deekayen/CHANGES-mysql.patch

## README.txt
In order to connect to a remote MySQL database server (ie. instead of localhost) securely, the database connection must use SSL as a protocol.  This Drupal core hack enables a version 6.x site to do just that.

The 2 files included in this directory (database.mysql.inc and settings.php) should replace [webroot]/includes/database.mysql.inc and [webroot]/sites/[domain.com]/settings.php in a Drupal multisite environment or [webroot]/sites/default/settings.php in a Drupal standalone environment.  Make sure you set the correct connection parameters in the $db_url string.

Note: You can also replace [webroot]/includes/database.mysqli.inc.  Just include the code additions from CHANGES-mysqli.txt.  Remember to use mysqli in the $db_url string in settings.php also.

## CHANGES-mysql.patch
49,78d48
<  * Returns the MySQL client flag based on the defined constant
<  *
<  * @return integer
<  */
< function db_get_client_flag($client_flags = 0) {
<   $flags = array(
<     'CLIENT_LONG_PASSWORD' => 1, /* New more secure passwords */
<     'CLIENT_FOUND_ROWS' => 2, /* Found instead of affected rows */
<     'CLIENT_LONG_FLAG' => 4, /* Get all column flags */
<     'CLIENT_CONNECT_WITH_DB' => 8, /* One can specify db on connect */
<     'CLIENT_NO_SCHEMA' => 16, /* Don't allow database.table.column */
<     'CLIENT_COMPRESS' => 32, /* Can use compression protocol */
<     'CLIENT_ODBC' => 64, /* Odbc client */
<     'CLIENT_LOCAL_FILES' => 128, /* Can use LOAD DATA LOCAL */
<     'CLIENT_IGNORE_SPACE' => 256, /* Ignore spaces before '(' */
<     'CLIENT_PROTOCOL_41' => 512, /* New 4.1 protocol */
<     'CLIENT_INTERACTIVE' => 1024, /* This is an interactive client */
<     'CLIENT_SSL' => 2048, /* Switch to SSL after handshake */
<     'CLIENT_IGNORE_SIGPIPE' => 4096, /* IGNORE sigpipes */
<     'CLIENT_TRANSACTIONS' => 8192, /* Client knows about transactions */
<     'CLIENT_RESERVED' => 16384, /* Old flag for 4.1 protocol */
<     'CLIENT_SECURE_CONNECTION' => 32768, /* New 4.1 authentication */
<     'CLIENT_MULTI_STATEMENTS' => 65536, /* Enable/disable multi-stmt support */
<     'CLIENT_MULTI_RESULTS' => 131072, /* Enable/disable multi-results */
<   );
<   $num = isset($flags[$client_flags]) ? $flags[$client_flags] : intval($client_flags);
<   return $num;
< }
<
< /**
101,122c71,77
<   // - Setting $new_link = TRUE makes mysql_connect() always open a new link,
<   //   even if mysql_connect() was called before with the same parameters.
<   //   This is important if you are using two databases on the same server.
<   // - Setting $client_flags = 2 means CLIENT_FOUND_ROWS: return the number
<   //   of found (matched) rows, not the number of affected rows.
<
<   // Initialize variables (defaults)
<   $new_link = TRUE;
<   $client_flags = 2;
<
<   // Check if variables are set (overrides)
<   if (isset($url['query'])) {
<     parse_str($url['query']);
<     if (isset($new_link)) {
<       $new_link = ($new_link && strtoupper($new_link) != 'FALSE') ? 1 : 0;
<     }
<     if (isset($client_flags)) {
<       $client_flags = db_get_client_flag($client_flags);
<     }
<   }
<
<   $connection = @mysql_connect($url['host'], $url['user'], $url['pass'], $new_link, $client_flags);
---
>   // - TRUE makes mysql_connect() always open a new link, even if
>   //   mysql_connect() was called before with the same parameters.
>   //   This is important if you are using two databases on the same
>   //   server.
>   // - 2 means CLIENT_FOUND_ROWS: return the number of found
>   //   (matched) rows, not the number of affected rows.
>   $connection = @mysql_connect($url['host'], $url['user'], $url['pass'], TRUE, 2);

## CHANGES-mysqli.patch
74,78d73
<   // Check if variables are set (overrides)
<   if (isset($url['query'])) {
<     parse_str($url['query']);
<   }
<   $url['client_flags'] = isset($client_flags) ? urldecode($client_flags) : MYSQLI_CLIENT_FOUND_ROWS;
81c76
<   @mysqli_real_connect($connection, $url['host'], $url['user'], $url['pass'], substr($url['path'], 1), $url['port'], NULL, $url['client_flags']);
---
>   @mysqli_real_connect($connection, $url['host'], $url['user'], $url['pass'], substr($url['path'], 1), $url['port'], NULL, MYSQLI_CLIENT_FOUND_ROWS);

## database.mysql.inc
<?php
// $Id: database.mysql.inc,v 1.89.2.2 2010/02/01 16:32:10 goba Exp $

/**
 * @file
 * Database interface code for MySQL database servers.
 */

/**
 * @ingroup database
 * @{
 */

// Include functions shared between mysql and mysqli.
require_once './includes/database.mysql-common.inc';

/**
 * Report database status.
 */
function db_status_report($phase) {
  $t = get_t();

  $version = db_version();

  $form['mysql'] = array(
    'title' => $t('MySQL database'),
    'value' => ($phase == 'runtime') ? l($version, 'admin/reports/status/sql') : $version,
  );

  if (version_compare($version, DRUPAL_MINIMUM_MYSQL) < 0) {
    $form['mysql']['severity'] = REQUIREMENT_ERROR;
    $form['mysql']['description'] = $t('Your MySQL Server is too old. Drupal requires at least MySQL %version.', array('%version' => DRUPAL_MINIMUM_MYSQL));
  }

  return $form;
}

/**
 * Returns the version of the database server currently in use.
 *
 * @return Database server version
 */
function db_version() {
  list($version) = explode('-', mysql_get_server_info());
  return $version;
}

/**
 * Returns the MySQL client flag based on the defined constant
 *
 * @return integer
 */
function db_get_client_flag($client_flags = 0) {
  $flags = array(
    'CLIENT_LONG_PASSWORD' => 1, /* New more secure passwords */
    'CLIENT_FOUND_ROWS' => 2, /* Found instead of affected rows */
    'CLIENT_LONG_FLAG' => 4, /* Get all column flags */
    'CLIENT_CONNECT_WITH_DB' => 8, /* One can specify db on connect */
    'CLIENT_NO_SCHEMA' => 16, /* Don't allow database.table.column */
    'CLIENT_COMPRESS' => 32, /* Can use compression protocol */
    'CLIENT_ODBC' => 64, /* Odbc client */
    'CLIENT_LOCAL_FILES' => 128, /* Can use LOAD DATA LOCAL */
    'CLIENT_IGNORE_SPACE' => 256, /* Ignore spaces before '(' */
    'CLIENT_PROTOCOL_41' => 512, /* New 4.1 protocol */
    'CLIENT_INTERACTIVE' => 1024, /* This is an interactive client */
    'CLIENT_SSL' => 2048, /* Switch to SSL after handshake */
    'CLIENT_IGNORE_SIGPIPE' => 4096, /* IGNORE sigpipes */
    'CLIENT_TRANSACTIONS' => 8192, /* Client knows about transactions */
    'CLIENT_RESERVED' => 16384, /* Old flag for 4.1 protocol */
    'CLIENT_SECURE_CONNECTION' => 32768, /* New 4.1 authentication */
    'CLIENT_MULTI_STATEMENTS' => 65536, /* Enable/disable multi-stmt support */
    'CLIENT_MULTI_RESULTS' => 131072, /* Enable/disable multi-results */
  );
  $num = isset($flags[$client_flags]) ? $flags[$client_flags] : intval($client_flags);
  return $num;
}

/**
 * Initialize a database connection.
 */
function db_connect($url) {
  $url = parse_url($url);

  // Check if MySQL support is present in PHP
  if (!function_exists('mysql_connect')) {
    _db_error_page('Unable to use the MySQL database because the MySQL extension for PHP is not installed. Check your <code>php.ini</code> to see how you can enable it.');
  }

  // Decode url-encoded information in the db connection string
  $url['user'] = urldecode($url['user']);
  // Test if database url has a password.
  $url['pass'] = isset($url['pass']) ? urldecode($url['pass']) : '';
  $url['host'] = urldecode($url['host']);
  $url['path'] = urldecode($url['path']);

  // Allow for non-standard MySQL port.
  if (isset($url['port'])) {
    $url['host'] = $url['host'] .':'. $url['port'];
  }

  // - Setting $new_link = TRUE makes mysql_connect() always open a new link,
  //   even if mysql_connect() was called before with the same parameters.
  //   This is important if you are using two databases on the same server.
  // - Setting $client_flags = 2 means CLIENT_FOUND_ROWS: return the number
  //   of found (matched) rows, not the number of affected rows.

  // Initialize variables (defaults)
  $new_link = TRUE;
  $client_flags = 2;

  // Check if variables are set (overrides)
  if (isset($url['query'])) {
    parse_str($url['query']);
    if (isset($new_link)) {
      $new_link = ($new_link && strtoupper($new_link) != 'FALSE') ? 1 : 0;
    }
    if (isset($client_flags)) {
      $client_flags = db_get_client_flag($client_flags);
    }
  }

  $connection = @mysql_connect($url['host'], $url['user'], $url['pass'], $new_link, $client_flags);
  if (!$connection || !mysql_select_db(substr($url['path'], 1))) {
    // Show error screen otherwise
    _db_error_page(mysql_error());
  }

  // Force UTF-8.
  mysql_query('SET NAMES "utf8"', $connection);
  return $connection;
}

/**
 * Helper function for db_query().
 */
function _db_query($query, $debug = 0) {
  global $active_db, $queries, $user;

  if (variable_get('dev_query', 0)) {
    list($usec, $sec) = explode(' ', microtime());
    $timer = (float)$usec + (float)$sec;
    // If devel.module query logging is enabled, prepend a comment with the username and calling function
    // to the SQL string. This is useful when running mysql's SHOW PROCESSLIST to learn what exact
    // code is issueing the slow query.
    $bt = debug_backtrace();
    // t() may not be available yet so we don't wrap 'Anonymous'.
    $name = $user->uid ? $user->name : variable_get('anonymous', 'Anonymous');
    // str_replace() to prevent SQL injection via username or anonymous name.
    $name = str_replace(array('*', '/'), '', $name);
    $query = '/* '. $name .' : '. $bt[2]['function'] .' */ '. $query;
  }

  $result = mysql_query($query, $active_db);

  if (variable_get('dev_query', 0)) {
    $query = $bt[2]['function'] ."\n". $query;
    list($usec, $sec) = explode(' ', microtime());
    $stop = (float)$usec + (float)$sec;
    $diff = $stop - $timer;
    $queries[] = array($query, $diff);
  }

  if ($debug) {
    print '<p>query: '. $query .'<br />error:'. mysql_error($active_db) .'</p>';
  }

  if (!mysql_errno($active_db)) {
    return $result;
  }
  else {
    // Indicate to drupal_error_handler that this is a database error.
    ${DB_ERROR} = TRUE;
    trigger_error(check_plain(mysql_error($active_db) ."\nquery: ". $query), E_USER_WARNING);
    return FALSE;
  }
}

/**
 * Fetch one result row from the previous query as an object.
 *
 * @param $result
 *   A database query result resource, as returned from db_query().
 * @return
 *   An object representing the next row of the result, or FALSE. The attributes
 *   of this object are the table fields selected by the query.
 */
function db_fetch_object($result) {
  if ($result) {
    return mysql_fetch_object($result);
  }
}

/**
 * Fetch one result row from the previous query as an array.
 *
 * @param $result
 *   A database query result resource, as returned from db_query().
 * @return
 *   An associative array representing the next row of the result, or FALSE.
 *   The keys of this object are the names of the table fields selected by the
 *   query, and the values are the field values for this result row.
 */
function db_fetch_array($result) {
  if ($result) {
    return mysql_fetch_array($result, MYSQL_ASSOC);
  }
}

/**
 * Return an individual result field from the previous query.
 *
 * Only use this function if exactly one field is being selected; otherwise,
 * use db_fetch_object() or db_fetch_array().
 *
 * @param $result
 *   A database query result resource, as returned from db_query().
 * @return
 *   The resulting field or FALSE.
 */
function db_result($result) {
  if ($result && mysql_num_rows($result) > 0) {
    // The mysql_fetch_row function has an optional second parameter $row
    // but that can't be used for compatibility with Oracle, DB2, etc.
    $array = mysql_fetch_row($result);
    return $array[0];
  }
  return FALSE;
}

/**
 * Determine whether the previous query caused an error.
 */
function db_error() {
  global $active_db;
  return mysql_errno($active_db);
}

/**
 * Determine the number of rows changed by the preceding query.
 */
function db_affected_rows() {
  global $active_db;
  return mysql_affected_rows($active_db);
}

/**
 * Runs a limited-range query in the active database.
 *
 * Use this as a substitute for db_query() when a subset of the query is to be
 * returned.
 * User-supplied arguments to the query should be passed in as separate parameters
 * so that they can be properly escaped to avoid SQL injection attacks.
 *
 * @param $query
 *   A string containing an SQL query.
 * @param ...
 *   A variable number of arguments which are substituted into the query
 *   using printf() syntax. The query arguments can be enclosed in one
 *   array instead.
 *   Valid %-modifiers are: %s, %d, %f, %b (binary data, do not enclose
 *   in '') and %%.
 *
 *   NOTE: using this syntax will cast NULL and FALSE values to decimal 0,
 *   and TRUE values to decimal 1.
 *
 * @param $from
 *   The first result row to return.
 * @param $count
 *   The maximum number of result rows to return.
 * @return
 *   A database query result resource, or FALSE if the query was not executed
 *   correctly.
 */
function db_query_range($query) {
  $args = func_get_args();
  $count = array_pop($args);
  $from = array_pop($args);
  array_shift($args);

  $query = db_prefix_tables($query);
  if (isset($args[0]) and is_array($args[0])) { // 'All arguments in one array' syntax
    $args = $args[0];
  }
  _db_query_callback($args, TRUE);
  $query = preg_replace_callback(DB_QUERY_REGEXP, '_db_query_callback', $query);
  $query .= ' LIMIT '. (int)$from .', '. (int)$count;
  return _db_query($query);
}

/**
 * Runs a SELECT query and stores its results in a temporary table.
 *
 * Use this as a substitute for db_query() when the results need to stored
 * in a temporary table. Temporary tables exist for the duration of the page
 * request.
 * User-supplied arguments to the query should be passed in as separate parameters
 * so that they can be properly escaped to avoid SQL injection attacks.
 *
 * Note that if you need to know how many results were returned, you should do
 * a SELECT COUNT(*) on the temporary table afterwards. db_affected_rows() does
 * not give consistent result across different database types in this case.
 *
 * @param $query
 *   A string containing a normal SELECT SQL query.
 * @param ...
 *   A variable number of arguments which are substituted into the query
 *   using printf() syntax. The query arguments can be enclosed in one
 *   array instead.
 *   Valid %-modifiers are: %s, %d, %f, %b (binary data, do not enclose
 *   in '') and %%.
 *
 *   NOTE: using this syntax will cast NULL and FALSE values to decimal 0,
 *   and TRUE values to decimal 1.
 *
 * @param $table
 *   The name of the temporary table to select into. This name will not be
 *   prefixed as there is no risk of collision.
 * @return
 *   A database query result resource, or FALSE if the query was not executed
 *   correctly.
 */
function db_query_temporary($query) {
  $args = func_get_args();
  $tablename = array_pop($args);
  array_shift($args);

  $query = preg_replace('/^SELECT/i', 'CREATE TEMPORARY TABLE '. $tablename .' Engine=HEAP SELECT', db_prefix_tables($query));
  if (isset($args[0]) and is_array($args[0])) { // 'All arguments in one array' syntax
    $args = $args[0];
  }
  _db_query_callback($args, TRUE);
  $query = preg_replace_callback(DB_QUERY_REGEXP, '_db_query_callback', $query);
  return _db_query($query);
}

/**
 * Returns a properly formatted Binary Large OBject value.
 *
 * @param $data
 *   Data to encode.
 * @return
 *  Encoded data.
 */
function db_encode_blob($data) {
  global $active_db;
  return "'". mysql_real_escape_string($data, $active_db) ."'";
}

/**
 * Returns text from a Binary Large Object value.
 *
 * @param $data
 *   Data to decode.
 * @return
 *  Decoded data.
 */
function db_decode_blob($data) {
  return $data;
}

/**
 * Prepare user input for use in a database query, preventing SQL injection attacks.
 */
function db_escape_string($text) {
  global $active_db;
  return mysql_real_escape_string($text, $active_db);
}

/**
 * Lock a table.
 */
function db_lock_table($table) {
  db_query('LOCK TABLES {'. db_escape_table($table) .'} WRITE');
}

/**
 * Unlock all locked tables.
 */
function db_unlock_tables() {
  db_query('UNLOCK TABLES');
}

/**
 * Check if a table exists.
 */
function db_table_exists($table) {
  return (bool) db_fetch_object(db_query("SHOW TABLES LIKE '{". db_escape_table($table) ."}'"));
}

/**
 * Check if a column exists in the given table.
 */
function db_column_exists($table, $column) {
  return (bool) db_fetch_object(db_query("SHOW COLUMNS FROM {". db_escape_table($table) ."} LIKE '". db_escape_table($column) ."'"));
}

/**
 * @} End of "ingroup database".
 */

## database.mysqli.inc
<?php
// $Id: database.mysqli.inc,v 1.54.2.4 2010/12/15 20:41:10 goba Exp $

/**
 * @file
 * Database interface code for MySQL database servers using the mysqli client libraries. mysqli is included in PHP 5 by default and allows developers to use the advanced features of MySQL 4.1.x, 5.0.x and beyond.
 */

 // Maintainers of this file should consult:
 // http://www.php.net/manual/en/ref.mysqli.php

/**
 * @ingroup database
 * @{
 */

// Include functions shared between mysql and mysqli.
require_once './includes/database.mysql-common.inc';

/**
 * Report database status.
 */
function db_status_report($phase) {
  $t = get_t();

  $version = db_version();

  $form['mysql'] = array(
    'title' => $t('MySQL database'),
    'value' => ($phase == 'runtime') ? l($version, 'admin/reports/status/sql') : $version,
  );

  if (version_compare($version, DRUPAL_MINIMUM_MYSQL) < 0) {
    $form['mysql']['severity'] = REQUIREMENT_ERROR;
    $form['mysql']['description'] = $t('Your MySQL Server is too old. Drupal requires at least MySQL %version.', array('%version' => DRUPAL_MINIMUM_MYSQL));
  }

  return $form;
}

/**
 * Returns the version of the database server currently in use.
 *
 * @return Database server version
 */
function db_version() {
  global $active_db;
  list($version) = explode('-', mysqli_get_server_info($active_db));
  return $version;
}

/**
 * Initialise a database connection.
 *
 * Note that mysqli does not support persistent connections.
 */
function db_connect($url) {
  // Check if MySQLi support is present in PHP
  if (!function_exists('mysqli_init') && !extension_loaded('mysqli')) {
    _db_error_page('Unable to use the MySQLi database because the MySQLi extension for PHP is not installed. Check your <code>php.ini</code> to see how you can enable it.');
  }

  $url = parse_url($url);

  // Decode url-encoded information in the db connection string
  $url['user'] = urldecode($url['user']);
  // Test if database url has a password.
  $url['pass'] = isset($url['pass']) ? urldecode($url['pass']) : '';
  $url['host'] = urldecode($url['host']);
  $url['path'] = urldecode($url['path']);
  if (!isset($url['port'])) {
    $url['port'] = NULL;
  }
  // Check if variables are set (overrides)
  if (isset($url['query'])) {
    parse_str($url['query']);
  }
  $url['client_flags'] = isset($client_flags) ? urldecode($client_flags) : MYSQLI_CLIENT_FOUND_ROWS;

  $connection = mysqli_init();
  @mysqli_real_connect($connection, $url['host'], $url['user'], $url['pass'], substr($url['path'], 1), $url['port'], NULL, $url['client_flags']);

  if (mysqli_connect_errno() > 0) {
    _db_error_page(mysqli_connect_error());
  }

  // Force MySQL to use the UTF-8 character set. Also set the collation, if a
  // certain one has been set; otherwise, MySQL defaults to 'utf8_general_ci'
  // for UTF-8.
  if (!empty($GLOBALS['db_collation'])) {
    mysqli_query($connection, 'SET NAMES utf8 COLLATE ' . $GLOBALS['db_collation']);
  }
  else {
    mysqli_query($connection, 'SET NAMES utf8');
  }

  return $connection;
}

/**
 * Helper function for db_query().
 */
function _db_query($query, $debug = 0) {
  global $active_db, $queries, $user;

  if (variable_get('dev_query', 0)) {
    list($usec, $sec) = explode(' ', microtime());
    $timer = (float)$usec + (float)$sec;
    // If devel.module query logging is enabled, prepend a comment with the username and calling function
    // to the SQL string. This is useful when running mysql's SHOW PROCESSLIST to learn what exact
    // code is issueing the slow query.
    $bt = debug_backtrace();
    // t() may not be available yet so we don't wrap 'Anonymous'
    $name = $user->uid ? $user->name : variable_get('anonymous', 'Anonymous');
    // str_replace() to prevent SQL injection via username or anonymous name.
    $name = str_replace(array('*', '/'), '', $name);
    $query = '/* '. $name .' : '. $bt[2]['function'] .' */ '. $query;
  }

  $result = mysqli_query($active_db, $query);

  if (variable_get('dev_query', 0)) {
    $query = $bt[2]['function'] ."\n". $query;
    list($usec, $sec) = explode(' ', microtime());
    $stop = (float)$usec + (float)$sec;
    $diff = $stop - $timer;
    $queries[] = array($query, $diff);
  }

  if ($debug) {
    print '<p>query: '. $query .'<br />error:'. mysqli_error($active_db) .'</p>';
  }

  if (!mysqli_errno($active_db)) {
    return $result;
  }
  else {
    // Indicate to drupal_error_handler that this is a database error.
    ${DB_ERROR} = TRUE;
    trigger_error(check_plain(mysqli_error($active_db) ."\nquery: ". $query), E_USER_WARNING);
    return FALSE;
  }
}

/**
 * Fetch one result row from the previous query as an object.
 *
 * @param $result
 *   A database query result resource, as returned from db_query().
 * @return
 *   An object representing the next row of the result, or FALSE. The attributes
 *   of this object are the table fields selected by the query.
 */
function db_fetch_object($result) {
  if ($result) {
    $object = mysqli_fetch_object($result);
    return isset($object) ? $object : FALSE;
  }
}

/**
 * Fetch one result row from the previous query as an array.
 *
 * @param $result
 *   A database query result resource, as returned from db_query().
 * @return
 *   An associative array representing the next row of the result, or FALSE.
 *   The keys of this object are the names of the table fields selected by the
 *   query, and the values are the field values for this result row.
 */
function db_fetch_array($result) {
  if ($result) {
    $array = mysqli_fetch_array($result, MYSQLI_ASSOC);
    return isset($array) ? $array : FALSE;
  }
}

/**
 * Return an individual result field from the previous query.
 *
 * Only use this function if exactly one field is being selected; otherwise,
 * use db_fetch_object() or db_fetch_array().
 *
 * @param $result
 *   A database query result resource, as returned from db_query().
 * @return
 *   The resulting field or FALSE.
 */
function db_result($result) {
  if ($result && mysqli_num_rows($result) > 0) {
    // The mysqli_fetch_row function has an optional second parameter $row
    // but that can't be used for compatibility with Oracle, DB2, etc.
    $array = mysqli_fetch_row($result);
    return $array[0];
  }
  return FALSE;
}

/**
 * Determine whether the previous query caused an error.
 */
function db_error() {
  global $active_db;
  return mysqli_errno($active_db);
}

/**
 * Determine the number of rows changed by the preceding query.
 */
function db_affected_rows() {
  global $active_db; /* mysqli connection resource */
  return mysqli_affected_rows($active_db);
}

/**
 * Runs a limited-range query in the active database.
 *
 * Use this as a substitute for db_query() when a subset of the query is to be
 * returned.
 * User-supplied arguments to the query should be passed in as separate parameters
 * so that they can be properly escaped to avoid SQL injection attacks.
 *
 * @param $query
 *   A string containing an SQL query.
 * @param ...
 *   A variable number of arguments which are substituted into the query
 *   using printf() syntax. The query arguments can be enclosed in one
 *   array instead.
 *   Valid %-modifiers are: %s, %d, %f, %b (binary data, do not enclose
 *   in '') and %%.
 *
 *   NOTE: using this syntax will cast NULL and FALSE values to decimal 0,
 *   and TRUE values to decimal 1.
 *
 * @param $from
 *   The first result row to return.
 * @param $count
 *   The maximum number of result rows to return.
 * @return
 *   A database query result resource, or FALSE if the query was not executed
 *   correctly.
 */
function db_query_range($query) {
  $args = func_get_args();
  $count = array_pop($args);
  $from = array_pop($args);
  array_shift($args);

  $query = db_prefix_tables($query);
  if (isset($args[0]) and is_array($args[0])) { // 'All arguments in one array' syntax
    $args = $args[0];
  }
  _db_query_callback($args, TRUE);
  $query = preg_replace_callback(DB_QUERY_REGEXP, '_db_query_callback', $query);
  $query .= ' LIMIT '. (int)$from .', '. (int)$count;
  return _db_query($query);
}

/**
 * Runs a SELECT query and stores its results in a temporary table.
 *
 * Use this as a substitute for db_query() when the results need to stored
 * in a temporary table. Temporary tables exist for the duration of the page
 * request.
 * User-supplied arguments to the query should be passed in as separate parameters
 * so that they can be properly escaped to avoid SQL injection attacks.
 *
 * Note that if you need to know how many results were returned, you should do
 * a SELECT COUNT(*) on the temporary table afterwards. db_affected_rows() does
 * not give consistent result across different database types in this case.
 *
 * @param $query
 *   A string containing a normal SELECT SQL query.
 * @param ...
 *   A variable number of arguments which are substituted into the query
 *   using printf() syntax. The query arguments can be enclosed in one
 *   array instead.
 *   Valid %-modifiers are: %s, %d, %f, %b (binary data, do not enclose
 *   in '') and %%.
 *
 *   NOTE: using this syntax will cast NULL and FALSE values to decimal 0,
 *   and TRUE values to decimal 1.
 *
 * @param $table
 *   The name of the temporary table to select into. This name will not be
 *   prefixed as there is no risk of collision.
 * @return
 *   A database query result resource, or FALSE if the query was not executed
 *   correctly.
 */
function db_query_temporary($query) {
  $args = func_get_args();
  $tablename = array_pop($args);
  array_shift($args);

  $query = preg_replace('/^SELECT/i', 'CREATE TEMPORARY TABLE '. $tablename .' Engine=HEAP SELECT', db_prefix_tables($query));
  if (isset($args[0]) and is_array($args[0])) { // 'All arguments in one array' syntax
    $args = $args[0];
  }
  _db_query_callback($args, TRUE);
  $query = preg_replace_callback(DB_QUERY_REGEXP, '_db_query_callback', $query);
  return _db_query($query);
}

/**
 * Returns a properly formatted Binary Large Object value.
 *
 * @param $data
 *   Data to encode.
 * @return
 *  Encoded data.
 */
function db_encode_blob($data) {
  global $active_db;
  return "'". mysqli_real_escape_string($active_db, $data) ."'";
}

/**
 * Returns text from a Binary Large OBject value.
 *
 * @param $data
 *   Data to decode.
 * @return
 *  Decoded data.
 */
function db_decode_blob($data) {
  return $data;
}

/**
 * Prepare user input for use in a database query, preventing SQL injection attacks.
 */
function db_escape_string($text) {
  global $active_db;
  return mysqli_real_escape_string($active_db, $text);
}

/**
 * Lock a table.
 */
function db_lock_table($table) {
  db_query('LOCK TABLES {'. db_escape_table($table) .'} WRITE');
}

/**
 * Unlock all locked tables.
 */
function db_unlock_tables() {
  db_query('UNLOCK TABLES');
}

/**
 * Check if a table exists.
 *
 * @param $table
 *   The name of the table.
 *
 * @return
 *   TRUE if the table exists, and FALSE if the table does not exist.
 */
function db_table_exists($table) {
  return (bool) db_fetch_object(db_query("SHOW TABLES LIKE '{". db_escape_table($table) ."}'"));
}

/**
 * Check if a column exists in the given table.
 *
 * @param $table
 *   The name of the table.
 * @param $column
 *   The name of the column.
 *
 * @return
 *   TRUE if the column exists, and FALSE if the column does not exist.
 */
function db_column_exists($table, $column) {
  return (bool) db_fetch_object(db_query("SHOW COLUMNS FROM {". db_escape_table($table) ."} LIKE '". db_escape_table($column) ."'"));
}

/**
 * @} End of "ingroup database".
 */


## settings.php
<?php
// $Id: default.settings.php,v 1.8.2.4 2009/09/14 12:59:18 goba Exp $

/**
 * @file
 * Drupal site-specific configuration file.
 *
 * IMPORTANT NOTE:
 * This file may have been set to read-only by the Drupal installation
 * program. If you make changes to this file, be sure to protect it again
 * after making your modifications. Failure to remove write permissions
 * to this file is a security risk.
 *
 * The configuration file to be loaded is based upon the rules below.
 *
 * The configuration directory will be discovered by stripping the
 * website's hostname from left to right and pathname from right to
 * left. The first configuration file found will be used and any
 * others will be ignored. If no other configuration file is found
 * then the default configuration file at 'sites/default' will be used.
 *
 * For example, for a fictitious site installed at
 * http://www.drupal.org/mysite/test/, the 'settings.php'
 * is searched in the following directories:
 *
 *  1. sites/www.drupal.org.mysite.test
 *  2. sites/drupal.org.mysite.test
 *  3. sites/org.mysite.test
 *
 *  4. sites/www.drupal.org.mysite
 *  5. sites/drupal.org.mysite
 *  6. sites/org.mysite
 *
 *  7. sites/www.drupal.org
 *  8. sites/drupal.org
 *  9. sites/org
 *
 * 10. sites/default
 *
 * If you are installing on a non-standard port number, prefix the
 * hostname with that number. For example,
 * http://www.drupal.org:8080/mysite/test/ could be loaded from
 * sites/8080.www.drupal.org.mysite.test/.
 */

/**
 * Database settings:
 *
 * Note that the $db_url variable gets parsed using PHP's built-in
 * URL parser (i.e. using the "parse_url()" function) so make sure
 * not to confuse the parser. If your username, password
 * or database name contain characters used to delineate
 * $db_url parts, you can escape them via URI hex encodings:
 *
 *   : = %3a   / = %2f   @ = %40
 *   + = %2b   ( = %28   ) = %29
 *   ? = %3f   = = %3d   & = %26
 *
 * To specify multiple connections to be used in your site (i.e. for
 * complex custom modules) you can also specify an associative array
 * of $db_url variables with the 'default' element used until otherwise
 * requested.
 *
 * You can optionally set prefixes for some or all database table names
 * by using the $db_prefix setting. If a prefix is specified, the table
 * name will be prepended with its value. Be sure to use valid database
 * characters only, usually alphanumeric and underscore. If no prefixes
 * are desired, leave it as an empty string ''.
 *
 * To have all database names prefixed, set $db_prefix as a string:
 *
 *   $db_prefix = 'main_';
 *
 * To provide prefixes for specific tables, set $db_prefix as an array.
 * The array's keys are the table names and the values are the prefixes.
 * The 'default' element holds the prefix for any tables not specified
 * elsewhere in the array. Example:
 *
 *   $db_prefix = array(
 *     'default'   => 'main_',
 *     'users'     => 'shared_',
 *     'sessions'  => 'shared_',
 *     'role'      => 'shared_',
 *     'authmap'   => 'shared_',
 *   );
 *
 * Database URL format:
 *   $db_url = 'mysql://username:password@localhost/databasename';
 *   $db_url = 'mysqli://username:password@localhost/databasename';
 *   $db_url = 'pgsql://username:password@localhost/databasename';
 */
$db_url = 'mysql://username:password@db_hostname/db_name?new_link=1&client_flags=CLIENT_SSL';
#$db_url = 'mysqli://username:password@db_hostname/db_name?client_flags=MYSQLI_CLIENT_SSL+MYSQLI_CLIENT_FOUND_ROWS';
$db_prefix = '';

/**
 * Access control for update.php script
 *
 * If you are updating your Drupal installation using the update.php script
 * being not logged in as administrator, you will need to modify the access
 * check statement below. Change the FALSE to a TRUE to disable the access
 * check. After finishing the upgrade, be sure to open this file again
 * and change the TRUE back to a FALSE!
 */
$update_free_access = FALSE;

/**
 * Base URL (optional).
 *
 * If you are experiencing issues with different site domains,
 * uncomment the Base URL statement below (remove the leading hash sign)
 * and fill in the absolute URL to your Drupal installation.
 *
 * You might also want to force users to use a given domain.
 * See the .htaccess file for more information.
 *
 * Examples:
 *   $base_url = 'http://www.example.com';
 *   $base_url = 'http://www.example.com:8888';
 *   $base_url = 'http://www.example.com/drupal';
 *   $base_url = 'https://www.example.com:8888/drupal';
 *
 * It is not allowed to have a trailing slash; Drupal will add it
 * for you.
 */
# $base_url = 'http://www.example.com';  // NO trailing slash!
$base_url = ((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? 'https://' : 'http://') . 'sandbox2.highlights.com';

/**
 * PHP settings:
 *
 * To see what PHP settings are possible, including whether they can
 * be set at runtime (ie., when ini_set() occurs), read the PHP
 * documentation at http://www.php.net/manual/en/ini.php#ini.list
 * and take a look at the .htaccess file to see which non-runtime
 * settings are used there. Settings defined here should not be
 * duplicated there so as to avoid conflict issues.
 */
ini_set('arg_separator.output',     '&amp;');
ini_set('magic_quotes_runtime',     0);
ini_set('magic_quotes_sybase',      0);
ini_set('session.cache_expire',     200000);
ini_set('session.cache_limiter',    'none');
ini_set('session.cookie_lifetime',  2000000);
ini_set('session.gc_maxlifetime',   200000);
ini_set('session.save_handler',     'user');
ini_set('session.use_cookies',      1);
ini_set('session.use_only_cookies', 1);
ini_set('session.use_trans_sid',    0);
ini_set('url_rewriter.tags',        '');

/**
 * If you encounter a situation where users post a large amount of text, and
 * the result is stripped out upon viewing but can still be edited, Drupal's
 * output filter may not have sufficient memory to process it. If you
 * experience this issue, you may wish to uncomment the following two lines
 * and increase the limits of these variables. For more information, see
 * http://php.net/manual/en/pcre.configuration.php.
 */
# ini_set('pcre.backtrack_limit', 200000);
# ini_set('pcre.recursion_limit', 200000);

/**
 * Drupal automatically generates a unique session cookie name for each site
 * based on on its full domain name. If you have multiple domains pointing at
 * the same Drupal site, you can either redirect them all to a single domain
 * (see comment in .htaccess), or uncomment the line below and specify their
 * shared base domain. Doing so assures that users remain logged in as they
 * cross between your various domains.
 */
# $cookie_domain = 'example.com';

/**
 * Variable overrides:
 *
 * To override specific entries in the 'variable' table for this site,
 * set them here. You usually don't need to use this feature. This is
 * useful in a configuration file for a vhost or directory, rather than
 * the default settings.php. Any configuration setting from the 'variable'
 * table can be given a new value. Note that any values you provide in
 * these variable overrides will not be modifiable from the Drupal
 * administration interface.
 *
 * Remove the leading hash signs to enable.
 */
# $conf = array(
#   'site_name' => 'My Drupal site',
#   'theme_default' => 'minnelli',
#   'anonymous' => 'Visitor',
/**
 * A custom theme can be set for the off-line page. This applies when the site
 * is explicitly set to off-line mode through the administration page or when
 * the database is inactive due to an error. It can be set through the
 * 'maintenance_theme' key. The template file should also be copied into the
 * theme. It is located inside 'modules/system/maintenance-page.tpl.php'.
 * Note: This setting does not apply to installation and update pages.
 */
#   'maintenance_theme' => 'minnelli',
/**
 * reverse_proxy accepts a boolean value.
 *
 * Enable this setting to determine the correct IP address of the remote
 * client by examining information stored in the X-Forwarded-For headers.
 * X-Forwarded-For headers are a standard mechanism for identifying client
 * systems connecting through a reverse proxy server, such as Squid or
 * Pound. Reverse proxy servers are often used to enhance the performance
 * of heavily visited sites and may also provide other site caching,
 * security or encryption benefits. If this Drupal installation operates
 * behind a reverse proxy, this setting should be enabled so that correct
 * IP address information is captured in Drupal's session management,
 * logging, statistics and access management systems; if you are unsure
 * about this setting, do not have a reverse proxy, or Drupal operates in
 * a shared hosting environment, this setting should be set to disabled.
 */
#   'reverse_proxy' => TRUE,
/**
 * reverse_proxy accepts an array of IP addresses.
 *
 * Each element of this array is the IP address of any of your reverse
 * proxies. Filling this array Drupal will trust the information stored
 * in the X-Forwarded-For headers only if Remote IP address is one of
 * these, that is the request reaches the web server from one of your
 * reverse proxies. Otherwise, the client could directly connect to
 * your web server spoofing the X-Forwarded-For headers.
 */
#   'reverse_proxy_addresses' => array('a.b.c.d', ...),
# );

/**
 * String overrides:
 *
 * To override specific strings on your site with or without enabling locale
 * module, add an entry to this list. This functionality allows you to change
 * a small number of your site's default English language interface strings.
 *
 * Remove the leading hash signs to enable.
 */
# $conf['locale_custom_strings_en'] = array(
#   'forum'      => 'Discussion board',
#   '@count min' => '@count minutes',
# );
	In order to connect to a remote MySQL database server (ie. instead of localhost) securely, the database connection must use SSL as a protocol. This Drupal core hack enables a version 6.x site to do just that.

	The 2 files included in this directory (database.mysql.inc and settings.php) should replace [webroot]/includes/database.mysql.inc and [webroot]/sites/[domain.com]/settings.php in a Drupal multisite environment or [webroot]/sites/default/settings.php in a Drupal standalone environment. Make sure you set the correct connection parameters in the $db_url string.

	Note: You can also replace [webroot]/includes/database.mysqli.inc. Just include the code additions from CHANGES-mysqli.txt. Remember to use mysqli in the $db_url string in settings.php also.
	49,78d48
	< * Returns the MySQL client flag based on the defined constant
	< *
	< * @return integer
	< */
	< function db_get_client_flag($client_flags = 0) {
	< $flags = array(
	< 'CLIENT_LONG_PASSWORD' => 1, /* New more secure passwords */
	< 'CLIENT_FOUND_ROWS' => 2, /* Found instead of affected rows */
	< 'CLIENT_LONG_FLAG' => 4, /* Get all column flags */
	< 'CLIENT_CONNECT_WITH_DB' => 8, /* One can specify db on connect */
	< 'CLIENT_NO_SCHEMA' => 16, /* Don't allow database.table.column */
	< 'CLIENT_COMPRESS' => 32, /* Can use compression protocol */
	< 'CLIENT_ODBC' => 64, /* Odbc client */
	< 'CLIENT_LOCAL_FILES' => 128, /* Can use LOAD DATA LOCAL */
	< 'CLIENT_IGNORE_SPACE' => 256, /* Ignore spaces before '(' */
	< 'CLIENT_PROTOCOL_41' => 512, /* New 4.1 protocol */
	< 'CLIENT_INTERACTIVE' => 1024, /* This is an interactive client */
	< 'CLIENT_SSL' => 2048, /* Switch to SSL after handshake */
	< 'CLIENT_IGNORE_SIGPIPE' => 4096, /* IGNORE sigpipes */
	< 'CLIENT_TRANSACTIONS' => 8192, /* Client knows about transactions */
	< 'CLIENT_RESERVED' => 16384, /* Old flag for 4.1 protocol */
	< 'CLIENT_SECURE_CONNECTION' => 32768, /* New 4.1 authentication */
	< 'CLIENT_MULTI_STATEMENTS' => 65536, /* Enable/disable multi-stmt support */
	< 'CLIENT_MULTI_RESULTS' => 131072, /* Enable/disable multi-results */
	< );
	< $num = isset($flags[$client_flags]) ? $flags[$client_flags] : intval($client_flags);
	< return $num;
	< }
	<
	< /**
	101,122c71,77
	< // - Setting $new_link = TRUE makes mysql_connect() always open a new link,
	< // even if mysql_connect() was called before with the same parameters.
	< // This is important if you are using two databases on the same server.
	< // - Setting $client_flags = 2 means CLIENT_FOUND_ROWS: return the number
	< // of found (matched) rows, not the number of affected rows.
	<
	< // Initialize variables (defaults)
	< $new_link = TRUE;
	< $client_flags = 2;
	<
	< // Check if variables are set (overrides)
	< if (isset($url['query'])) {
	< parse_str($url['query']);
	< if (isset($new_link)) {
	< $new_link = ($new_link && strtoupper($new_link) != 'FALSE') ? 1 : 0;
	< }
	< if (isset($client_flags)) {
	< $client_flags = db_get_client_flag($client_flags);
	< }
	< }
	<
	< $connection = @mysql_connect($url['host'], $url['user'], $url['pass'], $new_link, $client_flags);
	---
	> // - TRUE makes mysql_connect() always open a new link, even if
	> // mysql_connect() was called before with the same parameters.
	> // This is important if you are using two databases on the same
	> // server.
	> // - 2 means CLIENT_FOUND_ROWS: return the number of found
	> // (matched) rows, not the number of affected rows.
	> $connection = @mysql_connect($url['host'], $url['user'], $url['pass'], TRUE, 2);
	74,78d73
	< // Check if variables are set (overrides)
	< if (isset($url['query'])) {
	< parse_str($url['query']);
	< }
	< $url['client_flags'] = isset($client_flags) ? urldecode($client_flags) : MYSQLI_CLIENT_FOUND_ROWS;
	81c76
	< @mysqli_real_connect($connection, $url['host'], $url['user'], $url['pass'], substr($url['path'], 1), $url['port'], NULL, $url['client_flags']);
	---
	> @mysqli_real_connect($connection, $url['host'], $url['user'], $url['pass'], substr($url['path'], 1), $url['port'], NULL, MYSQLI_CLIENT_FOUND_ROWS);
	<?php
	// $Id: database.mysql.inc,v 1.89.2.2 2010/02/01 16:32:10 goba Exp $

	/**
	* @file
	* Database interface code for MySQL database servers.
	*/

	/**
	* @ingroup database
	* @{
	*/

	// Include functions shared between mysql and mysqli.
	require_once './includes/database.mysql-common.inc';

	/**
	* Report database status.
	*/
	function db_status_report($phase) {
	$t = get_t();

	$version = db_version();

	$form['mysql'] = array(
	'title' => $t('MySQL database'),
	'value' => ($phase == 'runtime') ? l($version, 'admin/reports/status/sql') : $version,
	);

	if (version_compare($version, DRUPAL_MINIMUM_MYSQL) < 0) {
	$form['mysql']['severity'] = REQUIREMENT_ERROR;
	$form['mysql']['description'] = $t('Your MySQL Server is too old. Drupal requires at least MySQL %version.', array('%version' => DRUPAL_MINIMUM_MYSQL));
	}

	return $form;
	}

	/**
	* Returns the version of the database server currently in use.
	*
	* @return Database server version
	*/
	function db_version() {
	list($version) = explode('-', mysql_get_server_info());
	return $version;
	}

	/**
	* Returns the MySQL client flag based on the defined constant
	*
	* @return integer
	*/
	function db_get_client_flag($client_flags = 0) {
	$flags = array(
	'CLIENT_LONG_PASSWORD' => 1, /* New more secure passwords */
	'CLIENT_FOUND_ROWS' => 2, /* Found instead of affected rows */
	'CLIENT_LONG_FLAG' => 4, /* Get all column flags */
	'CLIENT_CONNECT_WITH_DB' => 8, /* One can specify db on connect */
	'CLIENT_NO_SCHEMA' => 16, /* Don't allow database.table.column */
	'CLIENT_COMPRESS' => 32, /* Can use compression protocol */
	'CLIENT_ODBC' => 64, /* Odbc client */
	'CLIENT_LOCAL_FILES' => 128, /* Can use LOAD DATA LOCAL */
	'CLIENT_IGNORE_SPACE' => 256, /* Ignore spaces before '(' */
	'CLIENT_PROTOCOL_41' => 512, /* New 4.1 protocol */
	'CLIENT_INTERACTIVE' => 1024, /* This is an interactive client */
	'CLIENT_SSL' => 2048, /* Switch to SSL after handshake */
	'CLIENT_IGNORE_SIGPIPE' => 4096, /* IGNORE sigpipes */
	'CLIENT_TRANSACTIONS' => 8192, /* Client knows about transactions */
	'CLIENT_RESERVED' => 16384, /* Old flag for 4.1 protocol */
	'CLIENT_SECURE_CONNECTION' => 32768, /* New 4.1 authentication */
	'CLIENT_MULTI_STATEMENTS' => 65536, /* Enable/disable multi-stmt support */
	'CLIENT_MULTI_RESULTS' => 131072, /* Enable/disable multi-results */
	);
	$num = isset($flags[$client_flags]) ? $flags[$client_flags] : intval($client_flags);
	return $num;
	}

	/**
	* Initialize a database connection.
	*/
	function db_connect($url) {
	$url = parse_url($url);

	// Check if MySQL support is present in PHP
	if (!function_exists('mysql_connect')) {
	_db_error_page('Unable to use the MySQL database because the MySQL extension for PHP is not installed. Check your <code>php.ini</code> to see how you can enable it.');
	}

	// Decode url-encoded information in the db connection string
	$url['user'] = urldecode($url['user']);
	// Test if database url has a password.
	$url['pass'] = isset($url['pass']) ? urldecode($url['pass']) : '';
	$url['host'] = urldecode($url['host']);
	$url['path'] = urldecode($url['path']);

	// Allow for non-standard MySQL port.
	if (isset($url['port'])) {
	$url['host'] = $url['host'] .':'. $url['port'];
	}

	// - Setting $new_link = TRUE makes mysql_connect() always open a new link,
	// even if mysql_connect() was called before with the same parameters.
	// This is important if you are using two databases on the same server.
	// - Setting $client_flags = 2 means CLIENT_FOUND_ROWS: return the number
	// of found (matched) rows, not the number of affected rows.

	// Initialize variables (defaults)
	$new_link = TRUE;
	$client_flags = 2;

	// Check if variables are set (overrides)
	if (isset($url['query'])) {
	parse_str($url['query']);
	if (isset($new_link)) {
	$new_link = ($new_link && strtoupper($new_link) != 'FALSE') ? 1 : 0;
	}
	if (isset($client_flags)) {
	$client_flags = db_get_client_flag($client_flags);
	}
	}

	$connection = @mysql_connect($url['host'], $url['user'], $url['pass'], $new_link, $client_flags);
	if (!$connection \|\| !mysql_select_db(substr($url['path'], 1))) {
	// Show error screen otherwise
	_db_error_page(mysql_error());
	}

	// Force UTF-8.
	mysql_query('SET NAMES "utf8"', $connection);
	return $connection;
	}

	/**
	* Helper function for db_query().
	*/
	function _db_query($query, $debug = 0) {
	global $active_db, $queries, $user;

	if (variable_get('dev_query', 0)) {
	list($usec, $sec) = explode(' ', microtime());
	$timer = (float)$usec + (float)$sec;
	// If devel.module query logging is enabled, prepend a comment with the username and calling function
	// to the SQL string. This is useful when running mysql's SHOW PROCESSLIST to learn what exact
	// code is issueing the slow query.
	$bt = debug_backtrace();
	// t() may not be available yet so we don't wrap 'Anonymous'.
	$name = $user->uid ? $user->name : variable_get('anonymous', 'Anonymous');
	// str_replace() to prevent SQL injection via username or anonymous name.
	$name = str_replace(array('*', '/'), '', $name);
	$query = '/* '. $name .' : '. $bt[2]['function'] .' */ '. $query;
	}

	$result = mysql_query($query, $active_db);

	if (variable_get('dev_query', 0)) {
	$query = $bt[2]['function'] ."\n". $query;
	list($usec, $sec) = explode(' ', microtime());
	$stop = (float)$usec + (float)$sec;
	$diff = $stop - $timer;
	$queries[] = array($query, $diff);
	}

	if ($debug) {
	print '<p>query: '. $query .'<br />error:'. mysql_error($active_db) .'</p>';
	}

	if (!mysql_errno($active_db)) {
	return $result;
	}
	else {
	// Indicate to drupal_error_handler that this is a database error.
	${DB_ERROR} = TRUE;
	trigger_error(check_plain(mysql_error($active_db) ."\nquery: ". $query), E_USER_WARNING);
	return FALSE;
	}
	}

	/**
	* Fetch one result row from the previous query as an object.
	*
	* @param $result
	* A database query result resource, as returned from db_query().
	* @return
	* An object representing the next row of the result, or FALSE. The attributes
	* of this object are the table fields selected by the query.
	*/
	function db_fetch_object($result) {
	if ($result) {
	return mysql_fetch_object($result);
	}
	}

	/**
	* Fetch one result row from the previous query as an array.
	*
	* @param $result
	* A database query result resource, as returned from db_query().
	* @return
	* An associative array representing the next row of the result, or FALSE.
	* The keys of this object are the names of the table fields selected by the
	* query, and the values are the field values for this result row.
	*/
	function db_fetch_array($result) {
	if ($result) {
	return mysql_fetch_array($result, MYSQL_ASSOC);
	}
	}

	/**
	* Return an individual result field from the previous query.
	*
	* Only use this function if exactly one field is being selected; otherwise,
	* use db_fetch_object() or db_fetch_array().
	*
	* @param $result
	* A database query result resource, as returned from db_query().
	* @return
	* The resulting field or FALSE.
	*/
	function db_result($result) {
	if ($result && mysql_num_rows($result) > 0) {
	// The mysql_fetch_row function has an optional second parameter $row
	// but that can't be used for compatibility with Oracle, DB2, etc.
	$array = mysql_fetch_row($result);
	return $array[0];
	}
	return FALSE;
	}

	/**
	* Determine whether the previous query caused an error.
	*/
	function db_error() {
	global $active_db;
	return mysql_errno($active_db);
	}

	/**
	* Determine the number of rows changed by the preceding query.
	*/
	function db_affected_rows() {
	global $active_db;
	return mysql_affected_rows($active_db);
	}

	/**
	* Runs a limited-range query in the active database.
	*
	* Use this as a substitute for db_query() when a subset of the query is to be
	* returned.
	* User-supplied arguments to the query should be passed in as separate parameters
	* so that they can be properly escaped to avoid SQL injection attacks.
	*
	* @param $query
	* A string containing an SQL query.
	* @param ...
	* A variable number of arguments which are substituted into the query
	* using printf() syntax. The query arguments can be enclosed in one
	* array instead.
	* Valid %-modifiers are: %s, %d, %f, %b (binary data, do not enclose
	* in '') and %%.
	*
	* NOTE: using this syntax will cast NULL and FALSE values to decimal 0,
	* and TRUE values to decimal 1.
	*
	* @param $from
	* The first result row to return.
	* @param $count
	* The maximum number of result rows to return.
	* @return
	* A database query result resource, or FALSE if the query was not executed
	* correctly.
	*/
	function db_query_range($query) {
	$args = func_get_args();
	$count = array_pop($args);
	$from = array_pop($args);
	array_shift($args);

	$query = db_prefix_tables($query);
	if (isset($args[0]) and is_array($args[0])) { // 'All arguments in one array' syntax
	$args = $args[0];
	}
	_db_query_callback($args, TRUE);
	$query = preg_replace_callback(DB_QUERY_REGEXP, '_db_query_callback', $query);
	$query .= ' LIMIT '. (int)$from .', '. (int)$count;
	return _db_query($query);
	}

	/**
	* Runs a SELECT query and stores its results in a temporary table.
	*
	* Use this as a substitute for db_query() when the results need to stored
	* in a temporary table. Temporary tables exist for the duration of the page
	* request.
	* User-supplied arguments to the query should be passed in as separate parameters
	* so that they can be properly escaped to avoid SQL injection attacks.
	*
	* Note that if you need to know how many results were returned, you should do
	* a SELECT COUNT(*) on the temporary table afterwards. db_affected_rows() does
	* not give consistent result across different database types in this case.
	*
	* @param $query
	* A string containing a normal SELECT SQL query.
	* @param ...
	* A variable number of arguments which are substituted into the query
	* using printf() syntax. The query arguments can be enclosed in one
	* array instead.
	* Valid %-modifiers are: %s, %d, %f, %b (binary data, do not enclose
	* in '') and %%.
	*
	* NOTE: using this syntax will cast NULL and FALSE values to decimal 0,
	* and TRUE values to decimal 1.
	*
	* @param $table
	* The name of the temporary table to select into. This name will not be
	* prefixed as there is no risk of collision.
	* @return
	* A database query result resource, or FALSE if the query was not executed
	* correctly.
	*/
	function db_query_temporary($query) {
	$args = func_get_args();
	$tablename = array_pop($args);
	array_shift($args);

	$query = preg_replace('/^SELECT/i', 'CREATE TEMPORARY TABLE '. $tablename .' Engine=HEAP SELECT', db_prefix_tables($query));
	if (isset($args[0]) and is_array($args[0])) { // 'All arguments in one array' syntax
	$args = $args[0];
	}
	_db_query_callback($args, TRUE);
	$query = preg_replace_callback(DB_QUERY_REGEXP, '_db_query_callback', $query);
	return _db_query($query);
	}

	/**
	* Returns a properly formatted Binary Large OBject value.
	*
	* @param $data
	* Data to encode.
	* @return
	* Encoded data.
	*/
	function db_encode_blob($data) {
	global $active_db;
	return "'". mysql_real_escape_string($data, $active_db) ."'";
	}

	/**
	* Returns text from a Binary Large Object value.
	*
	* @param $data
	* Data to decode.
	* @return
	* Decoded data.
	*/
	function db_decode_blob($data) {
	return $data;
	}

	/**
	* Prepare user input for use in a database query, preventing SQL injection attacks.
	*/
	function db_escape_string($text) {
	global $active_db;
	return mysql_real_escape_string($text, $active_db);
	}

	/**
	* Lock a table.
	*/
	function db_lock_table($table) {
	db_query('LOCK TABLES {'. db_escape_table($table) .'} WRITE');
	}

	/**
	* Unlock all locked tables.
	*/
	function db_unlock_tables() {
	db_query('UNLOCK TABLES');
	}

	/**
	* Check if a table exists.
	*/
	function db_table_exists($table) {
	return (bool) db_fetch_object(db_query("SHOW TABLES LIKE '{". db_escape_table($table) ."}'"));
	}

	/**
	* Check if a column exists in the given table.
	*/
	function db_column_exists($table, $column) {
	return (bool) db_fetch_object(db_query("SHOW COLUMNS FROM {". db_escape_table($table) ."} LIKE '". db_escape_table($column) ."'"));
	}

	/**
	* @} End of "ingroup database".
	*/
	<?php
	// $Id: database.mysqli.inc,v 1.54.2.4 2010/12/15 20:41:10 goba Exp $

	/**
	* @file
	* Database interface code for MySQL database servers using the mysqli client libraries. mysqli is included in PHP 5 by default and allows developers to use the advanced features of MySQL 4.1.x, 5.0.x and beyond.
	*/

	// Maintainers of this file should consult:
	// http://www.php.net/manual/en/ref.mysqli.php

	/**
	* @ingroup database
	* @{
	*/

	// Include functions shared between mysql and mysqli.
	require_once './includes/database.mysql-common.inc';

	/**
	* Report database status.
	*/
	function db_status_report($phase) {
	$t = get_t();

	$version = db_version();

	$form['mysql'] = array(
	'title' => $t('MySQL database'),
	'value' => ($phase == 'runtime') ? l($version, 'admin/reports/status/sql') : $version,
	);

	if (version_compare($version, DRUPAL_MINIMUM_MYSQL) < 0) {
	$form['mysql']['severity'] = REQUIREMENT_ERROR;
	$form['mysql']['description'] = $t('Your MySQL Server is too old. Drupal requires at least MySQL %version.', array('%version' => DRUPAL_MINIMUM_MYSQL));
	}

	return $form;
	}

	/**
	* Returns the version of the database server currently in use.
	*
	* @return Database server version
	*/
	function db_version() {
	global $active_db;
	list($version) = explode('-', mysqli_get_server_info($active_db));
	return $version;
	}

	/**
	* Initialise a database connection.
	*
	* Note that mysqli does not support persistent connections.
	*/
	function db_connect($url) {
	// Check if MySQLi support is present in PHP
	if (!function_exists('mysqli_init') && !extension_loaded('mysqli')) {
	_db_error_page('Unable to use the MySQLi database because the MySQLi extension for PHP is not installed. Check your <code>php.ini</code> to see how you can enable it.');
	}

	$url = parse_url($url);

	// Decode url-encoded information in the db connection string
	$url['user'] = urldecode($url['user']);
	// Test if database url has a password.
	$url['pass'] = isset($url['pass']) ? urldecode($url['pass']) : '';
	$url['host'] = urldecode($url['host']);
	$url['path'] = urldecode($url['path']);
	if (!isset($url['port'])) {
	$url['port'] = NULL;
	}
	// Check if variables are set (overrides)
	if (isset($url['query'])) {
	parse_str($url['query']);
	}
	$url['client_flags'] = isset($client_flags) ? urldecode($client_flags) : MYSQLI_CLIENT_FOUND_ROWS;

	$connection = mysqli_init();
	@mysqli_real_connect($connection, $url['host'], $url['user'], $url['pass'], substr($url['path'], 1), $url['port'], NULL, $url['client_flags']);

	if (mysqli_connect_errno() > 0) {
	_db_error_page(mysqli_connect_error());
	}

	// Force MySQL to use the UTF-8 character set. Also set the collation, if a
	// certain one has been set; otherwise, MySQL defaults to 'utf8_general_ci'
	// for UTF-8.
	if (!empty($GLOBALS['db_collation'])) {
	mysqli_query($connection, 'SET NAMES utf8 COLLATE ' . $GLOBALS['db_collation']);
	}
	else {
	mysqli_query($connection, 'SET NAMES utf8');
	}

	return $connection;
	}

	/**
	* Helper function for db_query().
	*/
	function _db_query($query, $debug = 0) {
	global $active_db, $queries, $user;

	if (variable_get('dev_query', 0)) {
	list($usec, $sec) = explode(' ', microtime());
	$timer = (float)$usec + (float)$sec;
	// If devel.module query logging is enabled, prepend a comment with the username and calling function
	// to the SQL string. This is useful when running mysql's SHOW PROCESSLIST to learn what exact
	// code is issueing the slow query.
	$bt = debug_backtrace();
	// t() may not be available yet so we don't wrap 'Anonymous'
	$name = $user->uid ? $user->name : variable_get('anonymous', 'Anonymous');
	// str_replace() to prevent SQL injection via username or anonymous name.
	$name = str_replace(array('*', '/'), '', $name);
	$query = '/* '. $name .' : '. $bt[2]['function'] .' */ '. $query;
	}

	$result = mysqli_query($active_db, $query);

	if (variable_get('dev_query', 0)) {
	$query = $bt[2]['function'] ."\n". $query;
	list($usec, $sec) = explode(' ', microtime());
	$stop = (float)$usec + (float)$sec;
	$diff = $stop - $timer;
	$queries[] = array($query, $diff);
	}

	if ($debug) {
	print '<p>query: '. $query .'<br />error:'. mysqli_error($active_db) .'</p>';
	}

	if (!mysqli_errno($active_db)) {
	return $result;
	}
	else {
	// Indicate to drupal_error_handler that this is a database error.
	${DB_ERROR} = TRUE;
	trigger_error(check_plain(mysqli_error($active_db) ."\nquery: ". $query), E_USER_WARNING);
	return FALSE;
	}
	}

	/**
	* Fetch one result row from the previous query as an object.
	*
	* @param $result
	* A database query result resource, as returned from db_query().
	* @return
	* An object representing the next row of the result, or FALSE. The attributes
	* of this object are the table fields selected by the query.
	*/
	function db_fetch_object($result) {
	if ($result) {
	$object = mysqli_fetch_object($result);
	return isset($object) ? $object : FALSE;
	}
	}

	/**
	* Fetch one result row from the previous query as an array.
	*
	* @param $result
	* A database query result resource, as returned from db_query().
	* @return
	* An associative array representing the next row of the result, or FALSE.
	* The keys of this object are the names of the table fields selected by the
	* query, and the values are the field values for this result row.
	*/
	function db_fetch_array($result) {
	if ($result) {
	$array = mysqli_fetch_array($result, MYSQLI_ASSOC);
	return isset($array) ? $array : FALSE;
	}
	}

	/**
	* Return an individual result field from the previous query.
	*
	* Only use this function if exactly one field is being selected; otherwise,
	* use db_fetch_object() or db_fetch_array().
	*
	* @param $result
	* A database query result resource, as returned from db_query().
	* @return
	* The resulting field or FALSE.
	*/
	function db_result($result) {
	if ($result && mysqli_num_rows($result) > 0) {
	// The mysqli_fetch_row function has an optional second parameter $row
	// but that can't be used for compatibility with Oracle, DB2, etc.
	$array = mysqli_fetch_row($result);
	return $array[0];
	}
	return FALSE;
	}

	/**
	* Determine whether the previous query caused an error.
	*/
	function db_error() {
	global $active_db;
	return mysqli_errno($active_db);
	}

	/**
	* Determine the number of rows changed by the preceding query.
	*/
	function db_affected_rows() {
	global $active_db; /* mysqli connection resource */
	return mysqli_affected_rows($active_db);
	}

	/**
	* Runs a limited-range query in the active database.
	*
	* Use this as a substitute for db_query() when a subset of the query is to be
	* returned.
	* User-supplied arguments to the query should be passed in as separate parameters
	* so that they can be properly escaped to avoid SQL injection attacks.
	*
	* @param $query
	* A string containing an SQL query.
	* @param ...
	* A variable number of arguments which are substituted into the query
	* using printf() syntax. The query arguments can be enclosed in one
	* array instead.
	* Valid %-modifiers are: %s, %d, %f, %b (binary data, do not enclose
	* in '') and %%.
	*
	* NOTE: using this syntax will cast NULL and FALSE values to decimal 0,
	* and TRUE values to decimal 1.
	*
	* @param $from
	* The first result row to return.
	* @param $count
	* The maximum number of result rows to return.
	* @return
	* A database query result resource, or FALSE if the query was not executed
	* correctly.
	*/
	function db_query_range($query) {
	$args = func_get_args();
	$count = array_pop($args);
	$from = array_pop($args);
	array_shift($args);

	$query = db_prefix_tables($query);
	if (isset($args[0]) and is_array($args[0])) { // 'All arguments in one array' syntax
	$args = $args[0];
	}
	_db_query_callback($args, TRUE);
	$query = preg_replace_callback(DB_QUERY_REGEXP, '_db_query_callback', $query);
	$query .= ' LIMIT '. (int)$from .', '. (int)$count;
	return _db_query($query);
	}

	/**
	* Runs a SELECT query and stores its results in a temporary table.
	*
	* Use this as a substitute for db_query() when the results need to stored
	* in a temporary table. Temporary tables exist for the duration of the page
	* request.
	* User-supplied arguments to the query should be passed in as separate parameters
	* so that they can be properly escaped to avoid SQL injection attacks.
	*
	* Note that if you need to know how many results were returned, you should do
	* a SELECT COUNT(*) on the temporary table afterwards. db_affected_rows() does
	* not give consistent result across different database types in this case.
	*
	* @param $query
	* A string containing a normal SELECT SQL query.
	* @param ...
	* A variable number of arguments which are substituted into the query
	* using printf() syntax. The query arguments can be enclosed in one
	* array instead.
	* Valid %-modifiers are: %s, %d, %f, %b (binary data, do not enclose
	* in '') and %%.
	*
	* NOTE: using this syntax will cast NULL and FALSE values to decimal 0,
	* and TRUE values to decimal 1.
	*
	* @param $table
	* The name of the temporary table to select into. This name will not be
	* prefixed as there is no risk of collision.
	* @return
	* A database query result resource, or FALSE if the query was not executed
	* correctly.
	*/
	function db_query_temporary($query) {
	$args = func_get_args();
	$tablename = array_pop($args);
	array_shift($args);

	$query = preg_replace('/^SELECT/i', 'CREATE TEMPORARY TABLE '. $tablename .' Engine=HEAP SELECT', db_prefix_tables($query));
	if (isset($args[0]) and is_array($args[0])) { // 'All arguments in one array' syntax
	$args = $args[0];
	}
	_db_query_callback($args, TRUE);
	$query = preg_replace_callback(DB_QUERY_REGEXP, '_db_query_callback', $query);
	return _db_query($query);
	}

	/**
	* Returns a properly formatted Binary Large Object value.
	*
	* @param $data
	* Data to encode.
	* @return
	* Encoded data.
	*/
	function db_encode_blob($data) {
	global $active_db;
	return "'". mysqli_real_escape_string($active_db, $data) ."'";
	}

	/**
	* Returns text from a Binary Large OBject value.
	*
	* @param $data
	* Data to decode.
	* @return
	* Decoded data.
	*/
	function db_decode_blob($data) {
	return $data;
	}

	/**
	* Prepare user input for use in a database query, preventing SQL injection attacks.
	*/
	function db_escape_string($text) {
	global $active_db;
	return mysqli_real_escape_string($active_db, $text);
	}

	/**
	* Lock a table.
	*/
	function db_lock_table($table) {
	db_query('LOCK TABLES {'. db_escape_table($table) .'} WRITE');
	}

	/**
	* Unlock all locked tables.
	*/
	function db_unlock_tables() {
	db_query('UNLOCK TABLES');
	}

	/**
	* Check if a table exists.
	*
	* @param $table
	* The name of the table.
	*
	* @return
	* TRUE if the table exists, and FALSE if the table does not exist.
	*/
	function db_table_exists($table) {
	return (bool) db_fetch_object(db_query("SHOW TABLES LIKE '{". db_escape_table($table) ."}'"));
	}

	/**
	* Check if a column exists in the given table.
	*
	* @param $table
	* The name of the table.
	* @param $column
	* The name of the column.
	*
	* @return
	* TRUE if the column exists, and FALSE if the column does not exist.
	*/
	function db_column_exists($table, $column) {
	return (bool) db_fetch_object(db_query("SHOW COLUMNS FROM {". db_escape_table($table) ."} LIKE '". db_escape_table($column) ."'"));
	}

	/**
	* @} End of "ingroup database".
	*/
	<?php
	// $Id: default.settings.php,v 1.8.2.4 2009/09/14 12:59:18 goba Exp $

	/**
	* @file
	* Drupal site-specific configuration file.
	*
	* IMPORTANT NOTE:
	* This file may have been set to read-only by the Drupal installation
	* program. If you make changes to this file, be sure to protect it again
	* after making your modifications. Failure to remove write permissions
	* to this file is a security risk.
	*
	* The configuration file to be loaded is based upon the rules below.
	*
	* The configuration directory will be discovered by stripping the
	* website's hostname from left to right and pathname from right to
	* left. The first configuration file found will be used and any
	* others will be ignored. If no other configuration file is found
	* then the default configuration file at 'sites/default' will be used.
	*
	* For example, for a fictitious site installed at
	* http://www.drupal.org/mysite/test/, the 'settings.php'
	* is searched in the following directories:
	*
	* 1. sites/www.drupal.org.mysite.test
	* 2. sites/drupal.org.mysite.test
	* 3. sites/org.mysite.test
	*
	* 4. sites/www.drupal.org.mysite
	* 5. sites/drupal.org.mysite
	* 6. sites/org.mysite
	*
	* 7. sites/www.drupal.org
	* 8. sites/drupal.org
	* 9. sites/org
	*
	* 10. sites/default
	*
	* If you are installing on a non-standard port number, prefix the
	* hostname with that number. For example,
	* http://www.drupal.org:8080/mysite/test/ could be loaded from
	* sites/8080.www.drupal.org.mysite.test/.
	*/

	/**
	* Database settings:
	*
	* Note that the $db_url variable gets parsed using PHP's built-in
	* URL parser (i.e. using the "parse_url()" function) so make sure
	* not to confuse the parser. If your username, password
	* or database name contain characters used to delineate
	* $db_url parts, you can escape them via URI hex encodings:
	*
	* : = %3a / = %2f @ = %40
	* + = %2b ( = %28 ) = %29
	* ? = %3f = = %3d & = %26
	*
	* To specify multiple connections to be used in your site (i.e. for
	* complex custom modules) you can also specify an associative array
	* of $db_url variables with the 'default' element used until otherwise
	* requested.
	*
	* You can optionally set prefixes for some or all database table names
	* by using the $db_prefix setting. If a prefix is specified, the table
	* name will be prepended with its value. Be sure to use valid database
	* characters only, usually alphanumeric and underscore. If no prefixes
	* are desired, leave it as an empty string ''.
	*
	* To have all database names prefixed, set $db_prefix as a string:
	*
	* $db_prefix = 'main_';
	*
	* To provide prefixes for specific tables, set $db_prefix as an array.
	* The array's keys are the table names and the values are the prefixes.
	* The 'default' element holds the prefix for any tables not specified
	* elsewhere in the array. Example:
	*
	* $db_prefix = array(
	* 'default' => 'main_',
	* 'users' => 'shared_',
	* 'sessions' => 'shared_',
	* 'role' => 'shared_',
	* 'authmap' => 'shared_',
	* );
	*
	* Database URL format:
	* $db_url = 'mysql://username:password@localhost/databasename';
	* $db_url = 'mysqli://username:password@localhost/databasename';
	* $db_url = 'pgsql://username:password@localhost/databasename';
	*/
	$db_url = 'mysql://username:password@db_hostname/db_name?new_link=1&client_flags=CLIENT_SSL';
	#$db_url = 'mysqli://username:password@db_hostname/db_name?client_flags=MYSQLI_CLIENT_SSL+MYSQLI_CLIENT_FOUND_ROWS';
	$db_prefix = '';

	/**
	* Access control for update.php script
	*
	* If you are updating your Drupal installation using the update.php script
	* being not logged in as administrator, you will need to modify the access
	* check statement below. Change the FALSE to a TRUE to disable the access
	* check. After finishing the upgrade, be sure to open this file again
	* and change the TRUE back to a FALSE!
	*/
	$update_free_access = FALSE;

	/**
	* Base URL (optional).
	*
	* If you are experiencing issues with different site domains,
	* uncomment the Base URL statement below (remove the leading hash sign)
	* and fill in the absolute URL to your Drupal installation.
	*
	* You might also want to force users to use a given domain.
	* See the .htaccess file for more information.
	*
	* Examples:
	* $base_url = 'http://www.example.com';
	* $base_url = 'http://www.example.com:8888';
	* $base_url = 'http://www.example.com/drupal';
	* $base_url = 'https://www.example.com:8888/drupal';
	*
	* It is not allowed to have a trailing slash; Drupal will add it
	* for you.
	*/
	# $base_url = 'http://www.example.com'; // NO trailing slash!
	$base_url = ((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? 'https://' : 'http://') . 'sandbox2.highlights.com';

	/**
	* PHP settings:
	*
	* To see what PHP settings are possible, including whether they can
	* be set at runtime (ie., when ini_set() occurs), read the PHP
	* documentation at http://www.php.net/manual/en/ini.php#ini.list
	* and take a look at the .htaccess file to see which non-runtime
	* settings are used there. Settings defined here should not be
	* duplicated there so as to avoid conflict issues.
	*/
	ini_set('arg_separator.output', '&');
	ini_set('magic_quotes_runtime', 0);
	ini_set('magic_quotes_sybase', 0);
	ini_set('session.cache_expire', 200000);
	ini_set('session.cache_limiter', 'none');
	ini_set('session.cookie_lifetime', 2000000);
	ini_set('session.gc_maxlifetime', 200000);
	ini_set('session.save_handler', 'user');
	ini_set('session.use_cookies', 1);
	ini_set('session.use_only_cookies', 1);
	ini_set('session.use_trans_sid', 0);
	ini_set('url_rewriter.tags', '');

	/**
	* If you encounter a situation where users post a large amount of text, and
	* the result is stripped out upon viewing but can still be edited, Drupal's
	* output filter may not have sufficient memory to process it. If you
	* experience this issue, you may wish to uncomment the following two lines
	* and increase the limits of these variables. For more information, see
	* http://php.net/manual/en/pcre.configuration.php.
	*/
	# ini_set('pcre.backtrack_limit', 200000);
	# ini_set('pcre.recursion_limit', 200000);

	/**
	* Drupal automatically generates a unique session cookie name for each site
	* based on on its full domain name. If you have multiple domains pointing at
	* the same Drupal site, you can either redirect them all to a single domain
	* (see comment in .htaccess), or uncomment the line below and specify their
	* shared base domain. Doing so assures that users remain logged in as they
	* cross between your various domains.
	*/
	# $cookie_domain = 'example.com';

	/**
	* Variable overrides:
	*
	* To override specific entries in the 'variable' table for this site,
	* set them here. You usually don't need to use this feature. This is
	* useful in a configuration file for a vhost or directory, rather than
	* the default settings.php. Any configuration setting from the 'variable'
	* table can be given a new value. Note that any values you provide in
	* these variable overrides will not be modifiable from the Drupal
	* administration interface.
	*
	* Remove the leading hash signs to enable.
	*/
	# $conf = array(
	# 'site_name' => 'My Drupal site',
	# 'theme_default' => 'minnelli',
	# 'anonymous' => 'Visitor',
	/**
	* A custom theme can be set for the off-line page. This applies when the site
	* is explicitly set to off-line mode through the administration page or when
	* the database is inactive due to an error. It can be set through the
	* 'maintenance_theme' key. The template file should also be copied into the
	* theme. It is located inside 'modules/system/maintenance-page.tpl.php'.
	* Note: This setting does not apply to installation and update pages.
	*/
	# 'maintenance_theme' => 'minnelli',
	/**
	* reverse_proxy accepts a boolean value.
	*
	* Enable this setting to determine the correct IP address of the remote
	* client by examining information stored in the X-Forwarded-For headers.
	* X-Forwarded-For headers are a standard mechanism for identifying client
	* systems connecting through a reverse proxy server, such as Squid or
	* Pound. Reverse proxy servers are often used to enhance the performance
	* of heavily visited sites and may also provide other site caching,
	* security or encryption benefits. If this Drupal installation operates
	* behind a reverse proxy, this setting should be enabled so that correct
	* IP address information is captured in Drupal's session management,
	* logging, statistics and access management systems; if you are unsure
	* about this setting, do not have a reverse proxy, or Drupal operates in
	* a shared hosting environment, this setting should be set to disabled.
	*/
	# 'reverse_proxy' => TRUE,
	/**
	* reverse_proxy accepts an array of IP addresses.
	*
	* Each element of this array is the IP address of any of your reverse
	* proxies. Filling this array Drupal will trust the information stored
	* in the X-Forwarded-For headers only if Remote IP address is one of
	* these, that is the request reaches the web server from one of your
	* reverse proxies. Otherwise, the client could directly connect to
	* your web server spoofing the X-Forwarded-For headers.
	*/
	# 'reverse_proxy_addresses' => array('a.b.c.d', ...),
	# );

	/**
	* String overrides:
	*
	* To override specific strings on your site with or without enabling locale
	* module, add an entry to this list. This functionality allows you to change
	* a small number of your site's default English language interface strings.
	*
	* Remove the leading hash signs to enable.
	*/
	# $conf['locale_custom_strings_en'] = array(
	# 'forum' => 'Discussion board',
	# '@count min' => '@count minutes',
	# );