diff --git a/core/includes/ajax.inc b/core/includes/ajax.inc
index 3f2389f57e9591de612230c2f74359a01f7ccd5c..7ef88c2c73cfc3e38e23202165b177ca1431ac52 100644
--- a/core/includes/ajax.inc
+++ b/core/includes/ajax.inc
@@ -241,7 +241,7 @@ function ajax_render($commands = array()) {
// since the base page ought to have at least one JS file and one CSS file
// loaded. It probably indicates an error, and rather than making the page
// reload all of the files, instead we return no new files.
- if (empty($_POST['ajax_page_state'][$type])) {
+ if (!\Drupal::request()->request->get("ajax_page_state[$type]", NULL, TRUE)) {
$items[$type] = array();
}
else {
diff --git a/core/includes/bootstrap.inc b/core/includes/bootstrap.inc
index e13f54e08badc555211f13ead75a04b42326fbaa..086f0251cb45b756eb20e0bad367c358714a383d 100644
--- a/core/includes/bootstrap.inc
+++ b/core/includes/bootstrap.inc
@@ -457,25 +457,28 @@ function config_get_config_directory($type = CONFIG_ACTIVE_DIRECTORY) {
* 'REMOTE_ADDR' key.
*
* @param $variables
- * (optional) An associative array of variables within $_SERVER that should
- * be replaced. If the special element 'url' is provided in this array, it
- * will be used to populate some of the server defaults; it should be set to
- * the URL of the current page request, excluding any $_GET request but
- * including the script name (e.g., http://www.example.com/mysite/index.php).
+ * (optional) An associative array of variables within
+ * \Drupal::request()->server that should be replaced. If the special element
+ * 'url' is provided in this array, it will be used to populate some of the
+ * server defaults; it should be set to the URL of the current page request,
+ * excluding any GET request but including the script name
+ * (e.g., http://www.example.com/mysite/index.php).
*
* @see conf_path()
* @see request_uri()
* @see \Symfony\Component\HttpFoundation\Request::getClientIP()
*/
function drupal_override_server_variables($variables = array()) {
+ $request = \Drupal::request();
+ $server_vars = $request->server->all();
// Allow the provided URL to override any existing values in $_SERVER.
if (isset($variables['url'])) {
$url = parse_url($variables['url']);
if (isset($url['host'])) {
- $_SERVER['HTTP_HOST'] = $url['host'];
+ $server_vars['HTTP_HOST'] = $url['host'];
}
if (isset($url['path'])) {
- $_SERVER['SCRIPT_NAME'] = $url['path'];
+ $server_vars['SCRIPT_NAME'] = $url['path'];
}
unset($variables['url']);
}
@@ -492,7 +495,10 @@ function drupal_override_server_variables($variables = array()) {
'HTTP_USER_AGENT' => NULL,
);
// Replace elements of the $_SERVER array, as appropriate.
- $_SERVER = $variables + $_SERVER + $defaults;
+ $request->server->replace($variables + $server_vars + $defaults);
+
+ // @todo remove once conf_path() no longer uses $_SERVER.
+ $_SERVER = $request->server->all();
}
/**
diff --git a/core/includes/common.inc b/core/includes/common.inc
index 09bae8a31fcfe0425f1aad9c634600acbee5a710..12ccffd8b636fbd46178d95301293fdaacbeaeb7 100644
--- a/core/includes/common.inc
+++ b/core/includes/common.inc
@@ -411,7 +411,8 @@ function drupal_get_feeds($delimiter = "\n") {
* Processes a URL query parameter array to remove unwanted elements.
*
* @param $query
- * (optional) An array to be processed. Defaults to $_GET.
+ * (optional) An array to be processed. Defaults to \Drupal::request()->query
+ * parameters.
* @param $exclude
* (optional) A list of $query array keys to remove. Use "parent[child]" to
* exclude nested items.
@@ -490,7 +491,7 @@ function drupal_get_destination() {
* The returned array contains a 'path' that may be passed separately to url().
* For example:
* @code
- * $options = drupal_parse_url($_GET['destination']);
+ * $options = drupal_parse_url(\Drupal::request()->query->get('destination'));
* $my_url = url($options['path'], $options);
* $my_link = l('Example link', $options['path'], $options);
* @endcode
@@ -501,7 +502,7 @@ function drupal_get_destination() {
* $options['query'] and the fragment into $options['fragment'].
*
* @param $url
- * The URL string to parse, f.e. $_GET['destination'].
+ * The URL string to parse.
*
* @return
* An associative array containing the keys:
@@ -1886,6 +1887,7 @@ function drupal_html_id($id) {
// take into account IDs that are already in use on the base page.
$seen_ids_init = &drupal_static(__FUNCTION__ . ':init');
if (!isset($seen_ids_init)) {
+ $ajax_html_ids = \Drupal::request()->request->get('ajax_html_ids');
// Ideally, Drupal would provide an API to persist state information about
// prior page requests in the database, and we'd be able to add this
// function's $seen_ids static variable to that state information in order
@@ -1895,7 +1897,7 @@ function drupal_html_id($id) {
// normally not recommended as it could open up security risks, but because
// the raw POST data is cast to a number before being returned by this
// function, this usage is safe.
- if (empty($_POST['ajax_html_ids'])) {
+ if (empty($ajax_html_ids)) {
$seen_ids_init = array();
}
else {
@@ -1904,7 +1906,7 @@ function drupal_html_id($id) {
// requested id. $_POST['ajax_html_ids'] contains the ids as they were
// returned by this function, potentially with the appended counter, so
// we parse that to reconstruct the $seen_ids array.
- $ajax_html_ids = explode(' ', $_POST['ajax_html_ids']);
+ $ajax_html_ids = explode(' ', $ajax_html_ids);
foreach ($ajax_html_ids as $seen_id) {
// We rely on '--' being used solely for separating a base id from the
// counter, which this function ensures when returning an id.
diff --git a/core/includes/form.inc b/core/includes/form.inc
index 66734457f3cc3c5c97aa3aba08467b9150cc84d1..87f8edfc66b0ae1d99dfdedecd382978053de27e 100644
--- a/core/includes/form.inc
+++ b/core/includes/form.inc
@@ -495,7 +495,8 @@ function form_type_checkboxes_value($element, $input = FALSE) {
// NULL elements from the array before constructing the return value, to
// simulate the behavior of web browsers (which do not send unchecked
// checkboxes to the server at all). This will not affect non-programmatic
- // form submissions, since all values in $_POST are strings.
+ // form submissions, since all values in \Drupal::request()->request are
+ // strings.
foreach ($input as $key => $value) {
if (!isset($value)) {
unset($input[$key]);
diff --git a/core/includes/install.core.inc b/core/includes/install.core.inc
index 68fd17e384e5f6c4b5b18b2c40a7f19ac7fe1897..407ad780d647ce2f5c5a30aea52f425a31cebcb6 100644
--- a/core/includes/install.core.inc
+++ b/core/includes/install.core.inc
@@ -253,9 +253,19 @@ function install_state_defaults() {
* modified with information gleaned from the beginning of the page request.
*/
function install_begin_request(&$install_state) {
+ // A request object from the HTTPFoundation to tell us about the request.
+ $request = Request::createFromGlobals();
+
+ // Create a minimal container so that t() and $request will work. This
+ // container will be overriden but it's needed for the very early installation
+ // process when database tasks run.
+ $container = new ContainerBuilder();
+ $container->set('request', $request);
+ \Drupal::setContainer($container);
+
// Add any installation parameters passed in via the URL.
if ($install_state['interactive']) {
- $install_state['parameters'] += $_GET;
+ $install_state['parameters'] += $request->query->all();
}
// Validate certain core settings that are used throughout the installation.
@@ -288,13 +298,10 @@ function install_begin_request(&$install_state) {
// _drupal_load_test_overrides() sets the simpletest_conf_path in-memory
// setting in this case.
if ($install_state['interactive'] && drupal_valid_test_ua() && !settings()->get('simpletest_conf_path')) {
- header($_SERVER['SERVER_PROTOCOL'] . ' 403 Forbidden');
+ header($request->server->get('SERVER_PROTOCOL') . ' 403 Forbidden');
exit;
}
- // A request object from the HTTPFoundation to tell us about the request.
- $request = Request::createFromGlobals();
-
// If we have a language selected and it is not yet saved in the system
// (eg. pre-database data screens we are unable to persistently store
// the default language), we should set language_default so the proper
@@ -324,10 +331,6 @@ function install_begin_request(&$install_state) {
// Determine whether the configuration system is ready to operate.
$install_state['config_verified'] = install_verify_config_directory(CONFIG_ACTIVE_DIRECTORY) && install_verify_config_directory(CONFIG_STAGING_DIRECTORY);
- // Create a minimal container for t() to work.
- // This container will be overriden but it needed for the very early
- // installation process when database tasks run.
- $container = new ContainerBuilder();
// Register the translation services.
install_register_translation_service($container);
\Drupal::setContainer($container);
@@ -1355,7 +1358,7 @@ function install_select_profile(&$install_state) {
*
* A profile will be selected if:
* - Only one profile is available,
- * - A profile was submitted through $_POST,
+ * - A profile was submitted through \Drupal::request()->request,
* - Exactly one of the profiles is marked as "exclusive".
* If multiple profiles are marked as "exclusive" then no profile will be
* selected.
@@ -1369,12 +1372,13 @@ function install_select_profile(&$install_state) {
*/
function _install_select_profile($profiles) {
// Don't need to choose profile if only one available.
+ $request_params = \Drupal::request()->request;
if (count($profiles) == 1) {
$profile = array_pop($profiles);
return $profile->name;
}
- elseif (!empty($_POST['profile']) && isset($profiles[$_POST['profile']])) {
- return $profiles[$_POST['profile']]->name;
+ elseif ($request_params->has('profile') && ($profile = $request_params->get('profile')) && isset($profiles[$profile])) {
+ return $profiles[$profile]->name;
}
// Check for a profile marked as "exclusive" and ensure that only one
// profile is marked as such.
@@ -1555,6 +1559,7 @@ function install_select_language(&$install_state) {
// Find all available translation files.
$files = install_find_translations();
$install_state['translations'] += $files;
+ $request_params = \Drupal::request()->request;
// If a valid language code is set, continue with the next installation step.
// When translations from the localization server are used, any language code
@@ -1562,9 +1567,9 @@ function install_select_language(&$install_state) {
// langauges available at http://localize.drupal.org.
// When files from the translation directory are used, we only accept
// languages for which a file is available.
- if (!empty($_POST['langcode'])) {
+ if ($request_params->has('langcode')) {
$standard_languages = LanguageManager::getStandardLanguageList();
- $langcode = $_POST['langcode'];
+ $langcode = $request_params->get('langcode');
if ($langcode == 'en' || isset($files[$langcode]) || isset($standard_languages[$langcode])) {
$install_state['parameters']['langcode'] = $langcode;
return;
@@ -2106,7 +2111,8 @@ function install_configure_form($form, &$form_state, &$install_state) {
// especially out of place on the last page of the installer, where it would
// distract from the message that the Drupal installation has completed
// successfully.)
- if (empty($_POST) && (!drupal_verify_install_file(DRUPAL_ROOT . '/' . $settings_file, FILE_EXIST|FILE_READABLE|FILE_NOT_WRITABLE) || !drupal_verify_install_file(DRUPAL_ROOT . '/' . $settings_dir, FILE_NOT_WRITABLE, 'dir'))) {
+ $post_params = \Drupal::request()->request->all();
+ if (empty($post_params) && (!drupal_verify_install_file(DRUPAL_ROOT . '/' . $settings_file, FILE_EXIST|FILE_READABLE|FILE_NOT_WRITABLE) || !drupal_verify_install_file(DRUPAL_ROOT . '/' . $settings_dir, FILE_NOT_WRITABLE, 'dir'))) {
drupal_set_message(t('All necessary changes to %dir and %file have been made, so you should remove write permissions to them now in order to avoid security risks. If you are unsure how to do so, consult the online handbook.', array('%dir' => $settings_dir, '%file' => $settings_file, '@handbook_url' => 'http://drupal.org/server-permissions')), 'warning');
}
diff --git a/core/includes/language.inc b/core/includes/language.inc
index 07cc38354215dea8c51b95ca26391362f47760e4..618e3a700280096121d910a9af71126b0904375b 100644
--- a/core/includes/language.inc
+++ b/core/includes/language.inc
@@ -100,7 +100,8 @@
* $langcode = language_from_url($languages);
*
* // If we are on an administrative path, override with the default language.
- * if (isset($_GET['q']) && strtok($_GET['q'], '/') == 'admin') {
+ * $query = \Drupal::request()->query;
+ * if ($query->has('q') && strtok($query->get('q'), '/') == 'admin') {
* return language_default()->id;
* }
* return $langcode;
diff --git a/core/includes/mail.inc b/core/includes/mail.inc
index cb5af1a1c6ccc9ad2ef8b9573901917a6e204112..dfa3f1d820fe51ae22548f7ebab6f35f2b567b63 100644
--- a/core/includes/mail.inc
+++ b/core/includes/mail.inc
@@ -5,13 +5,6 @@
* API functions for processing and sending e-mail.
*/
-/**
- * Auto-detect appropriate line endings for e-mails.
- *
- * $settings['mail_line_endings'] will override this setting.
- */
-define('MAIL_LINE_ENDINGS', isset($_SERVER['WINDIR']) || strpos($_SERVER['SERVER_SOFTWARE'], 'Win32') !== FALSE ? "\r\n" : "\n");
-
/**
* Composes and optionally sends an e-mail message.
*
@@ -431,7 +424,7 @@ function drupal_html_to_text($string, $allowed_tags = NULL) {
if (isset($casing)) {
$chunk = $casing($chunk);
}
- $line_endings = settings()->get('mail_line_endings', MAIL_LINE_ENDINGS);
+ $line_endings = settings()->get('mail_line_endings', PHP_EOL);
// Format it and apply the current indentation.
$output .= drupal_wrap_mail($chunk, implode('', $indent)) . $line_endings;
// Remove non-quotation markers from indentation.
diff --git a/core/includes/pager.inc b/core/includes/pager.inc
index ba7f65b27e169d22e79b8d10363ec37ddfa095d4..987468973863389636f7f65b9588ed78fa2004b0 100644
--- a/core/includes/pager.inc
+++ b/core/includes/pager.inc
@@ -16,13 +16,13 @@
*
* @return
* The number of the current requested page, within the pager represented by
- * $element. This is determined from the URL query parameter $_GET['page'], or
- * 0 by default. Note that this number may differ from the actual page being
- * displayed. For example, if a search for "example text" brings up three
- * pages of results, but a users visits search/node/example+text?page=10, this
- * function will return 10, even though the default pager implementation
- * adjusts for this and still displays the third page of search results at
- * that URL.
+ * $element. This is determined from the URL query parameter
+ * \Drupal::request()->query->get('page'), or 0 by default. Note that this
+ * number may differ from the actual page being displayed. For example, if a
+ * search for "example text" brings up three pages of results, but a users
+ * visits search/node/example+text?page=10, this function will return 10, even
+ * though the default pager implementation adjusts for this and still displays
+ * the third page of search results at that URL.
*
* @see pager_default_initialize()
*/
@@ -109,10 +109,11 @@ function pager_find_page($element = 0) {
*
* @return
* The number of the current page, within the pager represented by $element.
- * This is determined from the URL query parameter $_GET['page'], or 0 by
- * default. However, if a page that does not correspond to the actual range
- * of the result set was requested, this function will return the closest
- * page actually within the result set.
+ * This is determined from the URL query parameter
+ * \Drupal::request()->query->get('page), or 0 by default. However, if a page
+ * that does not correspond to the actual range of the result set was
+ * requested, this function will return the closest page actually within the
+ * result set.
*/
function pager_default_initialize($total, $limit, $element = 0) {
global $pager_page_array, $pager_total, $pager_total_items, $pager_limits;
diff --git a/core/includes/session.inc b/core/includes/session.inc
index 4cc81397e42a8835c9168db24d00687203654065..5ffbb8ded8dff28338416ccac8f22cdfa3cac97e 100644
--- a/core/includes/session.inc
+++ b/core/includes/session.inc
@@ -83,7 +83,8 @@ function _drupal_session_read($sid) {
// Handle the case of first time visitors and clients that don't store
// cookies (eg. web crawlers).
$insecure_session_name = substr(session_name(), 1);
- if (!isset($_COOKIE[session_name()]) && !isset($_COOKIE[$insecure_session_name])) {
+ $cookies = \Drupal::request()->cookies;
+ if (!$cookies->has(session_name()) && !$cookies->has($insecure_session_name)) {
$user = new UserSession();
return '';
}
@@ -95,9 +96,9 @@ function _drupal_session_read($sid) {
if (\Drupal::request()->isSecure()) {
$values = db_query("SELECT u.*, s.* FROM {users} u INNER JOIN {sessions} s ON u.uid = s.uid WHERE s.ssid = :ssid", array(':ssid' => $sid))->fetchAssoc();
if (!$values) {
- if (isset($_COOKIE[$insecure_session_name])) {
+ if ($cookies->has($insecure_session_name)) {
$values = db_query("SELECT u.*, s.* FROM {users} u INNER JOIN {sessions} s ON u.uid = s.uid WHERE s.sid = :sid AND s.uid = 0", array(
- ':sid' => $_COOKIE[$insecure_session_name]))
+ ':sid' => $cookies->get($insecure_session_name)))
->fetchAssoc();
}
}
@@ -188,13 +189,14 @@ function _drupal_session_write($sid, $value) {
// On HTTPS connections, use the session ID as both 'sid' and 'ssid'.
if (\Drupal::request()->isSecure()) {
$key['ssid'] = $sid;
+ $cookies = \Drupal::request()->cookies;
// The "secure pages" setting allows a site to simultaneously use both
// secure and insecure session cookies. If enabled and both cookies are
// presented then use both keys.
if (settings()->get('mixed_mode_sessions', FALSE)) {
$insecure_session_name = substr(session_name(), 1);
- if (isset($_COOKIE[$insecure_session_name])) {
- $key['sid'] = $_COOKIE[$insecure_session_name];
+ if ($cookies->has($insecure_session_name)) {
+ $key['sid'] = $cookies->get($insecure_session_name);
}
}
}
@@ -241,9 +243,8 @@ function drupal_session_initialize() {
session_set_save_handler('_drupal_session_open', '_drupal_session_close', '_drupal_session_read', '_drupal_session_write', '_drupal_session_destroy', '_drupal_session_garbage_collection');
$is_https = \Drupal::request()->isSecure();
- // We use !empty() in the following check to ensure that blank session IDs
- // are not valid.
- if (!empty($_COOKIE[session_name()]) || ($is_https && settings()->get('mixed_mode_sessions', FALSE) && !empty($_COOKIE[substr(session_name(), 1)]))) {
+ $cookies = \Drupal::request()->cookies;
+ if (($cookies->has(session_name()) && ($session_name = $cookies->get(session_name()))) || ($is_https && settings()->get('mixed_mode_sessions', FALSE) && ($cookies->has(substr(session_name(), 1))) && ($session_name = $cookies->get(substr(session_name(), 1))))) {
// If a session cookie exists, initialize the session. Otherwise the
// session is only started on demand in drupal_session_commit(), making
// anonymous users not use a session cookie unless something is stored in
@@ -267,7 +268,7 @@ function drupal_session_initialize() {
if ($is_https && settings()->get('mixed_mode_sessions', FALSE)) {
$insecure_session_name = substr(session_name(), 1);
$session_id = Crypt::hashBase64(uniqid(mt_rand(), TRUE));
- $_COOKIE[$insecure_session_name] = $session_id;
+ $cookies->set($insecure_session_name, $session_id);
}
}
date_default_timezone_set(drupal_get_user_timezone());
@@ -323,7 +324,8 @@ function drupal_session_commit() {
$insecure_session_name = substr(session_name(), 1);
$params = session_get_cookie_params();
$expire = $params['lifetime'] ? REQUEST_TIME + $params['lifetime'] : 0;
- setcookie($insecure_session_name, $_COOKIE[$insecure_session_name], $expire, $params['path'], $params['domain'], FALSE, $params['httponly']);
+ $cookie_params = \Drupal::request()->cookies;
+ setcookie($insecure_session_name, $cookie_params->get($insecure_session_name), $expire, $params['path'], $params['domain'], FALSE, $params['httponly']);
}
}
// Write the session data.
@@ -356,11 +358,12 @@ function drupal_session_regenerate() {
}
$is_https = \Drupal::request()->isSecure();
+ $cookies = \Drupal::request()->cookies;
if ($is_https && settings()->get('mixed_mode_sessions', FALSE)) {
$insecure_session_name = substr(session_name(), 1);
- if (!isset($GLOBALS['lazy_session']) && isset($_COOKIE[$insecure_session_name])) {
- $old_insecure_session_id = $_COOKIE[$insecure_session_name];
+ if (!isset($GLOBALS['lazy_session']) && $cookies->has($insecure_session_name)) {
+ $old_insecure_session_id = $cookies->get($insecure_session_name);
}
$params = session_get_cookie_params();
$session_id = Crypt::hashBase64(uniqid(mt_rand(), TRUE) . Crypt::randomBytes(55));
@@ -369,7 +372,7 @@ function drupal_session_regenerate() {
// it will expire when the browser is closed.
$expire = $params['lifetime'] ? REQUEST_TIME + $params['lifetime'] : 0;
setcookie($insecure_session_name, $session_id, $expire, $params['path'], $params['domain'], FALSE, $params['httponly']);
- $_COOKIE[$insecure_session_name] = $session_id;
+ $cookies->set($insecure_session_name, $session_id);
}
if (drupal_session_started()) {
@@ -461,13 +464,14 @@ function _drupal_session_destroy($sid) {
* Force the secure value of the cookie.
*/
function _drupal_session_delete_cookie($name, $secure = NULL) {
- if (isset($_COOKIE[$name]) || (!\Drupal::request()->isSecure() && $secure === TRUE)) {
+ $cookies = \Drupal::request()->cookies;
+ if ($cookies->has($name) || (!\Drupal::request()->isSecure() && $secure === TRUE)) {
$params = session_get_cookie_params();
if ($secure !== NULL) {
$params['secure'] = $secure;
}
setcookie($name, '', REQUEST_TIME - 3600, $params['path'], $params['domain'], $params['secure'], $params['httponly']);
- unset($_COOKIE[$name]);
+ $cookies->remove($name);
}
}
diff --git a/core/lib/Drupal/Component/Utility/Url.php b/core/lib/Drupal/Component/Utility/Url.php
index 4fe96e228860ad6dc0ef0dfa2e22566738226e63..c7eff3e9526f5289618428197bcb81759f9d5c3c 100644
--- a/core/lib/Drupal/Component/Utility/Url.php
+++ b/core/lib/Drupal/Component/Utility/Url.php
@@ -34,7 +34,8 @@ class Url {
* http_build_query() directly.
*
* @param array $query
- * The query parameter array to be processed, e.g. $_GET.
+ * The query parameter array to be processed,
+ * e.g. \Drupal::request()->query->all().
* @param string $parent
* Internal use only. Used to build the $query array key for nested items.
*
@@ -118,13 +119,14 @@ public static function filterQueryParameters(array $query, array $exclude = arra
* The returned array contains a 'path' that may be passed separately to url().
* For example:
* @code
- * $options = Url::parse($_GET['destination']);
+ * $options = Url::parse(\Drupal::request()->query->get('destination'));
* $my_url = url($options['path'], $options);
* $my_link = l('Example link', $options['path'], $options);
* @endcode
*
* @param string $url
- * The URL string to parse, f.e. $_GET['destination'].
+ * The URL string to parse, i.e.
+ * \Drupal::request()->query->get('destination').
*
* @return
* An associative array containing the keys:
diff --git a/core/lib/Drupal/Core/Ajax/AjaxResponse.php b/core/lib/Drupal/Core/Ajax/AjaxResponse.php
index 2ed7331590b51f4cba2784b7f5e9e78eb2fac74c..256ea955817fb3b80aa1b744aac12a1cb057d9c5 100644
--- a/core/lib/Drupal/Core/Ajax/AjaxResponse.php
+++ b/core/lib/Drupal/Core/Ajax/AjaxResponse.php
@@ -95,10 +95,11 @@ protected function ajaxRender(Request $request) {
// diffing logic using array_diff_key().
$ajax_page_state = $request->request->get('ajax_page_state');
foreach (array('css', 'js') as $type) {
- // It is highly suspicious if $_POST['ajax_page_state'][$type] is empty,
- // since the base page ought to have at least one JS file and one CSS file
- // loaded. It probably indicates an error, and rather than making the page
- // reload all of the files, instead we return no new files.
+ // It is highly suspicious if
+ // $request->request->get("ajax_page_state[$type]") is empty, since the
+ // base page ought to have at least one JS file and one CSS file loaded.
+ // It probably indicates an error, and rather than making the page reload
+ // all of the files, instead we return no new files.
if (empty($ajax_page_state[$type])) {
$items[$type] = array();
}
diff --git a/core/lib/Drupal/Core/EventSubscriber/RedirectResponseSubscriber.php b/core/lib/Drupal/Core/EventSubscriber/RedirectResponseSubscriber.php
index 609e90963b9c4e0195a1f49b8102599872b9c78a..6cc7916a6c51d208af4e6ad5d03e1aa22e75a3f6 100644
--- a/core/lib/Drupal/Core/EventSubscriber/RedirectResponseSubscriber.php
+++ b/core/lib/Drupal/Core/EventSubscriber/RedirectResponseSubscriber.php
@@ -48,9 +48,10 @@ public function checkRedirectUrl(FilterResponseEvent $event) {
$options = array();
$destination = $event->getRequest()->query->get('destination');
- // A destination in $_GET always overrides the current RedirectResponse.
- // We do not allow absolute URLs to be passed via $_GET, as this can be an
- // attack vector, with the following exception:
+ // A destination from \Drupal::request()->query always overrides the
+ // current RedirectResponse. We do not allow absolute URLs to be passed
+ // via \Drupal::request()->query, as this can be an attack vector, with
+ // the following exception:
// - Absolute URLs that point to this site (i.e. same base URL and
// base path) are allowed.
if ($destination && (!url_is_external($destination) || _external_url_is_local($destination))) {
diff --git a/core/lib/Drupal/Core/Form/FormBuilder.php b/core/lib/Drupal/Core/Form/FormBuilder.php
index 8dfcf017fd5b4b6e8bffc050eaa5f7f6f89a2a18..620c6c9e8fcaa73f51f9663c52dede19f9b43f15 100644
--- a/core/lib/Drupal/Core/Form/FormBuilder.php
+++ b/core/lib/Drupal/Core/Form/FormBuilder.php
@@ -569,7 +569,7 @@ public function retrieveForm($form_id, &$form_state) {
public function processForm($form_id, &$form, &$form_state) {
$form_state['values'] = array();
- // With $_GET, these forms are always submitted if requested.
+ // With GET, these forms are always submitted if requested.
if ($form_state['method'] == 'get' && !empty($form_state['always_process'])) {
if (!isset($form_state['input']['form_build_id'])) {
$form_state['input']['form_build_id'] = $form['#build_id'];
@@ -1490,9 +1490,10 @@ protected function handleInputElement($form_id, &$element, &$form_state) {
$name = array_shift($element['#parents']);
$element['#name'] = $name;
if ($element['#type'] == 'file') {
- // To make it easier to handle $_FILES in file.inc, we place all
+ // To make it easier to handle files in file.inc, we place all
// file fields in the 'files' array. Also, we do not support
// nested file names.
+ // @todo Remove this files prefix now?
$element['#name'] = 'files[' . $element['#name'] . ']';
}
elseif (count($element['#parents'])) {
@@ -1608,7 +1609,8 @@ protected function handleInputElement($form_id, &$element, &$form_state) {
if (!empty($element['#is_button'])) {
// All buttons in the form need to be tracked for
// form_state_values_clean() and for the self::doBuildForm() code that
- // handles a form submission containing no button information in $_POST.
+ // handles a form submission containing no button information in
+ // \Drupal::request()->request.
$form_state['buttons'][] = $element;
if ($this->buttonWasClicked($element, $form_state)) {
$form_state['triggering_element'] = $element;
@@ -1668,15 +1670,15 @@ protected function buttonWasClicked($element, &$form_state) {
// buttons on a form share the same name (usually 'op'), and the specific
// return value is used to determine which was clicked. This ONLY works as
// long as $form['#name'] puts the value at the top level of the tree of
- // $_POST data.
+ // \Drupal::request()->request data.
if (isset($form_state['input'][$element['#name']]) && $form_state['input'][$element['#name']] == $element['#value']) {
return TRUE;
}
// When image buttons are clicked, browsers do NOT pass the form element
- // value in $_POST. Instead they pass an integer representing the
- // coordinates of the click on the button image. This means that image
- // buttons MUST have unique $form['#name'] values, but the details of their
- // $_POST data should be ignored.
+ // value in \Drupal::request()->Request. Instead they pass an integer
+ // representing the coordinates of the click on the button image. This means
+ // that image buttons MUST have unique $form['#name'] values, but the
+ // details of their \Drupal::request()->request data should be ignored.
elseif (!empty($element['#has_garbage_value']) && isset($element['#value']) && $element['#value'] !== '') {
return TRUE;
}
diff --git a/core/lib/Drupal/Core/Form/FormBuilderInterface.php b/core/lib/Drupal/Core/Form/FormBuilderInterface.php
index bbe355afc30f2459c32ceffe9e7938bb99123e29..1ccb527afc3707c5a82e00fae914baef4fd4c9b2 100644
--- a/core/lib/Drupal/Core/Form/FormBuilderInterface.php
+++ b/core/lib/Drupal/Core/Form/FormBuilderInterface.php
@@ -154,8 +154,9 @@ public function getForm($form_arg);
* understanding of security implications. In almost all cases, code
* should use the data in the 'values' array exclusively. The most common
* use of this key is for multi-step forms that need to clear some of the
- * user input when setting 'rebuild'. The values correspond to $_POST or
- * $_GET, depending on the 'method' chosen.
+ * user input when setting 'rebuild'. The values correspond to
+ * \Drupal::request()->request or \Drupal::request()->query, depending on
+ * the 'method' chosen.
* - always_process: If TRUE and the method is GET, a form_id is not
* necessary. This should only be used on RESTful GET forms that do NOT
* write data, as this could lead to security issues. It is useful so that
@@ -169,8 +170,8 @@ public function getForm($form_arg);
* invoked via self::submitForm(). Defaults to FALSE.
* - process_input: Boolean flag. TRUE signifies correct form submission.
* This is always TRUE for programmed forms coming from self::submitForm()
- * (see 'programmed' key), or if the form_id coming from the $_POST data
- * is set and matches the current form_id.
+ * (see 'programmed' key), or if the form_id coming from the
+ * \Drupal::request()->request data is set and matches the current form_id.
* - submitted: If TRUE, the form has been submitted. Defaults to FALSE.
* - executed: If TRUE, the form was submitted and has been processed and
* executed. Defaults to FALSE.
@@ -309,11 +310,12 @@ public function setCache($form_build_id, $form, $form_state);
* @param $form_state
* A keyed array containing the current state of the form. Most important is
* the $form_state['values'] collection, a tree of data used to simulate the
- * incoming $_POST information from a user's form submission. If a key is
- * not filled in $form_state['values'], then the default value of the
- * respective element is used. To submit an unchecked checkbox or other
- * control that browsers submit by not having a $_POST entry, include the
- * key, but set the value to NULL.
+ * incoming \Drupal::request()->request information from a user's form
+ * submission. If a key is not filled in $form_state['values'], then the
+ * default value of the respective element is used. To submit an unchecked
+ * checkbox or other control that browsers submit by not having a
+ * \Drupal::request()->request entry, include the key, but set the value to
+ * NULL.
* @param ...
* Any additional arguments are passed on to the functions called by
* self::submitForm(), including the unique form constructor function.
@@ -378,8 +380,8 @@ public function retrieveForm($form_id, &$form_state);
* A keyed array containing the current state of the form. This
* includes the current persistent storage data for the form, and
* any data passed along by earlier steps when displaying a
- * multi-step form. Additional information, like the sanitized $_POST
- * data, is also accumulated here.
+ * multi-step form. Additional information, like the sanitized
+ * \Drupal::request()->request data, is also accumulated here.
*
* @return \Symfony\Component\HttpFoundation\RedirectResponse|null
*/
@@ -477,8 +479,9 @@ public function validateForm($form_id, &$form, &$form_state);
* redirect is accomplished by returning a RedirectResponse, passing in the
* value of $form_state['redirect'] if it is set, or the current path if it
* is not. RedirectResponse preferentially uses the value of
- * $_GET['destination'] (the 'destination' URL query string) if it is
- * present, so this will override any values set by $form_state['redirect'].
+ * \Drupal::request->query->get('destination') (the 'destination' URL query
+ * string) if it is present, so this will override any values set by
+ * $form_state['redirect'].
*
* @param $form_state
* An associative array containing the current state of the form.
@@ -599,7 +602,7 @@ public function executeHandlers($type, &$form, &$form_state);
* A keyed array containing the current state of the form. In this
* context, it is used to accumulate information about which button
* was clicked when the form was submitted, as well as the sanitized
- * $_POST data.
+ * \Drupal::request()->request data.
*
* @return array
*/
diff --git a/core/lib/Drupal/Core/Mail/PhpMail.php b/core/lib/Drupal/Core/Mail/PhpMail.php
index d82d77047abc25828d1ea857cbf357aa08441a76..b7f94bb5c70b6b2780d843cbf941723b00125228 100644
--- a/core/lib/Drupal/Core/Mail/PhpMail.php
+++ b/core/lib/Drupal/Core/Mail/PhpMail.php
@@ -59,7 +59,7 @@ public function mail(array $message) {
foreach ($message['headers'] as $name => $value) {
$mimeheaders[] = $name . ': ' . mime_header_encode($value);
}
- $line_endings = settings()->get('mail_line_endings', MAIL_LINE_ENDINGS);
+ $line_endings = settings()->get('mail_line_endings', PHP_EOL);
// Prepare mail commands.
$mail_subject = mime_header_encode($message['subject']);
// Note: e-mail uses CRLF for line-endings. PHP's API requires LF
diff --git a/core/modules/aggregator/lib/Drupal/aggregator/Form/OpmlFeedAdd.php b/core/modules/aggregator/lib/Drupal/aggregator/Form/OpmlFeedAdd.php
index 3a4a131c15caf29806a457324e130308236dad15..b772f40f8a33449fd4887d53fb1e1d59b1c3178a 100644
--- a/core/modules/aggregator/lib/Drupal/aggregator/Form/OpmlFeedAdd.php
+++ b/core/modules/aggregator/lib/Drupal/aggregator/Form/OpmlFeedAdd.php
@@ -138,7 +138,8 @@ public function buildForm(array $form, array &$form_state) {
*/
public function validateForm(array &$form, array &$form_state) {
// If both fields are empty or filled, cancel.
- if (empty($form_state['values']['remote']) == empty($_FILES['files']['name']['upload'])) {
+ $file_upload = $this->getRequest()->files->get('files[upload]', NULL, TRUE);
+ if (empty($form_state['values']['remote']) == empty($file_upload)) {
form_set_error('remote', $form_state, $this->t('You must either upload a file or enter a URL.'));
}
}
diff --git a/core/modules/config/lib/Drupal/config/Form/ConfigImportForm.php b/core/modules/config/lib/Drupal/config/Form/ConfigImportForm.php
index be2988ea29c4816c17e05eed43a2d79124204fdc..729603498fcfad2f7c9f2b9a1f498dc9a5f5cc8f 100644
--- a/core/modules/config/lib/Drupal/config/Form/ConfigImportForm.php
+++ b/core/modules/config/lib/Drupal/config/Form/ConfigImportForm.php
@@ -74,11 +74,12 @@ public function buildForm(array $form, array &$form_state) {
* {@inheritdoc}
*/
public function validateForm(array &$form, array &$form_state) {
- if (!empty($_FILES['files']['error']['import_tarball'])) {
- form_set_error('import_tarball', $form_state, $this->t('The import tarball could not be uploaded.'));
+ $file_upload = $this->getRequest()->files->get('files[import_tarball]', NULL, TRUE);
+ if ($file_upload && $file_upload->isValid()) {
+ $form_state['values']['import_tarball'] = $file_upload->getRealPath();
}
else {
- $form_state['values']['import_tarball'] = $_FILES['files']['tmp_name']['import_tarball'];
+ form_set_error('import_tarball', $form_state, $this->t('The import tarball could not be uploaded.'));
}
}
diff --git a/core/modules/editor/lib/Drupal/editor/Form/EditorImageDialog.php b/core/modules/editor/lib/Drupal/editor/Form/EditorImageDialog.php
index 6e78c7f19eda25611fd0ecdea7556cf5ad6b37da..b3512b54dd0daa6f4084e443d0ecc9d4085ceaf5 100644
--- a/core/modules/editor/lib/Drupal/editor/Form/EditorImageDialog.php
+++ b/core/modules/editor/lib/Drupal/editor/Form/EditorImageDialog.php
@@ -33,8 +33,8 @@ public function getFormId() {
* The filter format for which this dialog corresponds.
*/
public function buildForm(array $form, array &$form_state, FilterFormat $filter_format = NULL) {
- // The default values are set directly from $_POST, provided by the
- // editor plugin opening the dialog.
+ // The default values are set directly from \Drupal::request()->request,
+ // provided by the editor plugin opening the dialog.
if (!isset($form_state['image_element'])) {
$form_state['image_element'] = isset($form_state['input']['editor_object']) ? $form_state['input']['editor_object'] : array();
}
diff --git a/core/modules/editor/lib/Drupal/editor/Form/EditorLinkDialog.php b/core/modules/editor/lib/Drupal/editor/Form/EditorLinkDialog.php
index 9bc2948d808977648fcd18f07ca8bf247bf21e39..0e76f79de916802894dd7c162ea9fc0ef138e45e 100644
--- a/core/modules/editor/lib/Drupal/editor/Form/EditorLinkDialog.php
+++ b/core/modules/editor/lib/Drupal/editor/Form/EditorLinkDialog.php
@@ -33,8 +33,8 @@ public function getFormId() {
* The filter format for which this dialog corresponds.
*/
public function buildForm(array $form, array &$form_state, FilterFormat $filter_format = NULL) {
- // The default values are set directly from $_POST, provided by the
- // editor plugin opening the dialog.
+ // The default values are set directly from \Drupal::request()->request,
+ // provided by the editor plugin opening the dialog.
$input = isset($form_state['input']['editor_object']) ? $form_state['input']['editor_object'] : array();
$form['#tree'] = TRUE;
diff --git a/core/modules/file/file.module b/core/modules/file/file.module
index db827fa76c52787c615f74a4896ac4e27daef434..f2b0feffc46ed519074ace441895faee87aefbed 100644
--- a/core/modules/file/file.module
+++ b/core/modules/file/file.module
@@ -777,8 +777,9 @@ function file_save_upload($form_field_name, array &$form_state, $validators = ar
$user = \Drupal::currentUser();
static $upload_cache;
+ $file_upload = \Drupal::request()->files->get("files[$form_field_name]", NULL, TRUE);
// Make sure there's an upload to process.
- if (empty($_FILES['files']['name'][$form_field_name])) {
+ if (empty($file_upload)) {
return NULL;
}
@@ -793,40 +794,39 @@ function file_save_upload($form_field_name, array &$form_state, $validators = ar
// Prepare uploaded files info. Representation is slightly different
// for multiple uploads and we fix that here.
- $uploaded_files = $_FILES;
- if (!is_array($uploaded_files['files']['name'][$form_field_name])) {
- foreach (array('name', 'type', 'tmp_name', 'error', 'size') as $value)
- $uploaded_files['files'][$value][$form_field_name] = array($uploaded_files['files'][$value][$form_field_name]);
+ $uploaded_files = $file_upload;
+ if (!is_array($file_upload)) {
+ $uploaded_files = array($file_upload);
}
$files = array();
- foreach ($uploaded_files['files']['name'][$form_field_name] as $i => $name) {
+ foreach ($uploaded_files as $i => $file_info) {
// Check for file upload errors and return FALSE for this file if a lower
// level system error occurred. For a complete list of errors:
// See http://php.net/manual/features.file-upload.errors.php.
- switch ($uploaded_files['files']['error'][$form_field_name][$i]) {
+ switch ($file_info->getError()) {
case UPLOAD_ERR_INI_SIZE:
case UPLOAD_ERR_FORM_SIZE:
- drupal_set_message(t('The file %file could not be saved because it exceeds %maxsize, the maximum allowed size for uploads.', array('%file' => $name, '%maxsize' => format_size(file_upload_max_size()))), 'error');
+ drupal_set_message(t('The file %file could not be saved because it exceeds %maxsize, the maximum allowed size for uploads.', array('%file' => $file_info->getFilename(), '%maxsize' => format_size(file_upload_max_size()))), 'error');
$files[$i] = FALSE;
continue;
case UPLOAD_ERR_PARTIAL:
case UPLOAD_ERR_NO_FILE:
- drupal_set_message(t('The file %file could not be saved because the upload did not complete.', array('%file' => $name)), 'error');
+ drupal_set_message(t('The file %file could not be saved because the upload did not complete.', array('%file' => $file_info->getFilename())), 'error');
$files[$i] = FALSE;
continue;
case UPLOAD_ERR_OK:
// Final check that this is a valid upload, if it isn't, use the
// default error handler.
- if (is_uploaded_file($uploaded_files['files']['tmp_name'][$form_field_name][$i])) {
+ if (is_uploaded_file($file_info->getRealPath())) {
break;
}
// Unknown error
default:
- drupal_set_message(t('The file %file could not be saved. An unknown error has occurred.', array('%file' => $name)), 'error');
+ drupal_set_message(t('The file %file could not be saved. An unknown error has occurred.', array('%file' => $file_info->getFilename())), 'error');
$files[$i] = FALSE;
continue;
@@ -835,9 +835,9 @@ function file_save_upload($form_field_name, array &$form_state, $validators = ar
$values = array(
'uid' => $user->id(),
'status' => 0,
- 'filename' => trim(drupal_basename($name, '.')),
- 'uri' => $uploaded_files['files']['tmp_name'][$form_field_name][$i],
- 'filesize' => $uploaded_files['files']['size'][$form_field_name][$i],
+ 'filename' => $file_info->getClientOriginalName(),
+ 'uri' => $file_info->getRealPath(),
+ 'filesize' => $file_info->getSize(),
);
$values['filemime'] = file_get_mimetype($values['filename']);
$file = entity_create('file', $values);
@@ -940,7 +940,7 @@ function file_save_upload($form_field_name, array &$form_state, $validators = ar
// directory. This overcomes open_basedir restrictions for future file
// operations.
$file->uri = $file->destination;
- if (!drupal_move_uploaded_file($uploaded_files['files']['tmp_name'][$form_field_name][$i], $file->getFileUri())) {
+ if (!drupal_move_uploaded_file($file_info->getRealPath(), $file->getFileUri())) {
form_set_error($form_field_name, $form_state, t('File upload error. Could not move uploaded file.'));
watchdog('file', 'Upload error. Could not move uploaded file %file to destination %destination.', array('%file' => $file->filename, '%destination' => $file->uri));
$files[$i] = FALSE;
@@ -1470,7 +1470,8 @@ function file_managed_file_submit($form, &$form_state) {
*/
function file_managed_file_save_upload($element, array &$form_state) {
$upload_name = implode('_', $element['#parents']);
- if (empty($_FILES['files']['name'][$upload_name])) {
+ $file_upload = \Drupal::request()->files->get("files[$upload_name]", NULL, TRUE);
+ if (empty($file_upload)) {
return FALSE;
}
@@ -1482,8 +1483,8 @@ function file_managed_file_save_upload($element, array &$form_state) {
}
// Save attached files to the database.
- $files_uploaded = $element['#multiple'] && count(array_filter($_FILES['files']['name'][$upload_name])) > 0;
- $files_uploaded |= !$element['#multiple'] && !empty($_FILES['files']['name'][$upload_name]);
+ $files_uploaded = $element['#multiple'] && count(array_filter($file_upload)) > 0;
+ $files_uploaded |= !$element['#multiple'] && !empty($file_upload);
if ($files_uploaded) {
if (!$files = file_save_upload($upload_name, $form_state, $element['#upload_validators'], $destination)) {
watchdog('file', 'The file upload failed. %upload', array('%upload' => $upload_name));
diff --git a/core/modules/node/lib/Drupal/node/Plugin/Search/NodeSearch.php b/core/modules/node/lib/Drupal/node/Plugin/Search/NodeSearch.php
index 547562b3e2667d1f6a6d7ee673848e42b91d3209..17381849fa031d09add9a13702261197f8d17ddf 100644
--- a/core/modules/node/lib/Drupal/node/Plugin/Search/NodeSearch.php
+++ b/core/modules/node/lib/Drupal/node/Plugin/Search/NodeSearch.php
@@ -176,8 +176,8 @@ public function execute() {
->searchExpression($keys, $this->getPluginId());
// Handle advanced search filters in the f query string.
- // $_GET['f'] is an array that looks like this in the URL:
- // ?f[]=type:page&f[]=term:27&f[]=term:13&f[]=langcode:en
+ // \Drupal::request()->query->get('f') is an array that looks like this in
+ // the URL: ?f[]=type:page&f[]=term:27&f[]=term:13&f[]=langcode:en
// So $parameters['f'] looks like:
// array('type:page', 'term:27', 'term:13', 'langcode:en');
// We need to parse this out into query conditions.
diff --git a/core/modules/search/lib/Drupal/search/Controller/SearchController.php b/core/modules/search/lib/Drupal/search/Controller/SearchController.php
index bda72592326ab7cf19fa6ea01d1862a059dc79f0..98dae2b1968f3e62940ee0b967bf8c75f0b0ab0f 100644
--- a/core/modules/search/lib/Drupal/search/Controller/SearchController.php
+++ b/core/modules/search/lib/Drupal/search/Controller/SearchController.php
@@ -72,8 +72,8 @@ public static function create(ContainerInterface $container) {
public function view(Request $request, $plugin_id = NULL, $keys = NULL) {
$info = FALSE;
$keys = trim($keys);
- // Also try to pull search keywords out of the $_REQUEST variable to
- // support old GET format of searches for existing links.
+ // Also try to pull search keywords from the request to support old GET
+ // format of searches for existing links.
if (!$keys && $request->query->has('keys')) {
$keys = trim($request->query->get('keys'));
}
@@ -105,11 +105,11 @@ public function view(Request $request, $plugin_id = NULL, $keys = NULL) {
// Default results output is an empty string.
$results = array('#markup' => '');
- // Process the search form. Note that if there is $_POST data,
- // search_form_submit() will cause a redirect to search/[path]/[keys],
- // which will get us back to this page callback. In other words, the search
- // form submits with POST but redirects to GET. This way we can keep
- // the search query URL clean as a whistle.
+ // Process the search form. Note that if there is
+ // \Drupal::request()->request data, search_form_submit() will cause a
+ // redirect to search/[path]/[keys], which will get us back to this page
+ // callback. In other words, the search form submits with POST but redirects
+ // to GET. This way we can keep the search query URL clean as a whistle.
if ($request->request->has('form_id') || $request->request->get('form_id') != 'search_form') {
// Only search if there are keywords or non-empty conditions.
if ($plugin->isSearchExecutable()) {
diff --git a/core/modules/simpletest/lib/Drupal/simpletest/WebTestBase.php b/core/modules/simpletest/lib/Drupal/simpletest/WebTestBase.php
index 6ba4428fb1b07456608e676c29609039a0cf8600..219762f43329ffcdcb293b79a502a38166a3e0e5 100644
--- a/core/modules/simpletest/lib/Drupal/simpletest/WebTestBase.php
+++ b/core/modules/simpletest/lib/Drupal/simpletest/WebTestBase.php
@@ -1139,13 +1139,16 @@ protected function curlExec($curl_options, $redirect = FALSE) {
// debug the code running on the child site. In order to make debuggers work
// this bit of information is forwarded. Make sure that the debugger listens
// to at least three external connections.
- if (isset($_COOKIE['XDEBUG_SESSION'])) {
- $cookies[] = 'XDEBUG_SESSION=' . $_COOKIE['XDEBUG_SESSION'];
+ $request = \Drupal::request();
+ $cookie_params = $request->cookies;
+ if ($cookie_params->has('XDEBUG_SESSION')) {
+ $cookies[] = 'XDEBUG_SESSION=' . $cookie_params->get('XDEBUG_SESSION');
}
// For CLI requests, the information is stored in $_SERVER.
- if (isset($_SERVER['XDEBUG_CONFIG'])) {
+ $server = $request->server;
+ if ($server->has('XDEBUG_CONFIG')) {
// $_SERVER['XDEBUG_CONFIG'] has the form "key1=value1 key2=value2 ...".
- $pairs = explode(' ', $_SERVER['XDEBUG_CONFIG']);
+ $pairs = explode(' ', $server->get('XDEBUG_CONFIG'));
foreach ($pairs as $pair) {
list($key, $value) = explode('=', $pair);
// Account for key-value pairs being separated by multiple spaces.
diff --git a/core/modules/system/lib/Drupal/system/Tests/Bootstrap/OverrideServerVariablesUnitTest.php b/core/modules/system/lib/Drupal/system/Tests/Bootstrap/OverrideServerVariablesUnitTest.php
index 0717b105aac84bc844dce53b40efb8eb8c24dadc..b2fb336982c56ba100a785bb57f2554e14cf32c0 100644
--- a/core/modules/system/lib/Drupal/system/Tests/Bootstrap/OverrideServerVariablesUnitTest.php
+++ b/core/modules/system/lib/Drupal/system/Tests/Bootstrap/OverrideServerVariablesUnitTest.php
@@ -8,11 +8,16 @@
namespace Drupal\system\Tests\Bootstrap;
use Drupal\simpletest\UnitTestBase;
+use Symfony\Component\HttpFoundation\Request;
/**
* Tests for overriding server variables via the API.
*/
class OverrideServerVariablesUnitTest extends UnitTestBase {
+
+ /**
+ * {@inheritdoc}
+ */
public static function getInfo() {
return array(
'name' => 'Overriding server variables',
@@ -40,17 +45,18 @@ function testDrupalOverrideServerVariablesProvidedURL() {
),
);
foreach ($tests as $url => $expected_server_values) {
- // Remember the original value of $_SERVER, since the function call below
- // will modify it.
- $original_server = $_SERVER;
+ $container = \Drupal::getContainer();
+ $request = Request::createFromGlobals();
+ $container->set('request', $request);
+ \Drupal::setContainer($container);
+
// Call drupal_override_server_variables() and ensure that all expected
// $_SERVER variables were modified correctly.
drupal_override_server_variables(array('url' => $url));
foreach ($expected_server_values as $key => $value) {
+ $this->assertIdentical(\Drupal::request()->server->get($key), $value);
$this->assertIdentical($_SERVER[$key], $value);
}
- // Restore the original value of $_SERVER.
- $_SERVER = $original_server;
}
}
}
diff --git a/core/modules/system/lib/Drupal/system/Tests/Common/HtmlIdentifierUnitTest.php b/core/modules/system/lib/Drupal/system/Tests/Common/HtmlIdentifierUnitTest.php
index a81feb8954522c9cfc0633f624b141833f16aeed..73cd1368c7e96673074e7aabc5319b6e064dce7e 100644
--- a/core/modules/system/lib/Drupal/system/Tests/Common/HtmlIdentifierUnitTest.php
+++ b/core/modules/system/lib/Drupal/system/Tests/Common/HtmlIdentifierUnitTest.php
@@ -8,6 +8,7 @@
namespace Drupal\system\Tests\Common;
use Drupal\simpletest\UnitTestBase;
+use Symfony\Component\HttpFoundation\Request;
/**
* Tests cleaning HTML identifiers.
@@ -21,6 +22,18 @@ public static function getInfo() {
);
}
+ /**
+ * {@inheritdoc}
+ */
+ public function setUp() {
+ parent::setUp();
+
+ $container = \Drupal::getContainer();
+ $request = new Request();
+ $container->set('request', $request);
+ \Drupal::setContainer($container);
+ }
+
/**
* Tests that drupal_clean_css_identifier() cleans the identifier properly.
*/
diff --git a/core/modules/system/lib/Drupal/system/Tests/Common/TableSortExtenderUnitTest.php b/core/modules/system/lib/Drupal/system/Tests/Common/TableSortExtenderUnitTest.php
index 241949fce4a4c30b449bd00386ed8cd10daafd21..59eca4a28b47e4e92f0373c8df130235489136e1 100644
--- a/core/modules/system/lib/Drupal/system/Tests/Common/TableSortExtenderUnitTest.php
+++ b/core/modules/system/lib/Drupal/system/Tests/Common/TableSortExtenderUnitTest.php
@@ -15,13 +15,6 @@
*/
class TableSortExtenderUnitTest extends UnitTestBase {
- /**
- * Storage for initial value of $_GET.
- *
- * @var array
- */
- protected $GET = array();
-
public static function getInfo() {
return array(
'name' => 'Tablesort',
@@ -30,20 +23,6 @@ public static function getInfo() {
);
}
- function setUp() {
- // Save the original $_GET to be restored later.
- $this->GET = $_GET;
-
- parent::setUp();
- }
-
- function tearDown() {
- // Revert $_GET.
- $_GET = $this->GET;
-
- parent::tearDown();
- }
-
/**
* Tests tablesort_init().
*/
@@ -52,8 +31,8 @@ function testTableSortInit() {
// Test simple table headers.
$headers = array('foo', 'bar', 'baz');
- // Reset $_GET to prevent parameters from Simpletest and Batch API ending
- // up in $ts['query'].
+ // Reset $requesr->query to prevent parameters from Simpletest and Batch API
+ // ending up in $ts['query'].
$expected_ts = array(
'name' => 'foo',
'sql' => '',
diff --git a/core/modules/system/lib/Drupal/system/Tests/Entity/EntityViewBuilderTest.php b/core/modules/system/lib/Drupal/system/Tests/Entity/EntityViewBuilderTest.php
index b649cf6ac49ef71124018ba02290aa860a83bd53..ab1c086a17586afa97c09249886da20e8e661a9a 100644
--- a/core/modules/system/lib/Drupal/system/Tests/Entity/EntityViewBuilderTest.php
+++ b/core/modules/system/lib/Drupal/system/Tests/Entity/EntityViewBuilderTest.php
@@ -40,7 +40,7 @@ public function setUp() {
*/
public function testEntityViewBuilderCache() {
// Force a request via GET so we can get drupal_render() cache working.
- $request_method = $_SERVER['REQUEST_METHOD'];
+ $request_method = \Drupal::request()->server->get('REQUEST_METHOD');
$this->container->get('request')->setMethod('GET');
$entity_test = $this->createTestEntity('entity_test');
@@ -85,7 +85,7 @@ public function testEntityViewBuilderCache() {
*/
public function testEntityViewBuilderCacheWithReferences() {
// Force a request via GET so we can get drupal_render() cache working.
- $request_method = $_SERVER['REQUEST_METHOD'];
+ $request_method = \Drupal::request()->server->get('REQUEST_METHOD');
$this->container->get('request')->setMethod('GET');
// Create an entity reference field and an entity that will be referenced.
diff --git a/core/modules/system/lib/Drupal/system/Tests/Form/TriggeringElementTest.php b/core/modules/system/lib/Drupal/system/Tests/Form/TriggeringElementTest.php
index 2ca12a1a6de3a6ce888e578a6aef2c3b4a8f1a13..1c4f1df637a7ded2612fb3c4a2512a68b295b106 100644
--- a/core/modules/system/lib/Drupal/system/Tests/Form/TriggeringElementTest.php
+++ b/core/modules/system/lib/Drupal/system/Tests/Form/TriggeringElementTest.php
@@ -95,7 +95,7 @@ function testAttemptAccessControlBypass() {
// trying to get around security safeguards could easily do. We have to do
// a little trickery here, to work around the safeguards in drupalPostForm(): by
// renaming the text field that is in the form to 'button1', we can get the
- // data we want into $_POST.
+ // data we want into \Drupal::request()->request.
$elements = $this->xpath('//form[@id="' . $form_html_id . '"]//input[@name="text"]');
$elements[0]['name'] = 'button1';
$this->drupalPostForm(NULL, array('button1' => 'button1'), NULL, array(), array(), $form_html_id);
diff --git a/core/modules/system/lib/Drupal/system/Tests/Mail/HtmlToTextTest.php b/core/modules/system/lib/Drupal/system/Tests/Mail/HtmlToTextTest.php
index f93b40fef5b9bbbed08211e84557d891e7b5702e..751bf0c9e528810c9dc5a7654d5d1b51d4b56fdf 100644
--- a/core/modules/system/lib/Drupal/system/Tests/Mail/HtmlToTextTest.php
+++ b/core/modules/system/lib/Drupal/system/Tests/Mail/HtmlToTextTest.php
@@ -348,7 +348,7 @@ public function testDrupalHtmlToTextParagraphs() {
public function testVeryLongLineWrap() {
$input = 'Drupal
' . str_repeat('x', 2100) . '
Drupal';
$output = drupal_html_to_text($input);
- $eol = settings()->get('mail_line_endings', MAIL_LINE_ENDINGS);
+ $eol = settings()->get('mail_line_endings', PHP_EOL);
$maximum_line_length = 0;
foreach (explode($eol, $output) as $line) {
diff --git a/core/modules/system/system.install b/core/modules/system/system.install
index 3c5e9d02e2247aeb460fd10c916e60d1fb23bd50..af38deefc325e87927575b41f99d1fe94527856e 100644
--- a/core/modules/system/system.install
+++ b/core/modules/system/system.install
@@ -44,7 +44,7 @@ function system_requirements($phase) {
}
// Web server information.
- $software = $_SERVER['SERVER_SOFTWARE'];
+ $software = \Drupal::request()->server->get('SERVER_SOFTWARE');
$requirements['webserver'] = array(
'title' => t('Web server'),
'value' => $software,
diff --git a/core/modules/system/system.module b/core/modules/system/system.module
index 3fb3f04cb14d3dff85596b0cd92b6ac80c0994e9..ee3466d2b86dfbb1d5434935c9ae7e45fd9383ae 100644
--- a/core/modules/system/system.module
+++ b/core/modules/system/system.module
@@ -2592,7 +2592,7 @@ function system_default_region($theme) {
function system_admin_compact_mode() {
// PHP converts dots into underscores in cookie names to avoid problems with
// its parser, so we use a converted cookie name.
- return isset($_COOKIE['Drupal_visitor_admin_compact_mode']) ? $_COOKIE['Drupal_visitor_admin_compact_mode'] : \Drupal::config('system.site')->get('admin_compact_mode');
+ return \Drupal::request()->cookies->get('Drupal_visitor_admin_compact_mode', \Drupal::config('system.site')->get('admin_compact_mode'));
}
/**
diff --git a/core/modules/system/tests/modules/ajax_test/ajax_test.module b/core/modules/system/tests/modules/ajax_test/ajax_test.module
index f42844fb7f0b2c9226b16964188e1db44feb7096..ec2f239318bdd09cec070d6420af74eaea4bfe8c 100644
--- a/core/modules/system/tests/modules/ajax_test/ajax_test.module
+++ b/core/modules/system/tests/modules/ajax_test/ajax_test.module
@@ -78,8 +78,9 @@ function ajax_test_order() {
*/
function ajax_test_error() {
$message = '';
- if (!empty($_GET['message'])) {
- $message = $_GET['message'];
+ $query = \Drupal::request()->query;
+ if ($query->has('message')) {
+ $message = $query->get('message');
}
$response = new AjaxResponse();
$response->addCommand(new AlertCommand($message));
diff --git a/core/modules/system/tests/modules/form_test/form_test.module b/core/modules/system/tests/modules/form_test/form_test.module
index bcd8483e4e2079cd1217ba7737cbd40a0722bc43..a9328686619ba0eb15c97ae6a67b2ff3877bc9e1 100644
--- a/core/modules/system/tests/modules/form_test/form_test.module
+++ b/core/modules/system/tests/modules/form_test/form_test.module
@@ -605,7 +605,7 @@ function form_test_storage_form($form, &$form_state) {
'#value' => 'Save',
);
- if (isset($_REQUEST['cache'])) {
+ if (\Drupal::request()->get('cache')) {
// Manually activate caching, so we can test that the storage keeps working
// when it's enabled.
$form_state['cache'] = TRUE;
@@ -624,7 +624,7 @@ function form_test_storage_element_validate_value_cached($element, &$form_state)
// This presumes that another submitted form value triggers a validation error
// elsewhere in the form. Form API should still update the cached form storage
// though.
- if (isset($_REQUEST['cache']) && $form_state['values']['value'] == 'change_title') {
+ if (\Drupal::request()->get('cache') && $form_state['values']['value'] == 'change_title') {
$form_state['storage']['thing']['changed'] = TRUE;
}
}
@@ -1760,7 +1760,7 @@ function form_test_state_persist_submit($form, &$form_state) {
function form_test_form_form_test_state_persist_alter(&$form, &$form_state) {
// Simulate a form alter implementation inserting form elements that enable
// caching of the form, e.g. elements having #ajax.
- if (!empty($_REQUEST['cache'])) {
+ if (\Drupal::request()->get('cache')) {
$form_state['cache'] = TRUE;
}
}
@@ -1973,7 +1973,7 @@ function form_test_form_user_register_form_alter(&$form, &$form_state) {
'#submit' => array('form_test_user_register_form_rebuild'),
);
// If requested, add the test field by attaching the node page form.
- if (!empty($_REQUEST['field'])) {
+ if (\Drupal::request()->request->has('field')) {
$node = entity_create('node', array(
'type' => 'page',
));
diff --git a/core/modules/system/tests/modules/menu_test/menu_test.module b/core/modules/system/tests/modules/menu_test/menu_test.module
index ab2ef302894bf941f5c1ee699acd89784dc26adb..4ba4ad4ddfd4ff118990079147074c811a3aa8a9 100644
--- a/core/modules/system/tests/modules/menu_test/menu_test.module
+++ b/core/modules/system/tests/modules/menu_test/menu_test.module
@@ -11,7 +11,7 @@
* Implements hook_menu().
*/
function menu_test_menu() {
- // The name of the menu changes during the course of the test. Using a $_GET.
+ // The name of the menu changes during the course of the test. Using a GET.
$items['menu_name_test'] = array(
'title' => 'Test menu_name router item',
'route_name' => 'menu_test.menu_name_test',
diff --git a/core/modules/system/tests/modules/system_test/system_test.module b/core/modules/system/tests/modules/system_test/system_test.module
index 56ae2061c9c4c5e66a38819a90aaf84349e080ae..aa93e6d672ae70a49a44ae11cbc3f9b2a0075a83 100644
--- a/core/modules/system/tests/modules/system_test/system_test.module
+++ b/core/modules/system/tests/modules/system_test/system_test.module
@@ -8,8 +8,9 @@
* @deprecated \Drupal\system_test\Controller\SystemTestController::setHeader()
*/
function system_test_set_header() {
- drupal_add_http_header($_GET['name'], $_GET['value']);
- return t('The following header was set: %name: %value', array('%name' => $_GET['name'], '%value' => $_GET['value']));
+ $query = \Drupal::request()->query->all();
+ drupal_add_http_header($query['name'], $query['value']);
+ return t('The following header was set: %name: %value', array('%name' => $query['name'], '%value' => $query['value']));
}
/**
diff --git a/core/modules/taxonomy/lib/Drupal/taxonomy/Form/OverviewTerms.php b/core/modules/taxonomy/lib/Drupal/taxonomy/Form/OverviewTerms.php
index d0fc0a3ec71174166c0be0e05ea2258afa56e68b..25edaad980348fd4b0ad74956160450f44f1bf73 100644
--- a/core/modules/taxonomy/lib/Drupal/taxonomy/Form/OverviewTerms.php
+++ b/core/modules/taxonomy/lib/Drupal/taxonomy/Form/OverviewTerms.php
@@ -170,7 +170,7 @@ public function buildForm(array $form, array &$form_state, VocabularyInterface $
// error. Ensure the form is rebuilt in the same order as the user
// submitted.
if (!empty($form_state['input'])) {
- // Get the $_POST order.
+ // Get the POST order.
$order = array_flip(array_keys($form_state['input']['terms']));
// Update our form with the new order.
$current_page = array_merge($order, $current_page);
diff --git a/core/modules/update/update.manager.inc b/core/modules/update/update.manager.inc
index d4bde27110b64df946a6c23e111af9b80a47a580..19c0dc19abb940502aebd1bce269554cb1b8db27 100644
--- a/core/modules/update/update.manager.inc
+++ b/core/modules/update/update.manager.inc
@@ -632,7 +632,8 @@ function _update_manager_check_backends(&$form, $operation) {
* @see update_manager_install_form_submit()
*/
function update_manager_install_form_validate($form, &$form_state) {
- if (!($form_state['values']['project_url'] XOR !empty($_FILES['files']['name']['project_upload']))) {
+ $uploaded_file = \Drupal::request()->files->get('files[project_upload]', NULL, TRUE);
+ if (!($form_state['values']['project_url'] XOR !empty($uploaded_file))) {
form_set_error('project_url', $form_state, t('You must either provide a URL or upload an archive file to install.'));
}
}
diff --git a/core/modules/views/lib/Drupal/views/Controller/ViewAjaxController.php b/core/modules/views/lib/Drupal/views/Controller/ViewAjaxController.php
index e1aae782f553cc5453bc7ee855920abf6de3a791..307d63f62a1dc1c8f9353d2f8409f70a4f7bbf68 100644
--- a/core/modules/views/lib/Drupal/views/Controller/ViewAjaxController.php
+++ b/core/modules/views/lib/Drupal/views/Controller/ViewAjaxController.php
@@ -106,8 +106,8 @@ public function ajaxView(Request $request) {
$request->attributes->set('_system_path', $path);
}
- // Add all $_POST data, because AJAX is always a post and many things,
- // such as tablesorts, exposed filters and paging assume $_GET.
+ // Add all POST data, because AJAX is always a post and many things,
+ // such as tablesorts, exposed filters and paging assume GET.
$request_all = $request->request->all();
$query_all = $request->query->all();
$request->query->replace($request_all + $query_all);
diff --git a/core/modules/views/lib/Drupal/views/Plugin/views/HandlerBase.php b/core/modules/views/lib/Drupal/views/Plugin/views/HandlerBase.php
index 311bb9a467825cf01352f7b40c3b548de1a89df6..0a51c881b9f942c5f3697550186c912fe7dedfa9 100644
--- a/core/modules/views/lib/Drupal/views/Plugin/views/HandlerBase.php
+++ b/core/modules/views/lib/Drupal/views/Plugin/views/HandlerBase.php
@@ -446,7 +446,7 @@ public function showExposeForm(&$form, &$form_state) {
$this->buildExposeForm($form, $form_state);
// When we click the expose button, we add new gadgets to the form but they
- // have no data in $_POST so their defaults get wiped out. This prevents
+ // have no data in POST so their defaults get wiped out. This prevents
// these defaults from getting wiped out. This setting will only be TRUE
// during a 2nd pass rerender.
if (!empty($form_state['force_expose_options'])) {
diff --git a/core/modules/views/lib/Drupal/views/Plugin/views/field/FieldPluginBase.php b/core/modules/views/lib/Drupal/views/Plugin/views/field/FieldPluginBase.php
index 0c505f069baab805d376819a929949a63f88156a..db4a5d8e2950e01becd4852499febc40b74a4f1e 100644
--- a/core/modules/views/lib/Drupal/views/Plugin/views/field/FieldPluginBase.php
+++ b/core/modules/views/lib/Drupal/views/Plugin/views/field/FieldPluginBase.php
@@ -1484,7 +1484,7 @@ public function getRenderTokens($item) {
$tokens['!' . $count] = isset($this->view->args[$count - 1]) ? strip_tags(decode_entities($this->view->args[$count - 1])) : '';
}
- // Get flattened set of tokens for any array depth in $_GET parameters.
+ // Get flattened set of tokens for any array depth in query parameters.
$tokens += $this->getTokenValuesRecursive(\Drupal::request()->query->all());
// Now add replacements for our fields.
diff --git a/core/modules/views/lib/Drupal/views/Plugin/views/filter/FilterPluginBase.php b/core/modules/views/lib/Drupal/views/Plugin/views/filter/FilterPluginBase.php
index a05b44763d13397cc70934dccfd1e3e38e668155..91a9d84118fdf0872bc69e2378b7686c5eb33d2e 100644
--- a/core/modules/views/lib/Drupal/views/Plugin/views/filter/FilterPluginBase.php
+++ b/core/modules/views/lib/Drupal/views/Plugin/views/filter/FilterPluginBase.php
@@ -352,7 +352,7 @@ public function showBuildGroupForm(&$form, &$form_state) {
$this->buildExposedFiltersGroupForm($form, $form_state);
// When we click the expose button, we add new gadgets to the form but they
- // have no data in $_POST so their defaults get wiped out. This prevents
+ // have no data in POST so their defaults get wiped out. This prevents
// these defaults from getting wiped out. This setting will only be TRUE
// during a 2nd pass rerender.
if (!empty($form_state['force_build_group_options'])) {
diff --git a/core/modules/views/lib/Drupal/views/ViewExecutable.php b/core/modules/views/lib/Drupal/views/ViewExecutable.php
index 4b0c0ab243b9068a07552108e89e714ac909d29e..60884d6bfc9e8fcf4f77ed20706d515aac7b4c0b 100644
--- a/core/modules/views/lib/Drupal/views/ViewExecutable.php
+++ b/core/modules/views/lib/Drupal/views/ViewExecutable.php
@@ -556,7 +556,7 @@ public function ajaxEnabled() {
/**
* Set the exposed filters input to an array. If unset they will be taken
- * from $_GET when the time comes.
+ * from \Drupal::request()->query when the time comes.
*/
public function setExposedInput($filters) {
$this->exposed_input = $filters;
@@ -566,8 +566,8 @@ public function setExposedInput($filters) {
* Figure out what the exposed input for this view is.
*/
public function getExposedInput() {
- // Fill our input either from $_GET or from something previously set on the
- // view.
+ // Fill our input either from \Drupal::request()->query or from something
+ // previously set on the view.
if (empty($this->exposed_input)) {
$this->exposed_input = \Drupal::request()->query->all();
// unset items that are definitely not our input:
diff --git a/core/modules/views/views.module b/core/modules/views/views.module
index 877e35e27e5b5c98716138142f3baa564d89b7dd..4c10df6e2b6732ae08d0adf71ddba1b6f5811090 100644
--- a/core/modules/views/views.module
+++ b/core/modules/views/views.module
@@ -1100,7 +1100,7 @@ function views_exposed_form($form, &$form_state) {
$form['actions'] = array('#type' => 'actions');
$form['actions']['submit'] = array(
- // Prevent from showing up in $_GET.
+ // Prevent from showing up in \Drupal::request()->query.
'#name' => '',
'#type' => 'submit',
'#value' => t('Apply'),
diff --git a/core/modules/views_ui/admin.inc b/core/modules/views_ui/admin.inc
index b1c8d9c6a5223cd50dbb3822e565909f8de7b3fc..f93725a471d0073b8f29a4b4ffd4e466a85312d4 100644
--- a/core/modules/views_ui/admin.inc
+++ b/core/modules/views_ui/admin.inc
@@ -339,10 +339,10 @@ function views_ui_build_form_path($form_state) {
* #process callback for a button; determines if a button is the form's triggering element.
*
* The Form API has logic to determine the form's triggering element based on
- * the data in $_POST. However, it only checks buttons based on a single #value
+ * the data in POST. However, it only checks buttons based on a single #value
* per button. This function may be added to a button's #process callbacks to
* extend button click detection to support multiple #values per button. If the
- * data in $_POST matches any value in the button's #values array, then the
+ * data in POST matches any value in the button's #values array, then the
* button is detected as having been clicked. This can be used when the value
* (label) of the same logical button may be different based on context (e.g.,
* "Apply" vs. "Apply and continue").
diff --git a/core/modules/views_ui/lib/Drupal/views_ui/ViewEditFormController.php b/core/modules/views_ui/lib/Drupal/views_ui/ViewEditFormController.php
index f8fd10a431df1cbd0624a4cc995c51d49bc06dee..05b011d886a7baacb4deeb629bd68f7ab7202a79 100644
--- a/core/modules/views_ui/lib/Drupal/views_ui/ViewEditFormController.php
+++ b/core/modules/views_ui/lib/Drupal/views_ui/ViewEditFormController.php
@@ -292,9 +292,6 @@ public function submit(array $form, array &$form_state) {
if (($display->getPluginId() == 'page') && ($old_path == $destination) && ($old_path != $view->getExecutable()->displayHandlers->get($id)->getOption('path'))) {
$destination = $view->getExecutable()->displayHandlers->get($id)->getOption('path');
$query->remove('destination');
- // @todo For whatever reason drupal_goto is still using $_GET.
- // @see http://drupal.org/node/1668866
- unset($_GET['destination']);
}
}
$form_state['redirect'] = $destination;
diff --git a/core/profiles/minimal/minimal.profile b/core/profiles/minimal/minimal.profile
index fe6da8c3287c5cd7428d0d33665170ad5a2a1eac..ed291da4d912bdc526379c0a9f2a2f0d0c208f29 100644
--- a/core/profiles/minimal/minimal.profile
+++ b/core/profiles/minimal/minimal.profile
@@ -11,5 +11,5 @@
*/
function minimal_form_install_configure_form_alter(&$form, $form_state) {
// Pre-populate the site name with the server name.
- $form['site_information']['site_name']['#default_value'] = $_SERVER['SERVER_NAME'];
+ $form['site_information']['site_name']['#default_value'] = \Drupal::request()->server->get('SERVER_NAME');
}
diff --git a/core/profiles/standard/standard.profile b/core/profiles/standard/standard.profile
index d554c937939991f98583ddf0f96f2bb013b049bb..209107d1953dde5b38892a942a5139e6a36d5b68 100644
--- a/core/profiles/standard/standard.profile
+++ b/core/profiles/standard/standard.profile
@@ -11,5 +11,5 @@
*/
function standard_form_install_configure_form_alter(&$form, $form_state) {
// Pre-populate the site name with the server name.
- $form['site_information']['site_name']['#default_value'] = $_SERVER['SERVER_NAME'];
+ $form['site_information']['site_name']['#default_value'] = \Drupal::request()->server->get('SERVER_NAME');
}
diff --git a/core/update.php b/core/update.php
index add3646becc37262b2adecc4133b6dff07d6cf27..48059208471e95c8f9acdb70ab2a14a9f8710de3 100644
--- a/core/update.php
+++ b/core/update.php
@@ -221,7 +221,7 @@ function update_info_page() {
*/
function update_access_denied_page() {
drupal_add_http_header('Status', '403 Forbidden');
- header($_SERVER['SERVER_PROTOCOL'] . ' 403 Forbidden');
+ header(\Drupal::request()->server->get('SERVER_PROTOCOL') . ' 403 Forbidden');
watchdog('access denied', 'update.php', NULL, WATCHDOG_WARNING);
drupal_set_title('Access denied');
return '
Access denied. You are not authorized to access this page. Log in using either an account with the administer software updates permission or the site maintenance account (the account you created during installation). If you cannot log in, you will have to edit settings.php to bypass this access check. To do this: