diff --git a/ctools.install b/ctools.install
index 4a6f55c..6782d6d 100644
--- a/ctools.install
+++ b/ctools.install
@@ -31,6 +31,13 @@ function ctools_requirements($phase) {
$requirements['ctools_php_52']['severity'] = REQUIREMENT_WARNING;
$requirements['ctools_php_52']['value'] = t('PHP !version', array('!version' => phpversion()));
}
+
+ if (!module_exists('php')) {
+ $requirements['ctools_import_php']['title'] = t('CTools object import');
+ $requirements['ctools_import_php']['description'] = t('Due to security issues, to manually import any exported CTools objects the PHP module must be enabled and the "Use PHP for settings" permission must be given to any role that needs this ability.');
+ $requirements['ctools_import_php']['severity'] = REQUIREMENT_WARNING;
+ $requirements['ctools_import_php']['value'] = t('Manual import disabled');
+ }
}
return $requirements;
diff --git a/page_manager/page_manager.admin.inc b/page_manager/page_manager.admin.inc
index 1fce8fb..175589d 100644
--- a/page_manager/page_manager.admin.inc
+++ b/page_manager/page_manager.admin.inc
@@ -572,7 +572,7 @@ function page_manager_get_operations($page, $operations = NULL) {
);
// Restrict variant import to users who can already execute arbitrary PHP
- if (user_access('use PHP for settings')) {
+ if (module_exists('php') && user_access('use PHP for settings')) {
$result['actions']['children']['import'] = array(
'title' => t('Import variant'),
'description' => t('Add a new variant to this page from code exported from another page.'),
@@ -1435,7 +1435,7 @@ function page_manager_handler_import($form, &$form_state) {
'#description' => t('Enter the name of the new variant.'),
);
- if (user_access('use PHP for settings')) {
+ if (module_exists('php') && user_access('use PHP for settings')) {
$form['object'] = array(
'#type' => 'textarea',
'#title' => t('Paste variant code here'),
@@ -1457,7 +1457,7 @@ function page_manager_handler_import($form, &$form_state) {
* Make sure that an import actually provides a handler.
*/
function page_manager_handler_import_validate($form, &$form_state) {
- if (!user_access('use PHP for settings')) {
+ if (!module_exists('php') && user_access('use PHP for settings')) {
form_error($form['shoveoff'], t('You account permissions do not permit you to import.'));
return;
}
diff --git a/plugins/access/php.inc b/plugins/access/php.inc
index 35da86d..3701651 100644
--- a/plugins/access/php.inc
+++ b/plugins/access/php.inc
@@ -40,7 +40,7 @@ function ctools_php_ctools_access_settings($form, &$form_state, $conf) {
'#default_value' => $conf['php'],
'#description' => t('Access will be granted if the following PHP code returns TRUE. Do not include <?php ?>. Note that executing incorrect PHP-code can break your Drupal site. All contexts will be available in the $contexts variable.'),
);
- if (!user_access('use PHP for settings')) {
+ if (!module_exists('php') && user_access('use PHP for settings')) {
$form['settings']['php']['#disabled'] = TRUE;
$form['settings']['php']['#value'] = $conf['php'];
$form['settings']['php']['#description'] .= ' ' . t('You do not have sufficient permissions to edit PHP code.');
diff --git a/plugins/export_ui/ctools_export_ui.class.php b/plugins/export_ui/ctools_export_ui.class.php
index 04d4cba..963a1cb 100644
--- a/plugins/export_ui/ctools_export_ui.class.php
+++ b/plugins/export_ui/ctools_export_ui.class.php
@@ -121,7 +121,7 @@ class ctools_export_ui {
switch ($op) {
case 'import':
- return user_access('use PHP for settings');
+ return module_exists('php') && user_access('use PHP for settings');
case 'revert':
return ($item->export_type & EXPORT_IN_DATABASE) && ($item->export_type & EXPORT_IN_CODE);
case 'delete':