PageRenderTime 37ms CodeModel.GetById 8ms RepoModel.GetById 1ms app.codeStats 0ms

/control/test.php

https://github.com/agnesrambaud/yacs
PHP | 298 lines | 158 code | 50 blank | 90 comment | 52 complexity | 43ee4d53b0950fb4ac020f4ed1bda7e9 MD5 | raw file
    

  1. <?php
    2. 

  2. /**
    3. 

  3.  * display system information
    4. 

  4.  *
    5. 

  5.  * This script is aiming to troubleshoot particular situations.
    6. 

  6.  *
    7. 

  7.  * First of all, several options are offered to call it, including a bar GET, a more complex GET
    8. 

  8.  * with parameters, and also a POST.
    9. 

  9.  *
    10. 

  10.  * After that, several blocks of information are displayed:
    11. 

  11.  *
    12. 

  12.  * [*] Data sent by the user agent -- the content of [code]$_REQUEST[/code]
    13. 

  13.  *
    14. 

  14.  * [*] Arguments passed in the URL -- YACS decodes the query string and puts everything into [code]$context['arguments'][/code]
    15. 

  15.  *
    16. 

  16.  * [*] Cookies -- the content of [code]$_COOKIE[/code]
    17. 

  17.  *
    18. 

  18.  * [*] Session data -- the content of [code]$_SESSION[/code]
    19. 

  19.  *
    20. 

  20.  * [*] Session storage test -- a counter incremented at each page visit
    21. 

  21.  *
    22. 

  22.  * [*] Some YACS global variables -- including [code]$context['host_name'][/code],
    23. 

  23.  * [code]$context['url_to_home'][/code], [code]$context['url_to_root'][/code],
    24. 

  24.  * [code]$context['script_url'][/code], [code]$context['path_to_root'][/code],
    25. 

  25.  * and [code]$context['charset'][/code].
    26. 

  26.  *
    27. 

  27.  * [*] YACS version -- the content of [code]footprints.php[/code]
    28. 

  28.  *
    29. 

  29.  * [*] Run-time information (to associates only) -- the result of [code]getcwd()[/code],
    30. 

  30.  * of [code]php_sapi_name()[/code]
    31. 

  31.  *
    32. 

  32.  * [*] Server attributes -- the content of [code]$_SERVER[/code]; some attributes are masked to non-associates,
    33. 

  33.  * for example: [code]$_SERVER['COMSPEC'][/code], [code]$_SERVER['DOCUMENT_ROOT'][/code],
    34. 

  34.  * [code]$_SERVER['PATH'][/code], [code]$_SERVER['SCRIPT_FILENAME'][/code],
    35. 

  35.  * [code]$_SERVER['SystemRoot'][/code], [code]$_SERVER['WINDIR'][/code].
    36. 

  36.  *
    37. 

  37.  * [*] Time offset, as expressed by the browser, if any -- based on Javascript, and by the server -- based on PHP
    38. 

  38.  *
    39. 

  39.  * @link http://www.olate.com/articles/254 Use PHP and JavaScript to Display Local Time
    40. 

  40.  *
    41. 

  41.  * If the file [code]parameters/demo.flag[/code] exists, the script assumes that this instance
    42. 

  42.  * of YACS runs in demonstration mode, and does not provide the content
    43. 

  43.  * of [code]$_SERVER[/code].
    44. 

  44.  *
    45. 

  45.  * @author Bernard Paques
    46. 

  46.  * @author GnapZ
    47. 

  47.  * @tester Geoffroy Raimbault
    48. 

  48.  * @tester Christian Loubechine
    49. 

  49.  * @reference
    50. 

  50.  * @license http://www.gnu.org/copyleft/lesser.txt GNU Lesser General Public License
    51. 

  51.  */
    52. 

  52. 

  53. // include global declarations
    54. 

  54. include_once '../shared/global.php';
    55. 

  55. 

  56. // if it was a HEAD request, stop here
    57. 

  57. if(isset($_SERVER['REQUEST_METHOD']) && ($_SERVER['REQUEST_METHOD'] == 'HEAD'))
    58. 

  58. 	return;
    59. 

  59. 

  60. // load localized strings
    61. 

  61. i18n::bind('control');
    62. 

  62. 

  63. // stop crawlers
    64. 

  64. if(Surfer::is_crawler()) {
    65. 

  65. 	Safe::header('Status: 401 Forbidden', TRUE, 401);
    66. 

  66. 	return i18n::s('You are not allowed to perform this operation.');
    67. 

  67. }
    68. 

  68. 

  69. // no skin for this page
    70. 

  70. if(!defined('BR'))
    71. 

  71. 	define('BR', '<br>');
    72. 

  72. 

  73. // add language information, if known
    74. 

  74. if(isset($context['page_language']))
    75. 

  75. 	$language = ' xml:lang="'.$context['page_language'].'" ';
    76. 

  76. else
    77. 

  77. 	$language = '';
    78. 

  78. 

  79. // start the page
    80. 

  80. echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">'."\n"
    81. 

  81. 	.'<html '.$language.' xmlns="http://www.w3.org/1999/xhtml">'."\n"
    82. 

  82. 	.'<head>'."\n"
    83. 

  83. 	."\t".'<meta http-equiv="Content-Type" content="'.$context['content_type'].'; charset='.$context['charset'].'" />'."\n"
    84. 

  84. 	."\t".'<title>'.i18n::s('The test page').'</title>'."\n"
    85. 

  85. 	.'</head><body>'."\n";
    86. 

  86. 

  87. // the path to this page
    88. 

  88. echo '<p><a href="'.$context['url_to_root'].'control/">'.i18n::s('Control Panel')."</a></p>\n";
    89. 

  89. 

  90. // the title of the page
    91. 

  91. echo '<h1>'.i18n::s('The test page')."</h1>\n";
    92. 

  92. 

  93. // stop crawlers here
    94. 

  94. if(Surfer::is_crawler())
    95. 

  95. 	return;
    96. 

  96. 

  97. // native calls for this script
    98. 

  98. echo '<p>'.i18n::s('A more complex GET test').' <a href="'.$context['url_to_root'].'control/test.php/123/456/789?a=B">test.php/123/456/789?a=B</a></p>'."\n";
    99. 

  99. 

  100. echo '<form action="'.$context['url_to_root'].'control/test.php/123/456/789?a=B" method="post"><div>'
    101. 

  101. 	.'<button type="submit"><span>'.i18n::s('A complex POST test').'</span></button>'
    102. 

  102. 	.'<input type="hidden" name="hello" value="world">'
    103. 

  103. 	.'</div></form>'."\n";
    104. 

  104. 

  105. // rewritten call for this script
    106. 

  106. echo '<form action="'.$context['script_url'].'" method="post"><div>'
    107. 

  107. 	.'<button type="submit"><span>'.i18n::s('A self-referencing POST test').'</span></button>'
    108. 

  108. 	.'<input type="hidden" name="hello" value="world">'
    109. 

  109. 	.'</div></form>'."\n";
    110. 

  110. 

  111. // session test
    112. 

  112. if(isset($_SESSION['test_hits']))
    113. 

  113. 	$_SESSION['test_hits'] += 1;
    114. 

  114. else
    115. 

  115. 	$_SESSION['test_hits'] = 1;
    116. 

  116. echo '<p>'.sprintf(i18n::s('Session variables are stored correctly if the counter increments on page reload: %s'), $_SESSION['test_hits']).'</p>'."\n";
    117. 

  117. 

  118. // reflect data sent by the user agent
    119. 

  119. if(@count($_REQUEST)) {
    120. 

  120. 	echo '<p>'.i18n::s('Submitted request:').BR."\n";
    121. 

  121. 	foreach($_REQUEST as $name => $value)
    122. 

  122. 		echo '$_REQUEST[\''.strip_tags($name).'\']='.strip_tags($value).BR."\n";
    123. 

  123. 	echo "</p>\n";
    124. 

  124. }
    125. 

  125. 

  126. // args passed in the URL
    127. 

  127. if(@count($context['arguments'])) {
    128. 

  128. 	echo '<p>'.i18n::s('Script args:').BR."\n";
    129. 

  129. 	for($index = 0; $index < count($context['arguments']); $index++)
    130. 

  130. 		echo '$context[\'arguments\']['.$index.']='.strip_tags($context['arguments'][$index]).BR."\n";
    131. 

  131. 	echo "</p>\n";
    132. 

  132. }
    133. 

  133. 

  134. // cookies
    135. 

  135. if(@count($_COOKIE)) {
    136. 

  136. 	echo '<p>'.i18n::s('Cookies sent by the browser:').BR."\n";
    137. 

  137. 	foreach($_COOKIE as $name => $value)
    138. 

  138. 		echo '$_COOKIE[\''.strip_tags($name).'\']='.strip_tags($value).BR."\n";
    139. 

  139. 	echo "</p>\n";
    140. 

  140. }
    141. 

  141. 

  142. // session data -- this is safe, we are only reflecting data for this surfer
    143. 

  143. if(@count($_SESSION)) {
    144. 

  144. 	echo '<p>'.i18n::s('Session data:').BR."\n";
    145. 

  145. 	foreach($_SESSION as $name => $value) {
    146. 

  146. 		if(!is_array($value))
    147. 

  147. 			echo '$_SESSION[\''.$name.'\']='.$value.BR."\n";
    148. 

  148. 	}
    149. 

  149. 	echo "</p>\n";
    150. 

  150. }
    151. 

  151. 

  152. // yacs version
    153. 

  153. if(!isset($generation['version']))
    154. 

  154. 	Safe::load('footprints.php');						// initial archive
    155. 

  155. if(isset($generation['version'])) {
    156. 

  156. 	echo '<p>'.sprintf(i18n::s('YACS version %s'), $generation['version'].', '.$generation['date'].', '.$generation['server'])."</p>\n";
    157. 

  157. } else {
    158. 

  158. 	echo '<p>'.sprintf(i18n::s('YACS version %s'), '< 6.3')."</p>\n";
    159. 

  159. }
    160. 

  160. 

  161. // YACS variables
    162. 

  162. echo '<p>'.i18n::s('Global YACS variables:').BR."\n";
    163. 

  163. if($context['country'])
    164. 

  164. 	echo '$context[\'country\']='.$context['country'].BR."\n";
    165. 

  165. if($context['country_code'])
    166. 

  166. 	echo '$context[\'country_code\']='.$context['country_code'].BR."\n";
    167. 

  167. echo '$context[\'language\']='.$context['language'].BR."\n"
    168. 

  168. 	.'$context[\'host_name\']='.$context['host_name'].BR."\n"
    169. 

  169. 	.'$context[\'url_to_home\']='.$context['url_to_home'].BR."\n"
    170. 

  170. 	.'$context[\'url_to_root\']='.$context['url_to_root'].BR."\n"
    171. 

  171. 	.'$context[\'script_url\']='.$context['script_url'].BR."\n"
    172. 

  172. 	.'$context[\'self_url\']='.$context['self_url'].BR."\n"
    173. 

  173. 	.'$context[\'self_script\']='.$context['self_script'].BR."\n";
    174. 

  174. if(Surfer::is_associate()) {
    175. 

  175. 	echo '$context[\'path_to_root\']='.$context['path_to_root'].BR."\n";
    176. 

  176. 	echo '$context[\'directory_mask\']='.sprintf('0%o', $context['directory_mask']).BR."\n";
    177. 

  177. 	echo '$context[\'file_mask\']='.sprintf('0%o', $context['file_mask']).BR."\n";
    178. 

  178. 	echo '$context[\'skin\']='.$context['skin'].BR."\n";
    179. 

  179. }
    180. 

  180. echo '$context[\'charset\']='.$context['charset'].BR."\n";
    181. 

  181. 

  182. // server attributes -- not in demonstration mode
    183. 

  183. if(@count($_SERVER) && !file_exists($context['path_to_root'].'parameters/demo.flag')) {
    184. 

  184. 	echo '<p>'.i18n::s('Server attributes:').BR."\n";
    185. 

  185. 	foreach($_SERVER as $name => $value) {
    186. 

  186. 

  187. 		// protect key attributes
    188. 

  188. 		if(!Surfer::is_associate() && !preg_match('/^(HTTP_|PATH_INFO|QUERY_STRING|REMOTE_|REQUEST_|SERVER_|STATUS)/', $name))
    189. 

  189. 			continue;
    190. 

  190. 

  191. 		echo '$_SERVER[\''.$name.'\']='.$value.BR."\n";
    192. 

  192. 	}
    193. 

  193. 	echo "</p>\n";
    194. 

  194. }
    195. 

  195. 

  196. // display workstation time offset
    197. 

  197. echo JS_PREFIX
    198. 

  198. 	.'now = new Date();'."\n"
    199. 

  199. 	.'offset = (-now.getTimezoneOffset() / 60);'."\n"
    200. 

  200. 	.'document.write("<p>'.i18n::s('Browser GMT offset:').' UTC " + ((offset > 0) ? "+" : "") + offset + " '.i18n::s('hour(s)').'</p>");'."\n"
    201. 

  201. 	.JS_SUFFIX;
    202. 

  202. 

  203. // display server time offset
    204. 

  204. $offset = intval((strtotime(date('M d Y H:i:s')) - strtotime(gmdate('M d Y H:i:s'))) / 3600);
    205. 

  205. echo '<p>'.i18n::s('Server GMT offset:').' UTC '.(($offset > 0) ? "+" : "").$offset.' '.i18n::s('hour(s)').' ('.date('Y-M-d H:i:s').")</p>\n";
    206. 

  206. 

  207. // run-time information
    208. 

  208. if(Surfer::is_associate()) {
    209. 

  209. 	echo '<p>';
    210. 

  210. 

  211. 	// current directory
    212. 

  212. 	if(is_callable('getcwd'))
    213. 

  213. 		echo 'getcwd()='.getcwd().BR."\n";
    214. 

  214. 

  215. 	// PHP SAPI name
    216. 

  216. 	if(is_callable('php_sapi_name'))
    217. 

  217. 		echo 'php_sapi_name()='.php_sapi_name().BR."\n";
    218. 

  218. 

  219. 	echo "</p>\n";
    220. 

  220. }
    221. 

  221. 

  222. // do not reveal names of accounts used on server side
    223. 

  223. if(Surfer::is_associate() && !file_exists($context['path_to_root'].'parameters/demo.flag')) {
    224. 

  224. 

  225. 	// user/group of this script
    226. 

  226. 	if(is_callable('getmyuid') && (($uid = getmyuid()) !== FALSE) && is_callable('getmygid') && (($gid = getmygid()) !== FALSE)) {
    227. 

  227. 

  228. 		// describe user
    229. 

  229. 		$ulabel = $uid;
    230. 

  230. 		if(is_callable('posix_getpwuid') && (($uinfo = posix_getpwuid($uid)) !== FALSE)) {
    231. 

  231. 			if(isset($uinfo['name']))
    232. 

  232. 				$ulabel = $uinfo['name'].'['.$uid.']';
    233. 

  233. 		}
    234. 

  234. 

  235. 		// describe group and members
    236. 

  236. 		$glabel = $gid;
    237. 

  237. 		if(is_callable('posix_getgrgid') && (($ginfo = posix_getgrgid($gid)) !== FALSE)) {
    238. 

  238. 

  239. 			// group name
    240. 

  240. 			if(isset($ginfo['name']))
    241. 

  241. 				$glabel = $ginfo['name'].'['.$gid.']';
    242. 

  242. 

  243. 			// group members
    244. 

  244. 			if(isset($ginfo['members']) && is_array($ginfo['members'])) {
    245. 

  245. 				$gmembers = array();
    246. 

  246. 				foreach($ginfo['members'] as $index => $label)
    247. 

  247. 					$gmembers[] = $label;
    248. 

  248. 				if(count($gmembers))
    249. 

  249. 					$glabel .= ' ('.implode(', ', $gmembers).')';
    250. 

  250. 			}
    251. 

  251. 		}
    252. 

  252. 

  253. 		// display gathered information
    254. 

  254. 		echo '<p>'.i18n::s('user/group of this script:').' '.$ulabel.'/'.$glabel."</p>\n";
    255. 

  255. 

  256. 	} else
    257. 

  257. 		echo '<p>'.i18n::s('Impossible to retrieve user/group of this script.')."</p>\n";
    258. 

  258. 

  259. 	// user/group of this process
    260. 

  260. 	if(is_callable('posix_geteuid') && (($uid = posix_geteuid()) !== FALSE) && is_callable('posix_getgroups') && (($gids = posix_getgroups()) !== FALSE)) {
    261. 

  261. 

  262. 		// describe user
    263. 

  263. 		$ulabel = $uid;
    264. 

  264. 		if(is_callable('posix_getpwuid') && (($uinfo = posix_getpwuid($uid)) !== FALSE)) {
    265. 

  265. 			if(isset($uinfo['name']))
    266. 

  266. 				$ulabel = $uinfo['name'].'['.$uid.']';
    267. 

  267. 		}
    268. 

  268. 

  269. 		// describe groups
    270. 

  270. 		$glabel = '';
    271. 

  271. 		foreach($gids as $gid) {
    272. 

  272. 

  273. 			// group name
    274. 

  274. 			if(is_callable('posix_getgrgid') && (($ginfo = posix_getgrgid($gid)) !== FALSE) && isset($ginfo['name']))
    275. 

  275. 				$glabel .= $ginfo['name'].'['.$gid.']';
    276. 

  276. 

  277. 			else
    278. 

  278. 				$glabel .= $gid;
    279. 

  279. 

  280. 			// next one
    281. 

  281. 			$glabel .= ' ';
    282. 

  282. 

  283. 		}
    284. 

  284. 

  285. 		// display gathered information
    286. 

  286. 		echo '<p>'.i18n::s('user/group of this process:').' '.$ulabel.'/'.$glabel."</p>\n";
    287. 

  287. 

  288. 	} else
    289. 

  289. 		echo '<p>'.i18n::s('Impossible to retrieve user/group of this process.')."</p>\n";
    290. 

  290. 

  291. }
    292. 

  292. 

  293. // end of the page
    294. 

  294. echo '</body>'."\n"
    295. 

  295. 	.'</html>';
    296. 

  296. 

  297. 

  298. ?>
    299.