_submit()
*/
function update_manager_install_form_validate($form, &$form_state) {
$uploaded_file = \Drupal::request()->files->get('files[project_upload]', NULL, TRUE);
if (!($form_state['values']['project_url'] XOR !empty($uploaded_file))) {
if (!($form_state['values']['project_url'] XOR !empty($_FILES['files']['name']['project_upload']))) {
form_set_error('project_url', $form_state, t('You must either provide a URL or upload an archive file to install.'));
}
}

4
core/modules/views/lib/Drupal/views/Controller/ViewAjaxController.php
View File

@ -106,8 +106,8 @@ class ViewAjaxController implements ContainerInjectionInterface {
$request->attributes->set('_system_path', $path);
}
// Add all POST data, because AJAX is always a post and many things,
// such as tablesorts, exposed filters and paging assume GET.
// Add all $_POST data, because AJAX is always a post and many things,
// such as tablesorts, exposed filters and paging assume $_GET.
$request_all = $request->request->all();
$query_all = $request->query->all();
$request->query->replace($request_all + $query_all);

2
core/modules/views/lib/Drupal/views/Plugin/views/HandlerBase.php
View File

@ -446,7 +446,7 @@ abstract class HandlerBase extends PluginBase {
$this->buildExposeForm($form, $form_state);
// When we click the expose button, we add new gadgets to the form but they
// have no data in POST so their defaults get wiped out. This prevents
// have no data in $_POST so their defaults get wiped out. This prevents
// these defaults from getting wiped out. This setting will only be TRUE
// during a 2nd pass rerender.
if (!empty($form_state['force_expose_options'])) {

2
core/modules/views/lib/Drupal/views/Plugin/views/field/FieldPluginBase.php
View File

@ -1484,7 +1484,7 @@ abstract class FieldPluginBase extends HandlerBase {
$tokens['!' . $count] = isset($this->view->args[$count - 1]) ? strip_tags(decode_entities($this->view->args[$count - 1])) : '';
}
// Get flattened set of tokens for any array depth in query parameters.
// Get flattened set of tokens for any array depth in $_GET parameters.
$tokens += $this->getTokenValuesRecursive(\Drupal::request()->query->all());
// Now add replacements for our fields.

2
core/modules/views/lib/Drupal/views/Plugin/views/filter/FilterPluginBase.php
View File

@ -352,7 +352,7 @@ abstract class FilterPluginBase extends HandlerBase {
$this->buildExposedFiltersGroupForm($form, $form_state);
// When we click the expose button, we add new gadgets to the form but they
// have no data in POST so their defaults get wiped out. This prevents
// have no data in $_POST so their defaults get wiped out. This prevents
// these defaults from getting wiped out. This setting will only be TRUE
// during a 2nd pass rerender.
if (!empty($form_state['force_build_group_options'])) {

6
core/modules/views/lib/Drupal/views/ViewExecutable.php
View File

@ -556,7 +556,7 @@ class ViewExecutable {
/**
* Set the exposed filters input to an array. If unset they will be taken
* from \Drupal::request()->query when the time comes.
* from $_GET when the time comes.
*/
public function setExposedInput($filters) {
$this->exposed_input = $filters;
@ -566,8 +566,8 @@ class ViewExecutable {
* Figure out what the exposed input for this view is.
*/
public function getExposedInput() {
// Fill our input either from \Drupal::request()->query or from something
// previously set on the view.
// Fill our input either from $_GET or from something previously set on the
// view.
if (empty($this->exposed_input)) {
$this->exposed_input = \Drupal::request()->query->all();
// unset items that are definitely not our input:

2
core/modules/views/views.module
View File

@ -1099,7 +1099,7 @@ function views_exposed_form($form, &$form_state) {
$form['actions'] = array('#type' => 'actions');
$form['actions']['submit'] = array(
// Prevent from showing up in \Drupal::request()->query.
// Prevent from showing up in $_GET.
'#name' => '',
'#type' => 'submit',
'#value' => t('Apply'),

4
core/modules/views_ui/admin.inc
View File

@ -339,10 +339,10 @@ function views_ui_build_form_path($form_state) {
* #process callback for a button; determines if a button is the form's triggering element.
*
* The Form API has logic to determine the form's triggering element based on
* the data in POST. However, it only checks buttons based on a single #value
* the data in $_POST. However, it only checks buttons based on a single #value
* per button. This function may be added to a button's #process callbacks to
* extend button click detection to support multiple #values per button. If the
* data in POST matches any value in the button's #values array, then the
* data in $_POST matches any value in the button's #values array, then the
* button is detected as having been clicked. This can be used when the value
* (label) of the same logical button may be different based on context (e.g.,
* "Apply" vs. "Apply and continue").

3
core/modules/views_ui/lib/Drupal/views_ui/ViewEditFormController.php
View File

@ -292,6 +292,9 @@ class ViewEditFormController extends ViewFormControllerBase {
if (($display->getPluginId() == 'page') && ($old_path == $destination) && ($old_path != $view->getExecutable()->displayHandlers->get($id)->getOption('path'))) {
$destination = $view->getExecutable()->displayHandlers->get($id)->getOption('path');
$query->remove('destination');
// @todo For whatever reason drupal_goto is still using $_GET.
// @see http://drupal.org/node/1668866
unset($_GET['destination']);
}
}
$form_state['redirect'] = $destination;

2
core/profiles/minimal/minimal.profile
View File

@ -11,5 +11,5 @@
*/
function minimal_form_install_configure_form_alter(&$form, $form_state) {
// Pre-populate the site name with the server name.
$form['site_information']['site_name']['#default_value'] = \Drupal::request()->server->get('SERVER_NAME');
$form['site_information']['site_name']['#default_value'] = $_SERVER['SERVER_NAME'];
}

2
core/profiles/standard/standard.profile
View File

@ -11,5 +11,5 @@
*/
function standard_form_install_configure_form_alter(&$form, $form_state) {
// Pre-populate the site name with the server name.
$form['site_information']['site_name']['#default_value'] = \Drupal::request()->server->get('SERVER_NAME');
$form['site_information']['site_name']['#default_value'] = $_SERVER['SERVER_NAME'];
}

2
core/update.php
View File

@ -221,7 +221,7 @@ function update_info_page() {
*/
function update_access_denied_page() {
drupal_add_http_header('Status', '403 Forbidden');
header(\Drupal::request()->server->get('SERVER_PROTOCOL') . ' 403 Forbidden');
header($_SERVER['SERVER_PROTOCOL'] . ' 403 Forbidden');
watchdog('access denied', 'update.php', NULL, WATCHDOG_WARNING);
drupal_set_title('Access denied');
return '<p>Access denied. You are not authorized to access this page. Log in using either an account with the <em>administer software updates</em> permission or the site maintenance account (the account you created during installation). If you cannot log in, you will have to edit <code>settings.php</code> to bypass this access check. To do this:</p>