Home » API reference

node.module

<?php
// $Id: node.module,v 1.485.2.18 2006/10/18 20:14:08 killes Exp $

/**
 * @file
 * The core that allows content to be submitted to the site.
 */

define('NODE_NEW_LIMIT', time() - 30 * 24 * 60 * 60);

/**
 * Implementation of hook_help().
 */
function node_help($section) {
  switch ($section) {
    case 'admin/help#node':
      $output = t("
      <h3>Nodes</h3>
      <p>The core of the Drupal system is the node. All of the contents of the system are placed in nodes, or extensions of nodes.
      A base node contains:<dl>
      <dt>A Title</dt><dd>Up to 128 characters of text that titles the node.</dd>
      <dt>A Teaser</dt><dd>A small block of text that is meant to get you interested in the rest of node. Drupal will automatically pull a small amount of the body of the node to make the teaser (To configure how long the teaser will be <a href=\"%teaser\">click here</a>). The teaser can be changed if you don't like what Drupal grabs.</dd>
      <dt>The Body</dt><dd>The main text that comprises your content.</dd>
      <dt>A Type</dt><dd>What kind of node is this? Blog, book, forum, comment, unextended, etc.</dd>
      <dt>An Author</dt><dd>The author's name. It will either be \"anonymous\" or a valid user. You <em>cannot</em> set it to an arbitrary value.</dd>
      <dt>Authored on</dt><dd>The date the node was written.</dd>
      <dt>Changed</dt><dd>The last time this node was changed.</dd>
      <dt>Sticky at top of lists</dt><dd>In listings such as the frontpage or a taxonomy overview the teasers of a selected amount of nodes is displayed. If you want to force a node to appear on the top of such a listing, you must set it to 'sticky'. This way it will float to the top of a listing, and it will not be pushed down by newer content.
      <dt>Allow user comments</dt><dd>A node can have comments. These comments can be written by other users (Read-write), or only by admins (Read-only).</dd>
      <dt>Revisions</dt><dd>Drupal has a revision system so that you can \"roll back\" to an older version of a post if the new version is not what you want.</dd>
      <dt>Promote to front page</dt><dd>To get people to look at the new stuff on your site you can choose to move it to the front page. The front page is configured to show the teasers from only a few of the total nodes you have on your site (To configure how many teasers <a href=\"%teaser\">click here</a>).</dd>
      <dt>Published</dt><dd>When using Drupal's moderation system a node remains unpublished -- unavailable to non-moderators -- until it is marked Published.</dd></dl>
      <p>Now that you know what is in a node, here are some of the types of nodes available.</p>", array("%teaser" => url("admin/node/configure/settings")));

      foreach (node_list() as $type) {
        $output .= '<h3>'. t('Node type: %module', array('%module' => node_invoke($type, 'node_name'))). '</h3>';
        $output .= implode("\n", module_invoke_all('help', 'node/add#'. $type));
      }

      return $output;

    case 'admin/modules#description':
      return t('Allows content to be submitted to the site and displayed on pages.');
    case 'admin/node/configure':
    case 'admin/node/configure/settings':
      return t('<p>Settings for the core of Drupal. Almost everything is a node so these settings will affect most of the site.</p>');
    case 'admin/node':
      return t('<p>Below is a list of all of the posts on your site. Other forms of content are listed elsewhere (e.g. <a href="%comments">comments</a>).</p><p>Clicking a title views the post, while clicking an author\'s name views their user information.</p>', array('%comments' => url('admin/comment')));
    case 'admin/node/search':
      return t('<p>Enter a simple pattern to search for a post. This can include the wildcard character *.<br />For example, a search for "br*" might return "bread bakers", "our daily bread" and "brenda".</p>');
  }

  if (arg(0) == 'node' && is_numeric(arg(1)) && arg(2) == 'revisions') {
    return t('The revisions let you track differences between multiple versions of a post.');
  }

  if (arg(0) == 'node' && arg(1) == 'add' && $type = arg(2)) {
    return variable_get($type .'_help', '');
  }
}

/**
 * Implementation of hook_cron().
 */
function node_cron() {
  db_query('DELETE FROM {history} WHERE timestamp < %d', NODE_NEW_LIMIT);
}

/**
 * Gather a listing of links to nodes.
 *
 * @param $result
 *   A DB result object from a query to fetch node objects.  If your query joins the <code>node_comment_statistics</code> table so that the <code>comment_count</code> field is available, a title attribute will be added to show the number of comments.
 * @param $title
 *   A heading for the resulting list.
 *
 * @return
 *   An HTML list suitable as content for a block.
 */
function node_title_list($result, $title = NULL) {
  while ($node = db_fetch_object($result)) {
    $items[] = l($node->title, 'node/'. $node->nid, $node->comment_count ? array('title' => format_plural($node->comment_count, '1 comment', '%count comments')) : '');
  }

  return theme('node_list', $items, $title);
}

/**
 * Format a listing of links to nodes.
 */
function theme_node_list($items, $title = NULL) {
  return theme('item_list', $items, $title);
}

/**
 * Update the 'last viewed' timestamp of the specified node for current user.
 */
function node_tag_new($nid) {
  global $user;

  if ($user->uid) {
    if (node_last_viewed($nid)) {
      db_query('UPDATE {history} SET timestamp = %d WHERE uid = %d AND nid = %d', time(), $user->uid, $nid);
    }
    else {
      @db_query('INSERT INTO {history} (uid, nid, timestamp) VALUES (%d, %d, %d)', $user->uid, $nid, time());
    }
  }
}

/**
 * Retrieves the timestamp at which the current user last viewed the
 * specified node.
 */
function node_last_viewed($nid) {
  global $user;
  static $history;

  if (!isset($history[$nid])) {
    $history[$nid] = db_fetch_object(db_query("SELECT timestamp FROM {history} WHERE uid = '$user->uid' AND nid = %d", $nid));
  }

  return ($history[$nid]->timestamp ? $history[$nid]->timestamp : 0);
}

/**
 * Decide on the type of marker to be displayed for a given node.
 *
 * @param $nid
 *   Node ID whose history supplies the "last viewed" timestamp.
 * @param $timestamp
 *   Time which is compared against node's "last viewed" timestamp.
 * @return
 *   One of the MARK constants.
 */
function node_mark($nid, $timestamp) {
  global $user;
  static $cache;

  if (!$user->uid) {
    return MARK_READ;
  }
  if (!isset($cache[$nid])) {
    $cache[$nid] = node_last_viewed($nid);
  }
  if ($cache[$nid] == 0 && $timestamp > NODE_NEW_LIMIT) {
    return MARK_NEW;
  }
  elseif ($timestamp > $cache[$nid] && $timestamp > NODE_NEW_LIMIT) {
    return MARK_UPDATED;
  }
  return MARK_READ;
}

/**
 * Automatically generate a teaser for a node body in a given format.
 */
function node_teaser($body, $format = NULL) {

  $size = variable_get('teaser_length', 600);

  // find where the delimiter is in the body
  $delimiter = strpos($body, '<!--break-->');

  // If the size is zero, and there is no delimiter, the entire body is the teaser.
  if ($size == 0 && $delimiter == 0) {
    return $body;
  }

  // We check for the presence of the PHP evaluator filter in the current
  // format. If the body contains PHP code, we do not split it up to prevent
  // parse errors.
  if (isset($format)) {
    $filters = filter_list_format($format);
    if (isset($filters['filter/1']) && strpos($body, '<?') !== false) {
      return $body;
    }
  }

  // If a valid delimiter has been specified, use it to chop of the teaser.
  if ($delimiter > 0) {
    return substr($body, 0, $delimiter);
  }

  // If we have a short body, the entire body is the teaser.
  if (strlen($body) < $size) {
    return $body;
  }

  // In some cases, no delimiter has been specified (e.g. when posting using
  // the Blogger API). In this case, we try to split at paragraph boundaries.
  // When even the first paragraph is too long, we try to split at the end of
  // the next sentence.
  $breakpoints = array('</p>' => 4, '<br />' => 0, '<br>' => 0, "\n" => 0, '. ' => 1, '! ' => 1, '? ' => 1, '。' => 1, '؟ ' => 1);
  foreach ($breakpoints as $point => $charnum) {
    if ($length = strpos($body, $point, $size)) {
      return substr($body, 0, $length + $charnum);
    }
  }

  // If all else fails, we simply truncate the string.
  return truncate_utf8($body, $size);
}


/**
 * Determine the module that defines the node type of the given node.
 *
 * @param &$node
 *   Either a node object, a node array, or a string containing the node type.
 * @return
 *   A string containing the name of the defining module.
 */
function node_get_module_name($node) {
  if (is_array($node)) {
    if ($pos = strpos($node['type'], '-')) {
      return substr($node['type'], 0, $pos);
    }
    else {
      return $node['type'];
    }
  }
  else if (is_object($node)) {
    if ($pos = strpos($node->type, '-')) {
      return substr($node->type, 0, $pos);
    }
    else {
      return $node->type;
    }
  }
  else if (is_string($node)) {
    if ($pos = strpos($node, '-')) {
      return substr($node, 0, $pos);
    }
    else {
      return $node;
    }
  }
}

/**
 * Get a list of all the defined node types.
 *
 * @return
 *   A list of all node types.
 */
function node_list() {
  $types = array();
  foreach (module_list() as $module) {
    if (module_hook($module, 'node_name')) {
      $module_types = module_invoke($module, 'node_types');
      if (is_array($module_types)) {
        foreach ($module_types as $type) {
          $types[] = $type;
        }
      }
      else {
        $types[] = $module;
      }
    }
  }
  return $types;
}

/**
 * Determine whether a node hook exists.
 *
 * @param &$node
 *   Either a node object, node array, or a string containing the node type.
 * @param $hook
 *   A string containing the name of the hook.
 * @return
 *   TRUE iff the $hook exists in the node type of $node.
 */
function node_hook(&$node, $hook) {
  $function = node_get_module_name($node) ."_$hook";

  return function_exists($function);
}

/**
 * Invoke a node hook.
 *
 * @param &$node
 *   Either a node object, node array, or a string containing the node type.
 * @param $hook
 *   A string containing the name of the hook.
 * @param $a2, $a3, $a4
 *   Arguments to pass on to the hook, after the $node argument.
 * @return
 *   The returned value of the invoked hook.
 */
function node_invoke(&$node, $hook, $a2 = NULL, $a3 = NULL, $a4 = NULL) {
  $function = node_get_module_name($node) ."_$hook";

  if (function_exists($function)) {
    return ($function($node, $a2, $a3, $a4));
  }
}

/**
 * Invoke a hook_nodeapi() operation in all modules.
 *
 * @param &$node
 *   A node object.
 * @param $op
 *   A string containing the name of the nodeapi operation.
 * @param $a3, $a4
 *   Arguments to pass on to the hook, after the $node and $op arguments.
 * @return
 *   The returned value of the invoked hooks.
 */
function node_invoke_nodeapi(&$node, $op, $a3 = NULL, $a4 = NULL) {
  $return = array();
  foreach (module_list() as $name) {
    $function = $name .'_nodeapi';
    if (function_exists($function)) {
      $result = $function($node, $op, $a3, $a4);
      if (is_array($result)) {
        $return = array_merge($return, $result);
      }
      else if (isset($result)) {
        $return[] = $result;
      }
    }
  }
  return $return;
}

/**
 * Load a node object from the database.
 *
 * @param $conditions
 *   An array of conditions to match against in the database query. Most calls
 *   will simply use array('nid' => 52).
 * @param $revision
 *   Which numbered revision to load. Defaults to the current version.
 * @param $reset
 *   Whether to reset the internal node_load cache.
 *
 * @return
 *   A fully-populated node object.
 */
function node_load($conditions, $revision = NULL, $reset = NULL) {
  static $nodes = array();

  if ($reset) {
    $nodes = array();
  }

  $cachable = (count($conditions) == 1 && isset($conditions['nid']) && $revision == NULL);

  if ($cachable && isset($nodes[$conditions['nid']])) {
    return $nodes[$conditions['nid']];
  }

  // Turn the conditions into a query.
  foreach ($conditions as $key => $value) {
    $cond[] = 'n.'. db_escape_string($key) ." = '". db_escape_string($value) ."'";
  }

  // Retrieve the node.
  $node = db_fetch_object(db_query(db_rewrite_sql('SELECT n.*, u.uid, u.name, u.picture, u.data FROM {node} n INNER JOIN {users} u ON u.uid = n.uid WHERE '. implode(' AND ', $cond))));
  $node = drupal_unpack($node);

  // Unserialize the revisions and user data fields.
  if ($node->revisions) {
    $node->revisions = unserialize($node->revisions);
  }

  // Call the node specific callback (if any) and piggy-back the
  // results to the node or overwrite some values.
  if ($extra = node_invoke($node, 'load')) {
    foreach ($extra as $key => $value) {
      $node->$key = $value;
    }
  }

  if ($extra = node_invoke_nodeapi($node, 'load')) {
    foreach ($extra as $key => $value) {
      $node->$key = $value;
    }
  }

  // Return the desired revision.
  if (!is_null($revision) && is_array($node->revisions[$revision])) {
   $node = $node->revisions[$revision]['node'];
  }

  if ($cachable) {
    $nodes[$conditions['nid']] = $node;
  }

  return $node;
}

/**
 * Save a node object into the database.
 */
function node_save($node) {
  // Fetch fields to save to node table:
  $fields = node_invoke_nodeapi($node, 'fields');

  // Serialize the revisions field:
  if ($node->revisions) {
    $node->revisions = serialize($node->revisions);
  }

  // Apply filters to some default node fields:
  if (empty($node->nid)) {
    // Insert a new node.

    // Set some required fields:
    if (!$node->created) {
      $node->created = time();
    }
    if (!$node->changed) {
      $node->changed = time();
    }
    $node->nid = db_next_id('{node}_nid');

    // Prepare the query:
    foreach ($node as $key => $value) {
      if (in_array((string) $key, $fields)) {
        $k[] = db_escape_string($key);
        $v[] = $value;
        $s[] = "'%s'";
      }
    }

    // Insert the node into the database:
    db_query("INSERT INTO {node} (". implode(", ", $k) .") VALUES(". implode(", ", $s) .")", $v);

    // Call the node specific callback (if any):
    node_invoke($node, 'insert');
    node_invoke_nodeapi($node, 'insert');
  }
  else {
    // Update an existing node.

    // Set some required fields:
    $node->changed = time();

    // Prepare the query:
    foreach ($node as $key => $value) {
      if (in_array($key, $fields)) {
        $q[] = db_escape_string($key) ." = '%s'";
        $v[] = $value;
      }
    }

    // Update the node in the database:
    db_query("UPDATE {node} SET ". implode(', ', $q) ." WHERE nid = '$node->nid'", $v);

    // Call the node specific callback (if any):
    node_invoke($node, 'update');
    node_invoke_nodeapi($node, 'update');
  }

  // Clear the cache so an anonymous poster can see the node being added or updated.
  cache_clear_all();

  // Return the node ID:
  return $node->nid;
}

/**
 * Generate a display of the given node.
 *
 * @param $node
 *   A node array or node object.
 * @param $teaser
 *   Whether to display only the teaser for the node.
 * @param $page
 *   Whether the node is being displayed by itself as a page.
 * @param $links
 *   Whether or not to display node links. Links are omitted for node previews.
 *
 * @return
 *   An HTML representation of the themed node.
 */
function node_view($node, $teaser = FALSE, $page = FALSE, $links = TRUE) {
  $node = array2object($node);

  // Remove the delimiter (if any) that separates the teaser from the body.
  // TODO: this strips legitimate uses of '<!--break-->' also.
  $node->body = str_replace('<!--break-->', '', $node->body);

  // The 'view' hook can be implemented to overwrite the default function
  // to display nodes.
  if (node_hook($node, 'view')) {
    node_invoke($node, 'view', $teaser, $page);
  }
  else {
    $node = node_prepare($node, $teaser);
  }
  // Allow modules to change $node->body before viewing.
  node_invoke_nodeapi($node, 'view', $teaser, $page);
  if ($links) {
    $node->links = module_invoke_all('link', 'node', $node, !$page);
  }
  // unset unused $node part so that a bad theme can not open a security hole
  if ($teaser) {
    unset($node->body);
  }
  else {
    unset($node->teaser);
  }

  return theme('node', $node, $teaser, $page);
}

/**
 * Apply filters to a node in preparation for theming.
 */
function node_prepare($node, $teaser = FALSE) {
  $node->readmore = (strlen($node->teaser) < strlen($node->body));
  if ($teaser == FALSE) {
    $node->body = check_output($node->body, $node->format);
  }
  else {
    $node->teaser = check_output($node->teaser, $node->format);
  }
  return $node;
}

/**
 * Generate a page displaying a single node, along with its comments.
 */
function node_show($node, $cid) {
  $output = node_view($node, FALSE, TRUE);

  if (function_exists('comment_render') && $node->comment) {
    $output .= comment_render($node, $cid);
  }

  // Update the history table, stating that this user viewed this node.
  node_tag_new($node->nid);

  return $output;
}

/**
 * Implementation of hook_perm().
 */
function node_perm() {
  return array('administer nodes', 'access content');
}

/**
 * Implementation of hook_search().
 */
function node_search($op = 'search', $keys = null) {
  switch ($op) {
    case 'name':
      return t('content');
    case 'reset':
      variable_del('node_cron_last');
      return;
    case 'status':
      $last = variable_get('node_cron_last', 0);
      $total = db_result(db_query('SELECT COUNT(*) FROM {node} WHERE status = 1 AND moderate = 0'));
      $remaining = db_result(db_query('SELECT COUNT(*) FROM {node} n LEFT JOIN {node_comment_statistics} c ON n.nid = c.nid WHERE n.status = 1 AND n.moderate = 0 AND (n.created > %d OR n.changed > %d OR c.last_comment_timestamp > %d)', $last, $last, $last));
      return array('remaining' => $remaining, 'total' => $total);
    case 'search':
      list($join, $where) = _db_rewrite_sql();
      $find = do_search($keys, 'node', 'INNER JOIN {node} n ON n.nid = i.sid '. $join .' INNER JOIN {users} u ON n.uid = u.uid', 'n.status = 1'. (empty($where) ? '' : ' AND '. $where));
      $results = array();
      foreach ($find as $item) {
        $node = node_load(array('nid' => $item));

        // Get node output (filtered and with module-specific fields).
        if (node_hook($node, 'view')) {
          node_invoke($node, 'view', false, false);
        }
        else {
          $node = node_prepare($node, false);
        }
        // Allow modules to change $node->body before viewing.
        node_invoke_nodeapi($node, 'view', false, false);

        $extra = node_invoke_nodeapi($node, 'search result');
        $results[] = array('link' => url('node/'. $item),
                           'type' => node_invoke($node, 'node_name'),
                           'title' => $node->title,
                           'user' => format_name($node),
                           'date' => $node->changed,
                           'extra' => $extra,
                           'snippet' => search_excerpt($keys, $node->body));
      }
      return $results;
  }
}

/**
 * Menu callback; presents general node configuration options.
 */
function node_configure() {
  if ($_POST) {
    system_settings_save();
  }

  $output .= form_select(t('Number of posts on main page'), 'default_nodes_main', variable_get('default_nodes_main', 10), drupal_map_assoc(array(1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 15, 20, 25, 30)), t('The default maximum number of posts to display per page on overview pages such as the main page.'));
  $output .= form_select(t('Length of trimmed posts'), 'teaser_length', variable_get('teaser_length', 600), array(0 => t('Unlimited'), 200 => t('200 characters'), 400 => t('400 characters'), 600 => t('600 characters'), 800 => t('800 characters'), 1000 => t('1000 characters'), 1200 => t('1200 characters'), 1400 => t('1400 characters'), 1600 => t('1600 characters'), 1800 => t('1800 characters'), 2000 => t('2000 characters')), t("The maximum number of characters used in the trimmed version of a post.  Drupal will use this setting to determine at which offset long posts should be trimmed.  The trimmed version of a post is typically used as a teaser when displaying the post on the main page, in XML feeds, etc.  To disable teasers, set to 'Unlimited'. Note that this setting will only affect new or updated content and will not affect existing teasers."));
  $output .= form_radios(t('Preview post'), 'node_preview', variable_get('node_preview', 0), array(t('Optional'), t('Required')), t('Must users preview posts before submitting?'));

  print theme('page', system_settings_form($output));
}

/**
 * Retrieve the comment mode for the given node ID (none, read, or read/write).
 */
function node_comment_mode($nid) {
  static $comment_mode;
  if (!isset($comment_mode[$nid])) {
    $comment_mode[$nid] = db_result(db_query('SELECT comment FROM {node} WHERE nid = %d', $nid));
  }
  return $comment_mode[$nid];
}

/**
 * Implementation of hook_link().
 */
function node_link($type, $node = 0, $main = 0) {
  $links = array();

  if ($type == 'node') {
    if (array_key_exists('links', $node)) {
      $links = $node->links;
    }

    if ($main == 1 && $node->teaser && $node->readmore) {
      $links[] = l(t('read more'), "node/$node->nid", array('title' => t('Read the rest of this posting.'), 'class' => 'read-more'));
    }
  }

  return $links;
}

/**
 * Implementation of hook_menu().
 */
function node_menu($may_cache) {
  $items = array();

  if ($may_cache) {
    $items[] = array('path' => 'admin/node', 'title' => t('content'),
      'callback' => 'node_admin',
      'access' => user_access('administer nodes'));
    $items[] = array('path' => 'admin/node/action', 'title' => t('content'),
      'type' => MENU_CALLBACK);
    $items[] = array('path' => 'admin/node/overview', 'title' => t('list'),
      'type' => MENU_DEFAULT_LOCAL_TASK, 'weight' => -10);
    $items[] = array('path' => 'admin/node/configure', 'title' => t('configure'),
      'callback' => 'node_configure',
      'access' => user_access('administer nodes'),
      'type' => MENU_LOCAL_TASK);
    $items[] = array('path' => 'admin/node/configure/settings', 'title' => t('settings'),
      'type' => MENU_DEFAULT_LOCAL_TASK, 'weight' => -10);
    $items[] = array('path' => 'admin/node/configure/types', 'title' => t('content types'),
      'callback' => 'node_types_configure',
      'access' => user_access('administer nodes'),
      'type' => MENU_LOCAL_TASK);
    if (module_exist('search')) {
      $items[] = array('path' => 'admin/node/search', 'title' => t('search'),
        'callback' => 'node_admin',
        'access' => user_access('administer nodes'),
        'type' => MENU_LOCAL_TASK);
    }

    $items[] = array('path' => 'node', 'title' => t('content'),
      'callback' => 'node_page',
      'access' => user_access('access content'),
      'type' => MENU_SUGGESTED_ITEM);
    $items[] = array('path' => 'node/add', 'title' => t('create content'),
      'callback' => 'node_page',
      'access' => user_access('access content'),
      'type' => MENU_ITEM_GROUPING,
      'weight' => 1);
  }
  else {
    if (arg(0) == 'node' && is_numeric(arg(1))) {
      $node = node_load(array('nid' => arg(1)));
      if ($node->nid) {
        $items[] = array('path' => 'node/'. arg(1), 'title' => t('view'),
          'callback' => 'node_page',
          'access' => node_access('view', $node),
          'type' => MENU_CALLBACK);
        $items[] = array('path' => 'node/'. arg(1) .'/view', 'title' => t('view'),
            'type' => MENU_DEFAULT_LOCAL_TASK, 'weight' => -10);
        $items[] = array('path' => 'node/'. arg(1) .'/edit', 'title' => t('edit'),
          'callback' => 'node_page',
          'access' => node_access('update', $node),
          'weight' => 1,
          'type' => MENU_LOCAL_TASK);
        $items[] = array('path' => 'node/'. arg(1) .'/delete', 'title' => t('delete'),
          'callback' => 'node_page',
          'access' => node_access('delete', $node),
          'weight' => 1,
          'type' => MENU_CALLBACK);

        if ($node->revisions) {
          $items[] = array('path' => 'node/'. arg(1) .'/revisions', 'title' => t('revisions'),
            'callback' => 'node_page',
            'access' => user_access('administer nodes'),
            'weight' => 2,
            'type' => MENU_LOCAL_TASK);
          $items[] = array('path' => 'node/'. arg(1) .'/rollback-revision', 'title' => t('Revert revision'),
            'callback' => 'node_page',
            'access' => user_access('administer nodes'),
            'weight' => 1,
            'type' => MENU_CALLBACK);
          $items[] = array('path' => 'node/'. arg(1) .'/delete-revision', 'title' => t('Delete revision'),
            'callback' => 'node_page',
            'access' => user_access('administer nodes'),
            'weight' => 1,
            'type' => MENU_CALLBACK);
        }
      }
    }
    else if (arg(0) == 'admin' && arg(1) == 'node' && arg(2) == 'configure' && arg(3) == 'types' && is_string(arg(4))) {
      $arg4 = arg(4);
      $items[] = array('path' => 'admin/node/configure/types/'. arg(4),
        'title' => t("'%name' content type", array('%name' => node_invoke($arg4, 'node_name'))),
        'type' => MENU_CALLBACK);
    }
  }

  return $items;
}

function node_last_changed($nid) {
  $node = db_fetch_object(db_query('SELECT changed FROM {node} WHERE nid = %d', $nid));
  return ($node->changed);
}

/**
 * Generate the content administration overview.
 */
function node_admin_nodes() {
  /*
  ** Operations
  */
  $operations = array(
    'approve' =>   array(t('Approve the selected posts'), 'UPDATE {node} SET status = 1, moderate = 0 WHERE nid = %d'),
    'promote' =>   array(t('Promote the selected posts'), 'UPDATE {node} SET status = 1, promote = 1 WHERE nid = %d'),
    'sticky' =>    array(t('Make the selected posts sticky'), 'UPDATE {node} SET status = 1, sticky = 1 WHERE nid = %d'),
    'demote' =>    array(t('Demote the selected posts'), 'UPDATE {node} SET promote = 0 WHERE nid = %d'),
    'unpublish' => array(t('Unpublish the selected posts'), 'UPDATE {node} SET status = 0 WHERE nid = %d'),
    'delete' =>    array(t('Delete the selected posts'), '')
  );

  // Handle operations
  $op = $_POST['op'];

  $edit = $_POST['edit'];
  if (($op == t('Update') || $op == t('Delete all')) && isset($edit['operation']) && isset($edit['nodes'])) {
    $edit['nodes'] = array_diff($edit['nodes'], array(0));
    if (count($edit['nodes']) == 0) {
      form_set_error('', t('Please select some items to perform the update on.'));
    }
    else {
      if ($operations[$edit['operation']][1]) {
        // Flag changes
       $operation = $operations[$edit['operation']][1];
        foreach ($edit['nodes'] as $nid => $value) {
          if ($value) {
            db_query($operation, $nid);
          }
        }
        drupal_set_message(t('The update has been performed.'));
      }
      else if ($edit['operation'] == 'delete') {
        // Mass delete
        if ($edit['confirm']) {
          foreach ($edit['nodes'] as $nid => $value) {
            node_delete(array('nid' => $nid, 'confirm' => 1));
          }
          drupal_set_message(t('The items have been deleted.'));
        }
        else {
          $extra = '<ul>';
          foreach ($edit['nodes'] as $nid => $value) {
            if ($value) {
              $title = db_result(db_query('SELECT title FROM {node} WHERE nid = %d', $nid));
              $extra .= '<li>'. form_hidden('nodes]['. $nid, 1) . check_plain($title) .'</li>';
            }
          }
          $extra .= '</ul>';
          $extra .= form_hidden('operation', 'delete');

          $output = theme('confirm',
                          t('Are you sure you want to delete these items?'),
                          'admin/node',
                          t('This action cannot be undone.'),
                          t('Delete all'),
                          t('Cancel'),
                          $extra);
          return $output;
        }
      }
    }
  }

  /*
  ** Filters
  */
  $node_types = drupal_map_assoc(node_list());
  foreach ($node_types as $k => $v) {
    $node_types[$k] = node_invoke($v, 'node_name');
  }
  // Regular filters
  $filters = array(
    'status'   => array('title' => t('status'),
                        'options' => array('status-1'   => t('published'),     'status-0' => t('not published'),
                                           'moderate-1' => t('in moderation'), 'moderate-0' => t('not in moderation'),
                                           'promote-1'  => t('promoted'),      'promote-0' => t('not promoted'),
                                           'sticky-1'   => t('sticky'),        'sticky-0' => t('not sticky'))),
    'type'     => array('title' => t('type'), 'where' => "n.type = '%s'",
                        'options' => $node_types));
  // Merge all vocabularies into one for retrieving $value below
  if ($taxonomy = module_invoke('taxonomy', 'form_all')) {
    $terms = array();
    foreach ($taxonomy as $key => $value) {
      $terms = $terms + $value;
    }
    $filters['category'] = array('title' => t('category'), 'where' => 'tn.tid = %d',
                                 'options' => $terms, 'join' => 'INNER JOIN {term_node} tn ON n.nid = tn.nid');
  }

  // Initialize/reset filters
  if (!isset($_SESSION['node_overview_filter']) || !is_array($_SESSION['node_overview_filter']) || $op == t('Reset')) {
    $_SESSION['node_overview_filter'] = array();
  }
  $session = &$_SESSION['node_overview_filter'];
  $filter = $edit['filter'];
  if (($op == t('Filter') || $op == t('Refine')) && isset($filter)) {
    if (isset($filters[$filter]['options'][$edit[$filter]])) {
      $session[] = array($filter, $edit[$filter]);
    }
  }
  if ($op == t('Undo')) {
    array_pop($session);
  }
  if ($op != '') {
    drupal_goto('admin/node');
  }

  /*
  ** Form
  */
  $output .= '<div id="node-admin-filter">';
  // Existing filters
  $form = '<ul>';
  $i = 0;
  foreach ($session as $filter) {
    list($type, $value) = $filter;
    $params = array('%a' => '<strong>'. $filters[$type]['title'] .'</strong>', '%b' => '<strong>'. $filters[$type]['options'][$value] .'</strong>');
    $form .= '<li>'. ($i++ ? t('<em>and</em> where <strong>%a</strong> is <strong>%b</strong>', $params) : t('<strong>%a</strong> is <strong>%b</strong>', $params)) .'</li>';
  }

  // New filter form
  if (isset($filters['category'])) {
    $filters['category']['options'] = $taxonomy;
  }
  $values = '';
  $options = array();
  foreach ($filters as $key => $value) {
    $options[$key] = $value['title'];
    $b .= form_select('', $key, 1, $filters[$key]['options']);
  }

  $buttons = '';
  if (count($options)) {
    $form .= '<li><dl class="multiselect">';
    $a = '';
    foreach ($options as $key => $value) {
      $a .= form_radio($value, 'filter', $key);
    }
    if (!$i) {
      $form .= t('<dd class="a">%a</dd> <dt>is</dt> <dd class="b">%b</dd>', array('%a' => $a, '%b' => $b));
    }
    else {
      $form .= t('<dt><em>and</em> where</dt> <dd class="a">%a</dd> <dt>is</dt> <dd class="b">%b</dd>', array('%a' => $a, '%b' => $b));
    }
    $form .= '</dl>';
    $buttons = form_submit(count($session) ? t('Refine') : t('Filter'));
  }
  if (count($session)) {
    $buttons .= form_submit(t('Undo')) . form_submit(t('Reset'));
  }
  $form .= '<div class="container-inline" id="node-admin-buttons">'. $buttons .'</div>';
  $form .= '</li></ul><br class="clear" />';
  $output .= form_group(t('Show only items where'), $form);

  // Build query
  $where = $args = array();
  $join = '';
  foreach ($session as $filter) {
    list($key, $value) = $filter;
    if ($key == 'status') {
      // Note: no exploit hole as $value has already been checked
      list($key, $value) = explode('-', $value, 2);
      $where[] = 'n.'. $key .' = %d';
    }
    else {
      $where[] = $filters[$key]['where'];
    }
    $args[] = $value;
    $join .= $filters[$key]['join'];
  }
  $where = count($where) ? 'WHERE '. implode(' AND ', $where) : '';
  $result = pager_query('SELECT n.*, u.name, u.uid FROM {node} n '. $join .' INNER JOIN {users} u ON n.uid = u.uid '. $where .' ORDER BY n.changed DESC', 50, 0, NULL, $args);

  // Make sure the update controls are disabled if we don't have any rows to select from.
  $disabled = !db_num_rows($result);

  $options = array();
  foreach ($operations as $key => $value) {
    $options[$key] = $value[0];
  }

  $form = form_select(NULL, 'operation', 'approve', $options, NULL, ($disabled ? 'disabled="disabled"' : ''));
  $form .= form_submit(t('Update'), 'op', ($disabled ? array('disabled' => 'disabled') : array()));

  $output .= form_group(t('Update options'), "<div class=\"container-inline\">$form</div>");
  $output .= '</div>';

  // Overview table:
  $header = array(NULL, t('Title'), t('Type'), t('Author'), t('Status'), t('Operations'));

  $destination = drupal_get_destination();
  while ($node = db_fetch_object($result)) {
    $rows[] = array(form_checkbox(NULL, 'nodes]['. $node->nid, 1, 0),
                    l($node->title, 'node/'. $node->nid) .' '. theme('mark', node_mark($node->nid, $node->changed)),
                    node_invoke($node, 'node_name'),
                    format_name($node),
                    ($node->status ? t('published') : t('not published')),
                    l(t('edit'), 'node/'. $node->nid .'/edit', array(), $destination));
  }

  if ($pager = theme('pager', NULL, 50, 0)) {
    $rows[] = array(array('data' => $pager, 'colspan' => '7'));
  }

  if (!$rows) {
    $rows[] = array(array('data' => t('No posts available.'), 'colspan' => '6'));
  }

  $output .= theme('table', $header, $rows);
  return form($output, 'post', url('admin/node/action'));
}

/**
 * Menu callback; presents each node type configuration page.
 */
function node_types_configure($type = NULL) {
  if (isset($type)) {
    // Go to the listing page when we submit this form, system_settings_save() calls drupal_goto().
    if ($_POST['op']) {
      $_GET['q'] = 'admin/node/configure/types';
    }
    system_settings_save();

    $node = new stdClass();
    $node->type = $type;
    $group = form_textarea(t('Explanation or submission guidelines'), $type .'_help', variable_get($type .'_help', ''), 70, 5, t('This text will be displayed at the top of the %type submission form. It is useful for helping or instructing your users.', array('%type' => node_invoke($type, 'node_name'))));
    $group .= form_select(t('Minimum number of words'), 'minimum_'. $type .'_size', variable_get('minimum_'. $type .'_size', 0), drupal_map_assoc(array(0, 10, 25, 50, 75, 100, 125, 150, 175, 200)), t('The minimum number of words a %type must be to be considered valid. This can be useful to rule out submissions that do not meet the site\'s standards, such as short test posts.', array('%type' => node_invoke($type, 'node_name'))));
    $output = form_group(t('Submission form'), $group);
    $output .= form_group(t('Workflow'), implode('', node_invoke_nodeapi($node, 'settings')));

    print theme('page', system_settings_form($output));
  }
  else {
    $header = array(t('Type'), t('Operations'));

    $rows = array();
    foreach (node_list() as $type) {
      $rows[] = array(node_invoke($type, 'node_name'), l(t('configure'), 'admin/node/configure/types/'. $type));
    }

    print theme('page', theme('table', $header, $rows));
  }
}

/**
 * Generate an overview table of older revisions of a node.
 */
function node_revision_overview($nid) {
  if (user_access('administer nodes')) {
    $node = node_load(array('nid' => $nid));

    drupal_set_title(check_plain($node->title));

    if ($node->revisions) {
      $header = array(t('Older revisions'), array('colspan' => '3', 'data' => t('Operations')));

      foreach ($node->revisions as $key => $revision) {
        $rows[] = array(t('revision #%r revised by %u on %d', array('%r' => $key, '%u' => format_name(user_load(array('uid' => $revision['uid']))), '%d' => format_date($revision['timestamp'], 'small'))) . ($revision['history'] ? '<br /><small>'. $revision['history'] .'</small>' : ''), l(t('view'), "node/$node->nid", array(), "revision=$key"), l(t('rollback'), "node/$node->nid/rollback-revision/$key"), l(t('delete'), "node/$node->nid/delete-revision/$key"));
      }
      $output .= theme('table', $header, $rows);
    }
  }

  return $output;
}


/**
 * Return the revision with the specified revision number.
 */
function node_revision_load($node, $revision) {
  return $node->revisions[$revision]['node'];
}

/**
 * Create and return a new revision of the given node.
 */
function node_revision_create($node) {
  global $user;

  // "Revision" is the name of the field used to indicate that we have to
  // create a new revision of a node.
  if ($node->nid && $node->revision) {
    $prev = node_load(array('nid' => $node->nid));
    $node->revisions = $prev->revisions;
    unset($prev->revisions);
    $node->revisions[] = array('uid' => $user->uid, 'timestamp' => time(), 'node' => $prev, 'history' => $node->history);
  }

  return $node;
}

/**
 * Roll back to the revision with the specified revision number.
 */
function node_revision_rollback($nid, $revision) {
  global $user;
  if (user_access('administer nodes')) {
    $node = node_load(array('nid' => $nid));
    // Extract the specified revision:
    $rev = $node->revisions[$revision]['node'];
    if ($_POST['edit']['confirm']) {
      // Inherit all the past revisions:
      $rev->revisions = $node->revisions;
      // Save the original/current node:
      $rev->revisions[] = array('uid' => $user->uid, 'timestamp' => time(), 'node' => $node);
      // Remove the specified revision:
      unset($rev->revisions[$revision]);
      // Save the node:
      foreach ($node as $key => $value) {
        $filter[] = $key;
      }
      node_save($rev, $filter);
      drupal_set_message(t('Rolled back to revision %revision of %title', array('%revision' => "<em>#$revision</em>", '%title' => theme('placeholder', $node->title))));
      drupal_goto('node/'. $nid .'/revisions');
    }
    else {
      $output = theme('confirm',
                      t('Are you sure you want to revert %title? to the revision from %revision-date?', array('%title' => theme('placeholder', $node->title), '%revision-date' => theme('placeholder', format_date($node->revisions[$revision]['timestamp'])))),
                      'node/'. $nid .'/revisions',
                      t('This action cannot be undone.'),
                      t('Revert'));
      print theme('page', $output);
    }
  }
}

/**
 * Delete the revision with specified revision number.
 */
function node_revision_delete($nid, $revision) {
  if (user_access('administer nodes')) {
    $node = node_load(array('nid' => $nid));
    if ($_POST['edit']['confirm']) {
      unset($node->revisions[$revision]);

      // If the array is empty, replace the array by an empty string, or
      // else we'll generate an SQL warning when we try to save the node.
      if (count($node->revisions) == 0) {
        $node->revisions = '';
      }
      node_save($node, array('nid', 'revisions'));

      drupal_set_message(t('Deleted revision %revision of %title', array('%revision' => "<em>#$revision</em>", '%title' => theme('placeholder', $node->title))));
      drupal_goto('node/'. $nid . (count($node->revisions) ? '/revisions' : ''));
    }
    else {
      $output = theme('confirm',
                      t('Are you sure you want to delete the revision of %title from %revision-date?', array('%title' => theme('placeholder', $node->title), '%revision-date' => theme('placeholder', format_date($node->revisions[$revision]['timestamp'])))),
                      'node/'. $nid .'/revisions',
                      t('This action cannot be undone.'),
                      t('Delete revision'));
      print theme('page', $output);
    }
  }
}

/**
 * Return a list of all the existing revision numbers.
 */
function node_revision_list($node) {
  if (is_array($node->revisions)) {
    return array_keys($node->revisions);
  }
  else {
    return array();
  }
}

/**
 * Menu callback; presents the content administration overview.
 */
function node_admin() {
  $op = $_POST['op'];
  $edit = $_POST['edit'];

  if (empty($op)) {
    $op = arg(2);
  }

  // Compile a list of the administrative links:
  switch ($op) {
    case 'search':
    case t('Search'):
      $output = search_form(url('admin/node/search'), $_POST['edit']['keys'], 'node') . search_data($_POST['edit']['keys'], 'node');
      break;
    default:
      $output = node_admin_nodes();
  }
  print theme('page', $output);
}

/**
 * Implementation of hook_block().
 */
function node_block($op = 'list', $delta = 0) {
  if ($op == 'list') {
    $blocks[0]['info'] = t('Syndicate');
    return $blocks;
  }
  else if ($op == 'view') {
    $block['subject'] = t('Syndicate');
    $block['content'] = theme('xml_icon', url('node/feed'));

    return $block;
  }
}

/**
 * A generic function for generating RSS feeds from a set of nodes.
 *
 * @param $nodes
 *   An object as returned by db_query() which contains the nid field.
 * @param $channel
 *   An associative array containing title, link, description and other keys.
 *   The link should be an absolute URL.
 */
function node_feed($nodes = 0, $channel = array()) {
  global $base_url, $locale;

  if (!$nodes) {
    $nodes = db_query_range(db_rewrite_sql('SELECT n.nid FROM {node} n WHERE n.promote = 1 AND n.status = 1 ORDER BY n.created DESC'), 0, 15);
  }

  while ($node = db_fetch_object($nodes)) {
    // Load the specified node:
    $item = node_load(array('nid' => $node->nid));
    $link = url("node/$node->nid", NULL, NULL, 1);

    // Filter and prepare node teaser
    if (node_hook($item, 'view')) {
      node_invoke($item, 'view', TRUE, FALSE);
    }
    else {
      $item = node_prepare($item, TRUE);
    }

    // Allow modules to change $node->teaser before viewing.
    node_invoke_nodeapi($item, 'view', true, false);

    // Allow modules to add additional item fields
    $extra = node_invoke_nodeapi($item, 'rss item');
    $extra = array_merge($extra, array(array('key' => 'pubDate', 'value' =>  date('r', $item->created))));
    $items .= format_rss_item($item->title, $link, $item->teaser, $extra);
  }

  $slogan = variable_get('site_slogan', '');
  $spacer = ' - ';
  if (empty($slogan)) {
    $spacer = '';
  }
  $channel_defaults = array(
    'version'     => '2.0',
    'title'       => variable_get('site_name', 'drupal') . $spacer . $slogan,
    'link'        => $base_url,
    'description' => variable_get('site_mission', ''),
    'language'    => $locale
  );
  $channel = array_merge($channel_defaults, $channel);

  $output = "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n";
  $output .= "<!DOCTYPE rss [<!ENTITY % HTMLlat1 PUBLIC \"-//W3C//ENTITIES Latin 1 for XHTML//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml-lat1.ent\">]>\n";
  $output .= "<rss version=\"". $channel["version"] . "\" xml:base=\"". $base_url ."\">\n";
  $output .= format_rss_channel($channel['title'], $channel['link'], $channel['description'], $items, $channel['language']);
  $output .= "</rss>\n";

  drupal_set_header('Content-Type: text/xml; charset=utf-8');
  print $output;
}

/**
 * Perform validation checks on the given node.
 */
function node_validate($node) {
  global $user;

  // Convert the node to an object, if necessary.
  $node = array2object($node);

  // Validate the title field.
  if (isset($node->title)) {
    if (trim($node->title) == '') {
      form_set_error('title', t('You have to specify a title.'));
    }
  }

  // Make sure the body has the minimum number of words.
  // todo use a better word counting algorithm that will work in other languages
  if (isset($node->body) && count(explode(' ', $node->body)) < variable_get('minimum_'. $node->type .'_size', 0)) {
    form_set_error('body', t('The body of your %type is too short. You need at least %words words.', array('%words' => variable_get('minimum_'. $node->type .'_size', 0), '%type' => node_invoke($node->type, 'node_name'))));
  }

  // Auto-generate the teaser, but only if it hasn't been set (e.g. by a
  // module-provided 'teaser' form item).
  if (!isset($node->teaser)) {
    $node->teaser = node_teaser($node->body, $node->format);
  }

  if (node_last_changed($node->nid) > $node->changed) {
    form_set_error('changed', t('This content has been modified by another user, unable to save changes.'));
  }

  if (user_access('administer nodes')) {
    // Set up default values, if required.
    if (!$node->created) {
      $node->created = time();
    }

    if (!$node->date) {
      $node->date = format_date($node->created, 'custom', 'Y-m-d H:i:s O');
    }

    // Validate the "authored by" field.
    if (empty($node->name)) {
      // The use of empty() is mandatory in the context of usernames
      // as the empty string denotes the anonymous user.  In case we
      // are dealing with an anonymous user we set the user ID to 0.
      $node->uid = 0;
    }
    else if ($account = user_load(array('name' => $node->name))) {
      $node->uid = $account->uid;
    }
    else {
      form_set_error('name', t('The username %name does not exist.', array ('%name' => theme('placeholder', $node->name))));
    }

    // Validate the "authored on" field.
    if (strtotime($node->date) != -1) {
      $node->created = strtotime($node->date);
    }
    else {
      form_set_error('date', t('You have to specify a valid date.'));
    }
  }
  else {
    // Validate for normal users:
    $node->uid = $user->uid ? $user->uid : 0;
    // Force defaults in case people modify the form:
    $node_options = variable_get('node_options_'. $node->type, array('status', 'promote'));
    $node->status = in_array('status', $node_options);
    $node->moderate = in_array('moderate', $node_options);
    $node->promote = in_array('promote', $node_options);
    $node->sticky = in_array('sticky', $node_options);
    $node->revision = in_array('revision', $node_options);
    unset($node->created);
  }

  // Create a new revision when required.
  $node = node_revision_create($node);

  // Do node-type-specific validation checks.
  node_invoke($node, 'validate');
  node_invoke_nodeapi($node, 'validate');

  // Check input format access
  if (array_key_exists('format', $node) && !filter_access($node->format)) {
    form_set_error('format', t('The supplied input format is invalid.'));
  }

  $node->validated = TRUE;

  return $node;
}

/**
 * Generate the node editing form.
 */
function node_form($edit) {
  // Validate the node if we don't already know the errors.
  if (!$edit->validated) {
    $edit = node_validate($edit);
  }

  // Prepend extra node form elements.
  $form = implode('', node_invoke_nodeapi($edit, 'form pre'));

  // Get the node-specific bits.
  // We can't use node_invoke() because $param must be passed by reference.
  $function = node_get_module_name($edit) .'_form';
  $param = array();
  if (function_exists($function)) {
    $form .= $function($edit, $param);
  }

  // Append extra node form elements.
  $form .= implode('', node_invoke_nodeapi($edit, 'form post'));

  $output .= '<div class="node-form">';

  // Add hidden 'op' variable, which specifies the default operation (Preview).
  $output .= '<input type="hidden" name="op" value="'. check_plain(t('Preview')) ."\" />\n";

  // Add the admin-specific parts.
  if (user_access('administer nodes')) {
    $output .= '<div class="admin">';

    $author = form_textfield(t('Authored by'), 'name', $edit->name, 20, 60);
    $author .= form_textfield(t('Authored on'), 'date', $edit->date, 20, 25, NULL, NULL, TRUE);

    $output .= '<div class="authored">';
    $output .= form_group(t('Authoring information'), $author);
    $output .= "</div>\n";

    $node_options = variable_get('node_options_'. $edit->type, array('status', 'promote'));
    $options .= form_checkbox(t('Published'), 'status', 1, isset($edit->status) ? $edit->status : in_array('status', $node_options));
    $options .= form_checkbox(t('In moderation queue'), 'moderate', 1, isset($edit->moderate) ? $edit->moderate : in_array('moderate', $node_options));
    $options .= form_checkbox(t('Promoted to front page'), 'promote', 1, isset($edit->promote) ? $edit->promote : in_array('promote', $node_options));
    $options .= form_checkbox(t('Sticky at top of lists'), 'sticky', 1, isset($edit->sticky) ? $edit->sticky : in_array('sticky', $node_options));
    $options .= form_checkbox(t('Create new revision'), 'revision', 1, isset($edit->revision) ? $edit->revision : in_array('revision', $node_options));

    $output .= '<div class="options">';
    $output .= form_group(t('Options'), $options);
    $output .= "</div>\n";

    $extras .= implode('</div><div class="extra">', node_invoke_nodeapi($edit, 'form admin'));
    $output .= $extras ? '<div class="extra">'. $extras .'</div></div>' : '</div>';
  }

  // Add the default fields.
  $output .= '<div class="standard">';
  $output .= form_textfield(t('Title'), 'title', $edit->title, 60, 128, NULL, NULL, TRUE);

  // Add the node-type-specific fields.
  $output .= $form;

  // Add the hidden fields.
  if ($edit->nid) {
    $output .= form_hidden('nid', $edit->nid);
  }

  if (isset($edit->uid)) {
    // The use of isset() is mandatory in the context of user IDs, because
    // user ID 0 denotes the anonymous user.
    $output .= form_hidden('uid', $edit->uid);
  }

  if ($edit->created) {
    $output .= form_hidden('created', $edit->created);
  }

  if ($edit->changed) {
    $output .= form_hidden('changed', $edit->changed);
  }

  $output .= form_hidden('type', $edit->type);

  // Add the buttons.
  $output .= form_submit(t('Preview'));

  if ($edit->type && (($_POST['op'] == t('Preview') && !form_get_errors()) || !variable_get('node_preview', 0))) {
    $output .= form_submit(t('Submit'));
  }

  if ($edit->nid && node_access('delete', $edit)) {
    $output .= form_submit(t('Delete'));
  }

  $output .= '</div></div>';

  $extra = node_invoke_nodeapi($edit, 'form param');
  foreach ($extra as $key => $value) {
    if (is_array($value)) {
      if (isset($param[$key])) {
        $param[$key] = array_merge($param[$key], $value);
      }
      else {
        $param[$key] = $value;
      }
    }
    else {
      $param[$key] = $value;
    }
  }

  $attributes = array('id' => 'node-form');
  if (is_array($param['options'])) {
    $attributes = array_merge($param['options'], $attributes);
  }
  return form($output, ($param['method'] ? $param['method'] : 'post'), $param['action'], $attributes);
}

/**
 * Present a node submission form or a set of links to such forms.
 */
function node_add($type) {
  global $user;

  $edit = $_POST['edit'];

  // If a node type has been specified, validate its existence.
  if (in_array($type, node_list()) && node_access('create', $type)) {
    // Initialize settings:
    $node = array('uid' => $user->uid, 'name' => $user->name, 'type' => $type);

    // Allow the following fields to be initialized via $_GET (e.g. for use
    // with a "blog it" bookmarklet):
    foreach (array('title', 'teaser', 'body') as $field) {
      if ($_GET['edit'][$field]) {
        $node[$field] = $_GET['edit'][$field];
      }
    }
    $output = node_form($node);
    drupal_set_title(t('Submit %name', array('%name' => node_invoke($node, 'node_name'))));
  }
  else {
    // If no (valid) node type has been provided, display a node type overview.
    foreach (node_list() as $type) {
      if (node_access('create', $type)) {
        $out = '<li>';
        $out .= ' '. l(node_invoke($type, 'node_name'), "node/add/$type", array('title' => t('Add a new %s.', array('%s' => node_invoke($type, 'node_name')))));
        $out .= " <div style=\"margin-left: 20px;\">". implode("\n", module_invoke_all('help', 'node/add#'. $type)) .'</div>';
        $out .= '</li>';
        $item[node_invoke($type, 'node_name')] = $out;
      }
    }

    if (isset($item)) {
      ksort($item);
      $output = t('Choose the appropriate item from the list:') .'<ul>'. implode('', $item) .'</ul>';
    }
    else {
      $output = message_access();
    }
  }

  return $output;
}

/**
 * Present a node editing form.
 */
function node_edit($id) {
  global $user;

  $node = node_load(array('nid' => $id));

  drupal_set_title(check_plain($node->title));

  $output = node_form($node);

  return $output;
}

/**
 * Generate a node preview, including a form for further edits.
 */
function node_preview($node) {
  // Convert the array to an object:
  $node = array2object($node);

  if (node_access('create', $node) || node_access('update', $node)) {
    // Load the user's name when needed:
    if (isset($node->name)) {
      // The use of isset() is mandatory in the context of user IDs, because
      // user ID 0 denotes the anonymous user.
      if ($user = user_load(array('name' => $node->name))) {
        $node->uid = $user->uid;
      }
      else {
        $node->uid = 0; // anonymous user
      }
    }
    else if ($node->uid) {
      $user = user_load(array('uid' => $node->uid));
      $node->name = $user->name;
    }

    // Set the created time when needed:
    if (empty($node->created)) {
      $node->created = time();
    }

    // Extract a teaser, if it hasn't been set (e.g. by a module-provided
    // 'teaser' form item).
    if (!isset($node->teaser)) {
      $node->teaser = node_teaser($node->body, $node->format);
    }

    // Display a preview of the node:
    // Previewing alters $node so it needs to be cloned.
    if (!form_get_errors()) {
      $output = theme('node_preview', clone($node));
    }

    $output .= node_form($node);

    $name = node_invoke($node, 'node_name');
    drupal_set_breadcrumb(array(l(t('Home'), NULL), l(t('create content'), 'node/add'), l(t('Submit %name', array('%name' => $name)), 'node/add/'. $node->type)));

    return $output;
  }
}

/**
 * Display a node preview for display during node creation and editing.
 *
 * @param $node
 *   The node object which is being previewed.
 */
function theme_node_preview($node) {
  $output = '<div class="preview">';
  if ($node->teaser && $node->teaser != $node->body) {
    $output .= '<h3>'. t('Preview trimmed version') .'</h3>';
    $output .= node_view(clone($node), 1, FALSE, 0);
    $output .= '<p><em>'. t('The trimmed version of your post shows what your post looks like when promoted to the main page or when exported for syndication. You can insert the delimiter "&lt;!--break--&gt;" (without the quotes) to fine-tune where your post gets split.') .'</em></p>';
    $output .= '<h3>'. t('Preview full version') .'</h3>';
    $output .= node_view($node, 0, FALSE, 0);
  }
  else {
    $output .= node_view($node, 0, FALSE, 0);
  }
  $output .= "</div>\n";

  return $output;
}

/**
 * Accepts a submission of new or changed node content.
 *
 * @param $node
 *   A node array or node object.
 *
 * @return
 *   If the node is successfully saved the node ID is returned.  If the node
 *   is not saved, 0 is returned.
 */
function node_submit(&$node) {
  global $user;

  // Fix up the node when required:
  $node = node_validate($node);

  // If something went wrong, go back to the preview form.
  if (form_get_errors()) {
    return false;
  }

  // Prepare the node's body:
  if ($node->nid) {
    // Check whether the current user has the proper access rights to
    // perform this operation:
    if (node_access('update', $node)) {
      $node->nid = node_save($node);
      watchdog('content', t('%type: updated %title.', array('%type' => theme('placeholder', t($node->type)), '%title' => theme('placeholder', $node->title))), WATCHDOG_NOTICE, l(t('view'), 'node/'. $node->nid));
      $msg = t('The %post was updated.', array ('%post' => node_invoke($node, 'node_name')));
    }
  }
  else {
    // Check whether the current user has the proper access rights to
    // perform this operation:
    if (node_access('create', $node)) {
      $node->nid = node_save($node);
      watchdog('content', t('%type: added %title.', array('%type' => theme('placeholder', t($node->type)), '%title' => theme('placeholder', $node->title))), WATCHDOG_NOTICE, l(t('view'), "node/$node->nid"));
      $msg = t('Your %post was created.', array ('%post' => node_invoke($node, 'node_name')));
    }
  }

  drupal_set_message($msg);

  return $node->nid;
}

/**
 * Ask for confirmation, and delete the node.
 */
function node_delete($edit) {
  $node = node_load(array('nid' => $edit['nid']));

  if (node_access('delete', $node)) {

    if ($edit['confirm']) {
      // Delete the specified node:
      db_query('DELETE FROM {node} WHERE nid = %d', $node->nid);

      // Call the node-specific callback (if any):
      node_invoke($node, 'delete');
      node_invoke_nodeapi($node, 'delete');

      // Clear the cache so an anonymous poster can see the node being deleted.
      cache_clear_all();

      // Remove this node from the search index if needed.
      if (function_exists('search_wipe')) {
        search_wipe($node->nid, 'node');
      }

      watchdog('content', t('%type: deleted %title.', array('%type' => theme('placeholder', t($node->type)), '%title' => theme('placeholder', $node->title))));
    }
    else {
      $extra = form_hidden('nid', $node->nid);
      $output = theme('confirm',
                      t('Are you sure you want to delete %title?', array('%title' => theme('placeholder', $node->title))),
                      $_GET['destination'] ? $_GET['destination'] : 'node/'. $node->nid,
                      t('This action cannot be undone.'),
                      t('Delete'),
                      t('Cancel'),
                      $extra);
    }
  }

  return $output;
}

/**
 * Generate a listing of promoted nodes.
 */
function node_page_default() {
  $result = pager_query(db_rewrite_sql('SELECT n.nid, n.sticky, n.created FROM {node} n WHERE n.promote = 1 AND n.status = 1 ORDER BY n.sticky DESC, n.created DESC'), variable_get('default_nodes_main', 10));

  if (db_num_rows($result)) {
    drupal_add_link(array('rel' => 'alternate',
                          'type' => 'application/rss+xml',
                          'title' => 'RSS',
                          'href' => url('node/feed', NULL, NULL, TRUE)));

    $output = '';
    while ($node = db_fetch_object($result)) {
      $output .= node_view(node_load(array('nid' => $node->nid)), 1);
    }
    $output .= theme('pager', NULL, variable_get('default_nodes_main', 10));
  }
  else {
    $output = t("
      <p>Welcome to your new <a href=\"%drupal\">Drupal</a>-powered website. This message will guide you through your first steps with Drupal, and will disappear once you have posted your first piece of content.</p>
      <p>The first thing you will need to do is <a href=\"%register\">create the first account</a>. This account will have full administration rights and will allow you to configure your website. Once logged in, you can visit the <a href=\"%admin\">administration section</a> and <a href=\"%config\">set up your site's configuration</a>.</p>
      <p>Drupal comes with various modules, each of which contains a specific piece of functionality. You should visit the <a href=\"%modules\">module list</a> and enable those modules which suit your website's needs.</p>
      <p><a href=\"%themes\">Themes</a> handle the presentation of your website. You can use one of the existing themes, modify them or create your own from scratch.</p>
      <p>We suggest you look around the administration section and explore the various options Drupal offers you. For more information, you can refer to the <a href=\"%handbook\">Drupal handbooks online</a>.</p>", array('%drupal' => 'http://www.drupal.org/', '%register' => url('user/register'), '%admin' => url('admin'), '%config' => url('admin'), '%modules' => url('admin/modules'), '%themes' => url('admin/themes'), '%handbook' => 'http://www.drupal.org/handbooks'));
  }

  return $output;
}

/**
 * Menu callback; dispatches control to the appropriate operation handler.
 */
function node_page() {
  global $user;
  $op = $_POST['op'] ? $_POST['op'] : arg(1);
  $edit = $_POST['edit'];

  if (is_numeric($op)) {
    $op = (arg(2) && !is_numeric(arg(2))) ? arg(2) : 'view';
  }

  switch ($op) {
    case 'feed':
      node_feed();
      return;
    case 'add':
      print theme('page', node_add(arg(2)));
      break;
    case 'edit':
      print theme('page', node_edit(arg(1)));
      break;
    case 'revisions':
      print theme('page', node_revision_overview(arg(1)));
      break;
    case t('Revert'):
    case 'rollback-revision':
      node_revision_rollback(arg(1), arg(3));
      break;
    case t('Delete revision'):
    case 'delete-revision':
      node_revision_delete(arg(1), arg(3));
      break;
    case 'view':
      if (is_numeric(arg(1))) {
        $node = node_load(array('nid' => arg(1)), $_GET['revision']);
        if ($node->nid) {
          drupal_set_title(check_plain($node->title));
          print theme('page', node_show($node, arg(2)));
        }
        else if (db_result(db_query('SELECT nid FROM {node} WHERE nid = %d', arg(1)))) {
          drupal_access_denied();
        }
        else {
          drupal_not_found();
        }
      }
      break;
    case t('Preview'):
      $edit = node_validate($edit);
      drupal_set_title(t('Preview'));
      print theme('page', node_preview($edit));
      break;
    case t('Submit'):
      if ($nid = node_submit($edit)) {
        if (node_access('view', $edit)) {
          drupal_goto('node/'. $nid);
        }
        else if (db_result(db_query('SELECT nid FROM {node} WHERE nid = %d', arg(1)))) {
          drupal_access_denied();
        }
        else {
          drupal_goto();
        }
      }
      else {
        drupal_set_title(t('Submit'));
        print theme('page', node_preview($edit));
      }
      break;
    case 'delete':
    case t('Delete'):
      $edit['nid'] = $edit['nid'] ? $edit['nid'] : arg(1);
      $node = node_load(array('nid' => $edit['nid']));
      $breadcrumb[] = array('path' => 'node/'. $edit['nid'], 'title' => $node->title);
      $breadcrumb[] = array('path' => 'node/'. arg(1) .'/delete', 'title' => t('delete'));
      menu_set_location($breadcrumb);

      $output = node_delete($edit);
      if (!$output) {
        drupal_set_message(t('The node has been deleted.'));
        drupal_goto('admin/node');
      }
      print theme('page', node_delete($edit));
      break;
    default:
      drupal_set_title('');
      print theme('page', node_page_default());
  }
}

/**
 * Implementation of hook_update_index().
 */
function node_update_index() {
  $last = variable_get('node_cron_last', 0);
  $limit = (int)variable_get('search_cron_limit', 100);

  $result = db_query_range('SELECT n.nid, c.last_comment_timestamp FROM {node} n LEFT JOIN {node_comment_statistics} c ON n.nid = c.nid WHERE n.status = 1 AND n.moderate = 0 AND (n.created > %d OR n.changed > %d OR c.last_comment_timestamp > %d) ORDER BY GREATEST(n.created, n.changed, c.last_comment_timestamp) ASC', $last, $last, $last, 0, $limit);

  while ($node = db_fetch_object($result)) {
    $last_comment = $node->last_comment_timestamp;
    $node = node_load(array('nid' => $node->nid));

    // We update this variable per node in case cron times out, or if the node
    // cannot be indexed (PHP nodes which call drupal_goto, for example).
    // In rare cases this can mean a node is only partially indexed, but the
    // chances of this happening are very small.
    variable_set('node_cron_last', max($last_comment, $node->changed, $node->created));

    // Get node output (filtered and with module-specific fields).
    if (node_hook($node, 'view')) {
      node_invoke($node, 'view', false, false);
    }
    else {
      $node = node_prepare($node, false);
    }
    // Allow modules to change $node->body before viewing.
    node_invoke_nodeapi($node, 'view', false, false);

    $text = '<h1>'. check_plain($node->title) .'</h1>'. $node->body;

    // Fetch extra data normally not visible
    $extra = node_invoke_nodeapi($node, 'update index');
    foreach ($extra as $t) {
      $text .= $t;
    }

    // Update index
    search_index($node->nid, 'node', $text);
  }
}

/**
 * Implementation of hook_nodeapi().
 */
function node_nodeapi(&$node, $op, $arg = 0) {
  switch ($op) {
    case 'settings':
      // $node contains the type name in this operation
      return form_checkboxes(t('Default options'), 'node_options_'. $node->type, variable_get('node_options_'. $node->type, array('status', 'promote')), array('status' => t('Published'), 'moderate' => t('In moderation queue'), 'promote' => t('Promoted to front page'), 'sticky' => t('Sticky at top of lists'), 'revision' => t('Create new revision')), t('Users with the <em>administer nodes</em> permission will be able to override these options.'));

    case 'fields':
      return array('nid', 'uid', 'type', 'title', 'teaser', 'body', 'revisions', 'status', 'promote', 'moderate', 'sticky', 'created', 'changed', 'format');
  }
}

/**
 * @defgroup node_access Node access rights
 * @{
 * The node access system determines who can do what to which nodes.
 *
 * In determining access rights for a node, node_access() first checks
 * whether the user has the "administer nodes" permission. Such users have
 * unrestricted access to all nodes. Then the node module's hook_access()
 * is called, and a TRUE or FALSE return value will grant or deny access.
 * This allows, for example, the blog module to always grant access to the
 * blog author, and for the book module to always deny editing access to
 * PHP pages.
 *
 * If node module does not intervene (returns NULL), then the
 * node_access table is used to determine access. All node access
 * modules are queried using hook_node_grants() to assemble a list of
 * "grant IDs" for the user. This list is compared against the table.
 * If any row contains the node ID in question (or 0, which stands for "all
 * nodes"), one of the grant IDs returned, and a value of TRUE for the
 * operation in question, then access is granted. Note that this table is a
 * list of grants; any matching row is sufficient to grant access to the
 * node.
 *
 * In node listings, the process above is followed except that
 * hook_access() is not called on each node for performance reasons and for
 * proper functioning of the pager system. When adding a node listing to your
 * module, be sure to use db_rewrite_sql() to add
 * the appropriate clauses to your query for access checks.
 *
 * To see how to write a node access module of your own, see
 * node_access_example.module.
 */

/**
 * Determine whether the current user may perform the given operation on the
 * specified node.
 *
 * @param $op
 *   The operation to be performed on the node. Possible values are:
 *   - "view"
 *   - "update"
 *   - "delete"
 * @param $node
 *   The node object (or node array) on which the operation is to be performed.
 * @param $uid
 *   The user ID on which the operation is to be performed.
 * @return
 *   TRUE if the operation may be performed.
 */
function node_access($op, $node = NULL, $uid = NULL) {
  // Convert the node to an object if necessary:
  $node = array2object($node);

  // If the node is in a restricted format, disallow editing.
  if ($op == 'update' && !filter_access($node->format)) {
    return FALSE;
  }

  if (user_access('administer nodes')) {
    return TRUE;
  }

  if (!user_access('access content')) {
    return FALSE;
  }

  // Can't use node_invoke(), because the access hook takes the $op parameter
  // before the $node parameter.
  $access = module_invoke(node_get_module_name($node), 'access', $op, $node);
  if (!is_null($access)) {
    return $access;
  }

  // If the module did not override the access rights, use those set in the
  // node_access table.
  if ($node->nid && $node->status) {
    $sql = 'SELECT COUNT(*) FROM {node_access} WHERE (nid = 0 OR nid = %d) AND CONCAT(realm, gid) IN (';
    $grants = array();
    foreach (node_access_grants($op, $uid) as $realm => $gids) {
      foreach ($gids as $gid) {
        $grants[] = "'". $realm . $gid ."'";
      }
    }
    $sql .= implode(',', $grants) .') AND grant_'. $op .' = 1';
    $result = db_query($sql, $node->nid);
    return (db_result($result));
  }
  return FALSE;
}

/**
 * Generate an SQL join clause for use in fetching a node listing.
 *
 * @param $node_alias
 *   If the node table has been given an SQL alias other than the default
 *   "n", that must be passed here.
 * @param $node_access_alias
 *   If the node_access table has been given an SQL alias other than the default
 *   "na", that must be passed here.
 * @return
 *   An SQL join clause.
 */
function _node_access_join_sql($node_alias = 'n', $node_access_alias = 'na') {
  if (user_access('administer nodes')) {
    return '';
  }

  return 'INNER JOIN {node_access} '. $node_access_alias .' ON '. $node_access_alias .'.nid = '. $node_alias .'.nid';
}

/**
 * Generate an SQL where clause for use in fetching a node listing.
 *
 * @param $op
 *   The operation that must be allowed to return a node.
 * @param $node_access_alias
 *   If the node_access table has been given an SQL alias other than the default
 *   "na", that must be passed here.
 * @return
 *   An SQL where clause.
 */
function _node_access_where_sql($op = 'view', $node_access_alias = 'na', $uid = NULL) {
  if (user_access('administer nodes')) {
    return;
  }

  $sql = $node_access_alias .'.grant_'. $op .' = 1 AND CONCAT('. $node_access_alias .'.realm, '. $node_access_alias .'.gid) IN (';
  $grants = array();
  foreach (node_access_grants($op, $uid) as $realm => $gids) {
    foreach ($gids as $gid) {
      $grants[] = "'". $realm . $gid ."'";
    }
  }
  $sql .= implode(',', $grants) .')';
  return $sql;
}

/**
 * Fetch an array of permission IDs granted to the given user ID.
 *
 * The implementation here provides only the universal "all" grant. A node
 * access module should implement hook_node_grants() to provide a grant
 * list for the user.
 *
 * @param $op
 *   The operation that the user is trying to perform.
 * @param $uid
 *   The user ID performing the operation. If omitted, the current user is used.
 * @return
 *   An associative array in which the keys are realms, and the values are
 *   arrays of grants for those realms.
 */
function node_access_grants($op, $uid = NULL) {
  global $user;

  if (isset($uid)) {
    $user_object = user_load(array('uid' => $uid));
  }
  else {
    $user_object = $user;
  }

  return array_merge(array('all' => array(0)), module_invoke_all('node_grants', $user_object, $op));
}

/**
 * Determine whether the user has a global viewing grant for all nodes.
 */
function node_access_view_all_nodes() {
  static $access;

  if (!isset($access)) {
    $sql = 'SELECT COUNT(*) FROM {node_access} WHERE nid = 0 AND CONCAT(realm, gid) IN (';
    $grants = array();
    foreach (node_access_grants('view') as $realm => $gids) {
      foreach ($gids as $gid) {
        $grants[] = "'". $realm . $gid ."'";
      }
    }
    $sql .= implode(',', $grants) .') AND grant_view = 1';
    $result = db_query($sql, $node->nid);
    $access = db_result($result);
  }

  return $access;
}

/**
 * Implementation of hook_db_rewrite_sql
 */
function node_db_rewrite_sql($query, $primary_table, $primary_field) {
  if ($primary_field == 'nid' && !node_access_view_all_nodes()) {
    $return['join'] = _node_access_join_sql($primary_table);
    $return['where'] = _node_access_where_sql();
    $return['distinct'] = 1;
    return $return;
  }
}

/**
 * @} End of "defgroup node_access".
 */

?>
 
 

All source code and documentation on this site is released under the terms of the GNU General Public License, version 2 and later. Drupal is a registered trademark of Dries Buytaert.