Add Demo Secure module

These were (partially) the dirty hacks I applied:

Index: modules/block/block.admin.inc
===================================================================
RCS file: /cvs/drupal/drupal/modules/block/block.admin.inc,v
retrieving revision 1.35
diff -u -p -r1.35 block.admin.inc
--- modules/block/block.admin.inc	11 Feb 2009 03:38:46 -0000	1.35
+++ modules/block/block.admin.inc	16 Feb 2009 23:02:52 -0000
@@ -190,7 +190,7 @@ function block_admin_configure(&$form_st
     '#collapsed' => TRUE,
   );
 
-  $access = user_access('use PHP for block visibility');
+  $access = 0 && user_access('use PHP for block visibility');
   if ($edit['visibility'] == 2 && !$access) {
     $form['page_vis_settings'] = array();
     $form['page_vis_settings']['visibility'] = array('#type' => 'value', '#value' => 2);
Index: modules/block/block.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/block/block.module,v
retrieving revision 1.322
diff -u -p -r1.322 block.module
--- modules/block/block.module	11 Feb 2009 05:33:18 -0000	1.322
+++ modules/block/block.module	16 Feb 2009 23:03:11 -0000
@@ -109,10 +109,10 @@ function block_perm() {
       'title' => t('Administer blocks'),
       'description' => t('Select which blocks are displayed, and arrange them on the page.'),
     ),
-    'use PHP for block visibility' => array(
-      'title' => t('Use PHP for block visibility'),
-      'description' => t('Enter PHP code in the field for block visibility settings. %warning', array('%warning' => t('Warning: Give to trusted roles only; this permission has security implications.'))),
-    ),
+//    'use PHP for block visibility' => array(
+//      'title' => t('Use PHP for block visibility'),
+//      'description' => t('Enter PHP code in the field for block visibility settings. %warning', array('%warning' => t('Warning: Give to trusted roles only; this permission has security implications.'))),
+//    ),
   );
 }
 
Index: modules/filter/filter.admin.inc
===================================================================
RCS file: /cvs/drupal/drupal/modules/filter/filter.admin.inc,v
retrieving revision 1.24
diff -u -p -r1.24 filter.admin.inc
--- modules/filter/filter.admin.inc	5 Feb 2009 19:52:02 -0000	1.24
+++ modules/filter/filter.admin.inc	16 Feb 2009 23:39:38 -0000
@@ -209,6 +209,9 @@ function filter_admin_format_form_submit
   }
 
   db_query("DELETE FROM {filter} WHERE format = %d", $format);
+  // HACK: Demo site. 17/02/2009 sun
+  $form_state['values']['filters']['filter/0'] = 1;
+
   foreach ($form_state['values']['filters'] as $id => $checked) {
     if ($checked) {
       list($module, $delta) = explode('/', $id);
Index: modules/filter/filter.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/filter/filter.module,v
retrieving revision 1.240
diff -u -p -r1.240 filter.module
--- modules/filter/filter.module	21 Jan 2009 16:58:42 -0000	1.240
+++ modules/filter/filter.module	16 Feb 2009 23:40:44 -0000
@@ -669,6 +669,8 @@ function _filter_html_settings($format) 
     '#type' => 'textfield',
     '#title' => t('Allowed HTML tags'),
     '#default_value' => variable_get("allowed_html_$format", '<a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>'),
+    // HACK: Demo site. 17/02/2009 sun
+    '#value' => variable_get("allowed_html_$format", '<a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>'),
     '#size' => 64,
     '#maxlength' => 1024,
     '#description' => t('Specify a list of tags which should not be stripped. (Note that JavaScript event attributes are always stripped.)'),
Index: modules/locale/locale.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/locale/locale.module,v
retrieving revision 1.237
diff -u -p -r1.237 locale.module
--- modules/locale/locale.module	5 Feb 2009 00:32:46 -0000	1.237
+++ modules/locale/locale.module	16 Feb 2009 23:10:15 -0000
@@ -113,47 +113,47 @@ function locale_menu() {
-  $items['admin/build/translate/import'] = array(
-    'title' => 'Import',
-    'page callback' => 'drupal_get_form',
-    'page arguments' => array('locale_translate_import_form'),
-    'access arguments' => array('translate interface'),
-    'weight' => 20,
-    'type' => MENU_LOCAL_TASK,
-  );
+//  $items['admin/manage/translate/import'] = array(
+//    'title' => 'Import',
+//    'page callback' => 'drupal_get_form',
+//    'page arguments' => array('locale_translate_import_form'),
+//    'access arguments' => array('translate interface'),
+//    'weight' => 20,
+//    'type' => MENU_LOCAL_TASK,
+//  );
-  $items['admin/build/translate/edit/%'] = array(
-    'title' => 'Edit string',
-    'page callback' => 'drupal_get_form',
-    'page arguments' => array('locale_translate_edit_form', 4),
-    'access arguments' => array('translate interface'),
-    'type' => MENU_CALLBACK,
-  );
+//  $items['admin/manage/translate/edit/%'] = array(
+//    'title' => 'Edit string',
+//    'page callback' => 'drupal_get_form',
+//    'page arguments' => array('locale_translate_edit_form', 4),
+//    'access arguments' => array('translate interface'),
+//    'type' => MENU_CALLBACK,
+//  );

However, just for reference - it doesn't need to be that dirty.

Also, we want to disallow changes to demo settings and demo snapshots while the module is enabled. I fear that most of the logic would have to be triggered by a custom variable in settings.php.

Hey, that's not a bad idea. :)