php-e107/e107_admin/phpinfo.php

<?php
/*
 * e107 website system
 *
 * Copyright (C) 2008-2009 e107 Inc (e107.org)
 * Released under the terms and conditions of the
 * GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
 *
 */

require_once(__DIR__.'/../class2.php');

if(!getperms("0"))
{
	e107::redirect('admin');
    exit;
}

e107::coreLan('phpinfo', true);

$e_sub_cat = 'phpinfo';
require_once("auth.php");

ob_start();
phpinfo();
$phpinfo = ob_get_contents();

$phpinfo = preg_replace("#^.*<body>#is", "", $phpinfo);
$phpinfo = str_replace("font","span",$phpinfo);
$phpinfo = str_replace("</body></html>","",$phpinfo);
$phpinfo = str_replace('border="0"','',$phpinfo);
//$phpinfo = str_replace('<table ','<table class="table table-striped adminlist" ',$phpinfo);
$phpinfo = str_replace('name=','id=',$phpinfo);
$phpinfo = str_replace('class="e"','class="forumheader2 text-left"',$phpinfo);
$phpinfo = str_replace('class="v"','class="forumheader3 text-left"',$phpinfo);
$phpinfo = str_replace('class="v"','class="forumheader3 text-left"',$phpinfo);
$phpinfo = str_replace('class="h"','class="fcaption"',$phpinfo);
$phpinfo = preg_replace('/<table[^>]*>/i', '<table class="table table-striped adminlist"><colgroup><col style="width:30%" /><col style="width:auto" /></colgroup>', $phpinfo);


$mes = e107::getMessage();

$extensionCheck = array(
			'curl'      => array('label'=> 'Curl Library',          'status' => function_exists('curl_version'),        'url'=> 'http://php.net/manual/en/book.curl.php'),
			'exif'      => array('label'=> "EXIF Extension",        'status' => function_exists('exif_imagetype'),      'url'=> 'http://php.net/manual/en/book.exif.php'),
			'fileinfo'  => array('label'=> "FileInfo. Extension",   'status' => extension_loaded('fileinfo'),      'url'=> 'https://www.php.net/manual/en/book.fileinfo'),
			'gd'        => array('label'=> 'GD Library',            'status' => function_exists('gd_info'),             'url'=> 'http://php.net/manual/en/book.image.php'),
			'mb'        => array('label'=> 'MB String Library',     'status' => extension_loaded('mbstring'),       'url'=> 'http://php.net/manual/en/book.mbstring.php'),
			'pdo'       => array('label'=> "PDO (MySQL)",           'status' => extension_loaded('pdo_mysql'),          'url'=> 'https://php.net/manual/en/book.pdo.php'),
			'xml'       => array('label'=> "XML Extension",         'status' => function_exists('utf8_encode') && class_exists('DOMDocument', false),  'url'=> 'http://php.net/manual/en/ref.xml.php'),
);

$languages = e107::getLanguage()->installed('abbr');

if(isset($languages['en']))
{
	unset($languages['en']);
}

if(!empty($languages)) // non-english languages present.
{
	$extensionCheck['intl'] = array('label'=> 'Internationalization Functions',      'status' => extension_loaded('intl'),        'url'=> 'https://www.php.net/manual/en/book.intl.php');
}


foreach($extensionCheck as $var)
{
	if($var['status'] !== true)
	{
		$erTitle    = deftrue('PHP_LAN_7', "PHP Configuration Issue(s) Found:");
		$def        = deftrue('PHP_LAN_8', "[x] is missing from the PHP configuration and needs to be installed.");
		$message    = e107::getParser()->lanVars($def,$var['label'],true);

		$mes->setIcon('fa-hand-stop-o', E_MESSAGE_ERROR)->setTitle($erTitle,E_MESSAGE_ERROR)->addError($message." <a class='alert-link' href='".$var['url']."' target='_blank' title=\"".$var['url']."\">".ADMIN_INFO_ICON."</a> ");

	}

}


$security_risks = array(
    "allow_url_fopen"   => PHP_LAN_1,
    "allow_url_include" => PHP_LAN_2,
    "display_errors"    => PHP_LAN_3,
    "expose_php"        => PHP_LAN_4,
    "register_globals"  => PHP_LAN_5
    );

    foreach($security_risks as $risk=>$diz)
    {
        if(ini_get($risk))
        {
            $srch = '<tr><td class="forumheader2 text-left">'.$risk.'</td><td class="forumheader3">';
            $repl = '<tr><td class="forumheader2 text-left">'.$risk.'</td><td  title="'.e107::getParser()->toAttribute($diz).'" class="forumheader3 alert alert-danger">';
            $phpinfo = str_replace($srch,$repl,$phpinfo);   
            $mes->addWarning("<b>".$risk."</b>: ".$diz);
        }   
    }

	$sessionSaveMethod = ini_get('session.save_handler');

	if($sessionSavePath = ini_get('session.save_path'))
	{
		if(!is_writable($sessionSavePath) && $sessionSaveMethod === 'files')
		{
			$mes->addError(e107::getParser()->toHTML(PHP_LAN_6, true));	
		}
	}


// $phpinfo = preg_replace("#^.*<body>#is", "", $phpinfo);
ob_end_clean();


if(deftrue('e_DEBUG'))
{
	$mes->addDebug("Session ID: ".session_id());
}

e107::getRender()->tablerender("PHPInfo", $mes->render(). $phpinfo);
require_once("footer.php");
new module creation 2006-12-02 04:36:16 +00:00			`<?php`
			`/*`
charset and badchars 2009-11-12 14:30:07 +00:00			`* e107 website system`
			`*`
Fix copyright info. 2009-11-18 01:06:08 +00:00			`* Copyright (C) 2008-2009 e107 Inc (e107.org)`
charset and badchars 2009-11-12 14:30:07 +00:00			`* Released under the terms and conditions of the`
			`* GNU General Public License (http://www.gnu.org/licenses/gpl.txt)`
			`*`
			`*/`

Test admin scripts are parsing correctly. 2021-01-16 13:32:35 -08:00			`require_once(__DIR__.'/../class2.php');`
Update methods to load LAN files in Admin Area (fingers crossed there are no typo's...) 2017-01-17 01:33:03 +01:00
			`if(!getperms("0"))`
Header location cleanup. From now, please use e107::redirect(); to redirect to the home page, or e107::redirect('admin'); to redirect to the admin start page or e107::redirect($url); 2016-01-13 19:17:37 -08:00			`{`
			`e107::redirect('admin');`
Php Info styling 2013-02-28 14:27:01 -08:00			`exit;`
new module creation 2006-12-02 04:36:16 +00:00			`}`
Update phpinfo.php 2017-02-20 15:01:09 +01:00
			`e107::coreLan('phpinfo', true);`

new module creation 2006-12-02 04:36:16 +00:00			`$e_sub_cat = 'phpinfo';`
			`require_once("auth.php");`
Php Info styling 2013-02-28 14:27:01 -08:00
new module creation 2006-12-02 04:36:16 +00:00			`ob_start();`
			`phpinfo();`
Issue #1356 - PHP 7 auto-detection in mysql class. PHPInfo formatting. 2016-02-16 15:14:56 -08:00			`$phpinfo = ob_get_contents();`

new module creation 2006-12-02 04:36:16 +00:00			`$phpinfo = preg_replace("#^.*<body>#is", "", $phpinfo);`
Php Info styling 2013-02-28 14:27:01 -08:00			`$phpinfo = str_replace("font","span",$phpinfo);`
			`$phpinfo = str_replace("</body></html>","",$phpinfo);`
			`$phpinfo = str_replace('border="0"','',$phpinfo);`
Issue #1138 - PHPInfo page fixes. 2015-07-16 14:02:32 -07:00			`//$phpinfo = str_replace('<table ','<table class="table table-striped adminlist" ',$phpinfo);`
Php Info styling 2013-02-28 14:27:01 -08:00			`$phpinfo = str_replace('name=','id=',$phpinfo);`
Issue #1138 - PHPInfo page fixes. 2015-07-16 14:02:32 -07:00			`$phpinfo = str_replace('class="e"','class="forumheader2 text-left"',$phpinfo);`
			`$phpinfo = str_replace('class="v"','class="forumheader3 text-left"',$phpinfo);`
			`$phpinfo = str_replace('class="v"','class="forumheader3 text-left"',$phpinfo);`
Php Info styling 2013-02-28 14:27:01 -08:00			`$phpinfo = str_replace('class="h"','class="fcaption"',$phpinfo);`
Issue #1356 - PHP 7 auto-detection in mysql class. PHPInfo formatting. 2016-02-16 15:14:56 -08:00			`$phpinfo = preg_replace('/<table[^>]*>/i', '<table class="table table-striped adminlist"><colgroup><col style="width:30%" /><col style="width:auto" /></colgroup>', $phpinfo);`

Php Info styling 2013-02-28 14:27:01 -08:00
			`$mes = e107::getMessage();`

A PHP module check (similar to the one during installation) has been added to the PHPInfo page to quickly detect any missing modules after one migrates e107 to another PHP configuration. 2020-06-24 14:35:49 -07:00			`$extensionCheck = array(`
Fix for long text in Admin control panel. Check for missing intl extension when non-English languages in use and display alert on PHPInfo page when missing. 2021-12-01 11:59:49 -08:00			`'curl' => array('label'=> 'Curl Library', 'status' => function_exists('curl_version'), 'url'=> 'http://php.net/manual/en/book.curl.php'),`
			`'exif' => array('label'=> "EXIF Extension", 'status' => function_exists('exif_imagetype'), 'url'=> 'http://php.net/manual/en/book.exif.php'),`
			`'fileinfo' => array('label'=> "FileInfo. Extension", 'status' => extension_loaded('fileinfo'), 'url'=> 'https://www.php.net/manual/en/book.fileinfo'),`
			`'gd' => array('label'=> 'GD Library', 'status' => function_exists('gd_info'), 'url'=> 'http://php.net/manual/en/book.image.php'),`
			`'mb' => array('label'=> 'MB String Library', 'status' => extension_loaded('mbstring'), 'url'=> 'http://php.net/manual/en/book.mbstring.php'),`
			`'pdo' => array('label'=> "PDO (MySQL)", 'status' => extension_loaded('pdo_mysql'), 'url'=> 'https://php.net/manual/en/book.pdo.php'),`
			`'xml' => array('label'=> "XML Extension", 'status' => function_exists('utf8_encode') && class_exists('DOMDocument', false), 'url'=> 'http://php.net/manual/en/ref.xml.php'),`
A PHP module check (similar to the one during installation) has been added to the PHPInfo page to quickly detect any missing modules after one migrates e107 to another PHP configuration. 2020-06-24 14:35:49 -07:00			`);`

Fix for long text in Admin control panel. Check for missing intl extension when non-English languages in use and display alert on PHPInfo page when missing. 2021-12-01 11:59:49 -08:00			`$languages = e107::getLanguage()->installed('abbr');`
Added check for FileInfo extension 2021-02-12 14:32:20 -08:00
Fix for long text in Admin control panel. Check for missing intl extension when non-English languages in use and display alert on PHPInfo page when missing. 2021-12-01 11:59:49 -08:00			`if(isset($languages['en']))`
			`{`
			`unset($languages['en']);`
			`}`

			`if(!empty($languages)) // non-english languages present.`
			`{`
			`$extensionCheck['intl'] = array('label'=> 'Internationalization Functions', 'status' => extension_loaded('intl'), 'url'=> 'https://www.php.net/manual/en/book.intl.php');`
			`}`
Added check for FileInfo extension 2021-02-12 14:32:20 -08:00

A PHP module check (similar to the one during installation) has been added to the PHPInfo page to quickly detect any missing modules after one migrates e107 to another PHP configuration. 2020-06-24 14:35:49 -07:00			`foreach($extensionCheck as $var)`
			`{`
			`if($var['status'] !== true)`
			`{`
			`$erTitle = deftrue('PHP_LAN_7', "PHP Configuration Issue(s) Found:");`
Added check for FileInfo extension 2021-02-12 14:32:20 -08:00			`$def = deftrue('PHP_LAN_8', "[x] is missing from the PHP configuration and needs to be installed.");`
Code cleanup. Removal of deprecated utf8 classes. 2020-12-08 07:29:17 -08:00			`$message = e107::getParser()->lanVars($def,$var['label'],true);`
A PHP module check (similar to the one during installation) has been added to the PHPInfo page to quickly detect any missing modules after one migrates e107 to another PHP configuration. 2020-06-24 14:35:49 -07:00
			`$mes->setIcon('fa-hand-stop-o', E_MESSAGE_ERROR)->setTitle($erTitle,E_MESSAGE_ERROR)->addError($message." <a class='alert-link' href='".$var['url']."' target='_blank' title=\"".$var['url']."\">".ADMIN_INFO_ICON."</a> ");`

			`}`

			`}`



Php Info styling 2013-02-28 14:27:01 -08:00			`$security_risks = array(`
Update phpinfo.php 2017-02-20 15:01:09 +01:00			`"allow_url_fopen" => PHP_LAN_1,`
			`"allow_url_include" => PHP_LAN_2,`
			`"display_errors" => PHP_LAN_3,`
			`"expose_php" => PHP_LAN_4,`
			`"register_globals" => PHP_LAN_5`
Php Info styling 2013-02-28 14:27:01 -08:00			`);`

			`foreach($security_risks as $risk=>$diz)`
			`{`
			`if(ini_get($risk))`
			`{`
Issue #1138 - PHPInfo page fixes. 2015-07-16 14:02:32 -07:00			`$srch = '<tr><td class="forumheader2 text-left">'.$risk.'</td><td class="forumheader3">';`
Code cleanup. Removal of deprecated utf8 classes. 2020-12-08 07:29:17 -08:00			`$repl = '<tr><td class="forumheader2 text-left">'.$risk.'</td><td title="'.e107::getParser()->toAttribute($diz).'" class="forumheader3 alert alert-danger">';`
Php Info styling 2013-02-28 14:27:01 -08:00			`$phpinfo = str_replace($srch,$repl,$phpinfo);`
			`$mes->addWarning("<b>".$risk."</b>: ".$diz);`
			`}`
			`}`
Issue #1245, #1523 Possible fix for servers using memcache as a session handler. 2017-01-12 12:06:25 -08:00
			`$sessionSaveMethod = ini_get('session.save_handler');`

Issue #368 - added a message to the PHPInfo page if session save path is not writable. 2013-06-01 02:53:06 -07:00			`if($sessionSavePath = ini_get('session.save_path'))`
			`{`
Issue #1245, #1523 Possible fix for servers using memcache as a session handler. 2017-01-12 12:06:25 -08:00			`if(!is_writable($sessionSavePath) && $sessionSaveMethod === 'files')`
Issue #368 - added a message to the PHPInfo page if session save path is not writable. 2013-06-01 02:53:06 -07:00			`{`
Update phpinfo.php 2017-02-22 09:43:10 +01:00			`$mes->addError(e107::getParser()->toHTML(PHP_LAN_6, true));`
Issue #368 - added a message to the PHPInfo page if session save path is not writable. 2013-06-01 02:53:06 -07:00			`}`
			`}`
Php Info styling 2013-02-28 14:27:01 -08:00

			`// $phpinfo = preg_replace("#^.*<body>#is", "", $phpinfo);`
new module creation 2006-12-02 04:36:16 +00:00			`ob_end_clean();`
Issues #1254 #1208 #1211 #1245 Option to define the session.save_path (relative to e107's root directory) in e107_config.php: define('SESSION_SAVE_PATH','relative-path-to-folder'); example: define('SESSION_SAVE_PATH','../_sessions/'); Use the PHPInfo page in the admin area to check it has worked. Will only work if the path to the folder exists. session.hash_function is now set to sha512 by default when the security level is BALANCED or higher. 2015-11-30 14:30:37 -08:00

A PHP module check (similar to the one during installation) has been added to the PHPInfo page to quickly detect any missing modules after one migrates e107 to another PHP configuration. 2020-06-24 14:35:49 -07:00
Issues #1254 #1208 #1211 #1245 Option to define the session.save_path (relative to e107's root directory) in e107_config.php: define('SESSION_SAVE_PATH','relative-path-to-folder'); example: define('SESSION_SAVE_PATH','../_sessions/'); Use the PHPInfo page in the admin area to check it has worked. Will only work if the path to the folder exists. session.hash_function is now set to sha512 by default when the security level is BALANCED or higher. 2015-11-30 14:30:37 -08:00			`if(deftrue('e_DEBUG'))`
			`{`
			`$mes->addDebug("Session ID: ".session_id());`
			`}`

Code cleanup. Removal of deprecated utf8 classes. 2020-12-08 07:29:17 -08:00			`e107::getRender()->tablerender("PHPInfo", $mes->render(). $phpinfo);`
new module creation 2006-12-02 04:36:16 +00:00			`require_once("footer.php");`
A PHP module check (similar to the one during installation) has been added to the PHPInfo page to quickly detect any missing modules after one migrates e107 to another PHP configuration. 2020-06-24 14:35:49 -07:00