Module Monday: Hacked!

How to Track Down Bugs Code Hacks on Your Drupal Site

Drupal is a great platform for building web sites as it can quickly and easily get a site up yesterday. Eventually, some customization will need to be made to a website's code to implement evolving features and designs. A small markup change here, a text alteration there, or modifying a function like user_load(), and in most cases Drupal will continue to work fine. While all might seem OK, without realizing it, your site has been Hacked!

Well, not hacked in the way that a site is broken into maliciously, but hacked in that Drupal itself or contributed modules have been changed on your site. Without knowing what has been changed, it can be very difficult to track down bugs, as the code on your site is no longer the same as the code everyone else is running. Updating Drupal or contributed modules becomes a huge hassle, and important security updates are often ignored due to the work involved in re-implementing code hacks.

The Hacked! module is best run with the Diff module, though it's not required. After downloading and enabling both modules, browse to Reports > Hacked (for Drupal 7) to generate the site report.








Hacked! summary page showing Drupal has been modified

It looks like someone has hacked Drupal core. Let's click "View details of changes" and see what's different:








node.module has been hacked

Clicking on modules/node/node.module:








node.module has been hacked to only load node IDs less than 100

If Drush is more your style, Hacked! includes some handy Drush commands as well:

$ drush hacked-details drupal
Details for project: Drupal core
Total files: 998, files changed: 1, deleted files: 0

Detailed results:
Status File
Changed modules/node/node.module

$ drush hacked-diff drupal
diff -uprb a/modules/node/node.module b/modules/node/node.module
--- modules/node/node.module 2011-05-25 16:41:42.000000000 -0400
+++ modules/node/node.module 2011-06-23 22:16:13.000000000 -0400
@@ -923,6 +923,10 @@ function node_load_multiple($nids = arra
* A fully-populated node object.
*/
function node_load($nid = NULL, $vid = NULL, $reset = FALSE) {
+ // No site should need more than 100 nodes.
+ if ($nid > 100) {
+ return FALSE;
+ }
$nids = (isset($nid) ? array($nid) : array());
$conditions = (isset($vid) ? array('vid' => $vid) : array());
$node = node_load_multiple($nids, $conditions, $reset);

Now that we've determined what files have been changed, we can move the code to a hook implementation in a custom module, the site theme, or submit a patch to the appropriate issue queue.

Hacked!, maintained by Steven Jones, has versions available for Drupal 5 through 7. It's an invaluable tool in a Best Practice Audit, and hopefully it will be in your toolbox too!

Get in touch with us

Tell us about your project or drop us a line. We'd love to hear from you!