? 1 ? HEAD.png ? _menu_link_translate.png ? attributes.patch ? bottle.patch ? check_plain.patch ? damz.patch ? damz.png ? drupal.schema-versions.patch ? drupal_function_exists.patch ? empty.patch ? head.png ? hook_page_not_found.patch ? ie6diediedieyoufucker.patch ? implode.png ? option1.png ? option2.png ? patch.png ? path_lookup.patch ? preg_grep.patch ? preg_grep.png ? preg_schema.patch ? remove_access.patch ? schema_versions.patch ? search_index_content_5.patch ? system_admin_menu_block.patch ? system_admin_menu_block.patch.1 ? t.patch ? t.png ? t_head.png ? t_patch.png ? theme.patch ? url.patch ? sites/default/files ? sites/default/settings.php Index: includes/bootstrap.inc =================================================================== RCS file: /cvs/drupal/drupal/includes/bootstrap.inc,v retrieving revision 1.289 diff -u -p -r1.289 bootstrap.inc --- includes/bootstrap.inc 14 Jul 2009 10:22:15 -0000 1.289 +++ includes/bootstrap.inc 18 Jul 2009 22:26:37 -0000 @@ -1024,11 +1024,21 @@ function drupal_unpack($obj, $field = 'd /** * Encode special characters in a plain-text string for display as HTML. * - * Uses drupal_validate_utf8 to prevent cross site scripting attacks on - * Internet Explorer 6. + * check_plain() also validates strings as UTF-8 to prevent cross site scripting + * attacks on Internet Explorer 6. We duplicate the preg_match() from + * drupal_validate_utf8() here rather than calling the function to avoid + * the overhead of an additional function call, since check_plain() may be + * called hundreds of times during a request. + * + * @param $text + * The text to be checked or processed. + * @return + * An HTML safe version of $text, or an empty string if $text is not + * valid UTF-8. + * @see drupal_validate_utf8(). */ function check_plain($text) { - return drupal_validate_utf8($text) ? htmlspecialchars($text, ENT_QUOTES) : ''; + return (preg_match('/^./us', $text) == 1) ? htmlspecialchars($text, ENT_QUOTES) : ''; } /** @@ -1055,9 +1065,6 @@ function check_plain($text) { * TRUE if the text is valid UTF-8, FALSE if not. */ function drupal_validate_utf8($text) { - if (strlen($text) == 0) { - return TRUE; - } // With the PCRE_UTF8 modifier 'u', preg_match() fails silently on strings // containing invalid UTF-8 byte sequences. It does not reject character // codes above U+10FFFF (represented by 4 or more octets), though. @@ -1663,8 +1670,13 @@ function drupal_get_schema($table = NULL */ function drupal_function_exists($function) { static $checked = array(); + static $maintenance; + + if (!isset($maintenance)) { + $maintenance = defined('MAINTENANCE_MODE'); + } - if (defined('MAINTENANCE_MODE')) { + if ($maintenance) { return function_exists($function); } Index: includes/common.inc =================================================================== RCS file: /cvs/drupal/drupal/includes/common.inc,v retrieving revision 1.935 diff -u -p -r1.935 common.inc --- includes/common.inc 15 Jul 2009 17:40:17 -0000 1.935 +++ includes/common.inc 18 Jul 2009 22:26:40 -0000 @@ -1138,7 +1138,7 @@ function fix_gpc_magic() { */ function t($string, array $args = array(), array $options = array()) { global $language; - $custom_strings = &drupal_static(__FUNCTION__); + static $custom_strings; // Merge in default. if (empty($options['langcode'])) { @@ -1163,7 +1163,7 @@ function t($string, array $args = array( // We don't use drupal_function_exists() here, because it breaks the testing // framework if the locale module is enabled in the parent site (we cannot // unload functions in PHP). - elseif (module_exists('locale') && $options['langcode'] != 'en') { + elseif (function_exists('locale') && $options['langcode'] != 'en') { $string = locale($string, $options['context'], $options['langcode']); } if (empty($args)) { @@ -1345,8 +1345,11 @@ function filter_xss_admin($string) { */ function filter_xss($string, $allowed_tags = array('a', 'em', 'strong', 'cite', 'blockquote', 'code', 'ul', 'ol', 'li', 'dl', 'dt', 'dd')) { // Only operate on valid UTF-8 strings. This is necessary to prevent cross - // site scripting issues on Internet Explorer 6. - if (!drupal_validate_utf8($string)) { + // site scripting issues on Internet Explorer 6. We duplicate the preg_match + // from drupal_validate_utf8() to avoid the overhead of an additional + // function call. + // @see drupal_validate_utf8(). + if (!preg_match('/^./us', $string) == 1) { return ''; } // Store the text format @@ -2014,6 +2017,10 @@ function _format_date_callback(array $ma * alternative than url(). */ function url($path = NULL, array $options = array()) { + global $base_url; + static $script; + static $locale; + static $custom_url_rewrite; // Merge in defaults. $options += array( 'fragment' => '', @@ -2031,7 +2038,10 @@ function url($path = NULL, array $option } // May need language dependent rewriting if language.inc is present. - if (function_exists('language_url_rewrite')) { + if (!isset($locale)) { + $locale = function_exists('language_url_rewrite'); + } + if ($locale) { language_url_rewrite($path, $options); } if ($options['fragment']) { @@ -2057,9 +2067,6 @@ function url($path = NULL, array $option return $path . $options['fragment']; } - global $base_url; - $script = &drupal_static(__FUNCTION__); - if (!isset($script)) { // On some web servers, such as IIS, we can't omit "index.php". So, we // generate "index.php?q=foo" instead of "?q=foo" on anything that is not @@ -2083,16 +2090,23 @@ function url($path = NULL, array $option $path = drupal_get_path_alias($path, isset($options['language']) ? $options['language']->language : ''); } - if (function_exists('custom_url_rewrite_outbound')) { + if (!isset($custom_url_rewrite)) { + $custom_url_rewrite = function_exists('custom_url_rewrite_outbound'); + } + + if ($custom_url_rewrite) { // Modules may alter outbound links by reference. custom_url_rewrite_outbound($path, $options, $original_path); } - $base = $options['absolute'] ? $options['base_url'] . '/' : base_path(); + $base = $options['absolute'] ? $options['base_url'] . '/' : $GLOBALS['base_path']; $prefix = empty($path) ? rtrim($options['prefix'], '/') : $options['prefix']; $path = drupal_encode_path($prefix . $path); - if (variable_get('clean_url', '0')) { + // Check clean_url directly instead of using variable_get() to avoid the + // overhead of an additional function call, since url() may be called + // hundreds of times during a request. + if (!empty($GLOBALS['conf']['clean_url'])) { // With Clean URLs. if ($options['query']) { return $base . $path . '?' . $options['query'] . $options['fragment']; Index: includes/path.inc =================================================================== RCS file: /cvs/drupal/drupal/includes/path.inc,v retrieving revision 1.41 diff -u -p -r1.41 path.inc --- includes/path.inc 14 Jul 2009 10:22:17 -0000 1.41 +++ includes/path.inc 18 Jul 2009 22:26:42 -0000 @@ -47,11 +47,15 @@ function drupal_lookup_path($action, $pa global $language; // $map is an array with language keys, holding arrays of Drupal paths to alias relations $map = &drupal_static(__FUNCTION__, array()); - $no_src = &drupal_static(__FUNCTION__ . ':no_src', array()); - $whitelist = &drupal_static(__FUNCTION__ . ':whitelist'); $system_paths = &drupal_static(__FUNCTION__ . ':system_paths'); - $no_aliases = &drupal_static(__FUNCTION__ . ':no_alias', array()); - $first_call = &drupal_static(__FUNCTION__ . ':first_call', TRUE); + + // The following variables do no use drupal_static() for performance reasons + // since they do not need to be reset or used by other functions during the + // request. + static $whitelist; + static $no_src = array(); + static $no_aliases = array(); + static $first_call = TRUE; // Retrieve the path alias whitelist. if (!isset($whitelist)) { Index: includes/theme.inc =================================================================== RCS file: /cvs/drupal/drupal/includes/theme.inc,v retrieving revision 1.499 diff -u -p -r1.499 theme.inc --- includes/theme.inc 15 Jul 2009 17:40:17 -0000 1.499 +++ includes/theme.inc 18 Jul 2009 22:26:43 -0000 @@ -723,7 +723,7 @@ function theme() { } if (isset($info['function'])) { // The theme call is a function. - if (drupal_function_exists($info['function'])) { + if (function_exists($info['function']) || drupal_function_exists($info['function'])) { // If a theme function that does not expect a renderable array is called // with a renderable array as the only argument (via drupal_render), then // we take the arguments from the properties of the renderable array. If @@ -777,7 +777,7 @@ function theme() { // Template functions in two phases. foreach (array('preprocess functions', 'process functions') as $template_phase) { foreach ($info[$template_phase] as $template_function) { - if (drupal_function_exists($template_function)) { + if (function_exists($template_function) || drupal_function_exists($template_function)) { call_user_func_array($template_function, $args); } }