inc/infoutils.php

   1 <?php
   2 /**
   3  * Information and debugging functions
   4  *
   5  * @license    GPL 2 (http://www.gnu.org/licenses/gpl.html)
   6  * @author     Andreas Gohr <andi@splitbrain.org>
   7  */
   8 if(!defined('DOKU_INC')) die('meh.');
   9 if(!defined('DOKU_MESSAGEURL')) define('DOKU_MESSAGEURL','http://update.dokuwiki.org/check/');
  10 require_once(DOKU_INC.'inc/HTTPClient.php');
  11
  12 /**
  13  * Check for new messages from upstream
  14  *
  15  * @author Andreas Gohr <andi@splitbrain.org>
  16  */
  17 function checkUpdateMessages(){
  18     global $conf;
  19     global $INFO;
  20     if(!$conf['updatecheck']) return;
  21     if($conf['useacl'] && !$INFO['ismanager']) return;
  22
  23     $cf = $conf['cachedir'].'/messages.txt';
  24     $lm = @filemtime($cf);
  25
  26     // check if new messages needs to be fetched
  27     if($lm < time()-(60*60*24) || $lm < @filemtime(DOKU_CONF.'msg')){
  28         $num = @file(DOKU_CONF.'msg');
  29         $num = is_array($num) ? (int) $num[0] : 0;
  30         $http = new DokuHTTPClient();
  31         $http->timeout = 8;
  32         $data = $http->get(DOKU_MESSAGEURL.$num);
  33         io_saveFile($cf,$data);
  34     }else{
  35         $data = io_readFile($cf);
  36     }
  37
  38     // show messages through the usual message mechanism
  39     $msgs = explode("\n%\n",$data);
  40     foreach($msgs as $msg){
  41         if($msg) msg($msg,2);
  42     }
  43 }
  44
  45
  46 /**
  47  * Return DokuWikis version
  48  *
  49  * @author Andreas Gohr <andi@splitbrain.org>
  50  */
  51 function getVersion(){
  52   //import version string
  53   if(@file_exists(DOKU_INC.'VERSION')){
  54     //official release
  55     return 'Release '.trim(io_readfile(DOKU_INC.'VERSION'));
  56   }elseif(is_dir(DOKU_INC.'_darcs')){
  57     //darcs checkout - read last 2000 bytes of inventory
  58     $sz   = filesize(DOKU_INC.'_darcs/inventory');
  59     $seek = max(0,$sz-2000);
  60     $fh   = fopen(DOKU_INC.'_darcs/inventory','rb');
  61     fseek($fh,$seek);
  62     $chunk = fread($fh,2000);
  63     fclose($fh);
  64     $inv = preg_grep('#\*\*\d{14}[\]$]#',explode("\n",$chunk));
  65     $cur = array_pop($inv);
  66     preg_match('#\*\*(\d{4})(\d{2})(\d{2})#',$cur,$matches);
  67     return 'Darcs '.$matches[1].'-'.$matches[2].'-'.$matches[3];
  68   }else{
  69     return 'snapshot?';
  70   }
  71 }
  72
  73 /**
  74  * Run a few sanity checks
  75  *
  76  * @author Andreas Gohr <andi@splitbrain.org>
  77  */
  78 function check(){
  79   global $conf;
  80   global $INFO;
  81
  82   msg('DokuWiki version: '.getVersion(),1);
  83
  84   if(version_compare(phpversion(),'5.0.0','<')){
  85     msg('Your PHP version is too old ('.phpversion().' vs. 5.0.0+ recommended)',-1);
  86   }else{
  87     msg('PHP version '.phpversion(),1);
  88   }
  89
  90   $mem = (int) php_to_byte(ini_get('memory_limit'));
  91   if($mem){
  92     if($mem < 16777216){
  93         msg('PHP is limited to less than 16MB RAM ('.$mem.' bytes). Increase memory_limit in php.ini',-1);
  94     }elseif($mem < 20971520){
  95         msg('PHP is limited to less than 20MB RAM ('.$mem.' bytes), you might encounter problems with bigger pages. Increase memory_limit in php.ini',-1);
  96     }elseif($mem < 33554432){
  97         msg('PHP is limited to less than 32MB RAM ('.$mem.' bytes), but that should be enough in most cases. If not, increase memory_limit in php.ini',0);
  98     }else{
  99         msg('More than 32MB RAM ('.$mem.' bytes) available.',1);
 100     }
 101   }
 102
 103
 104   if(is_writable($conf['changelog'])){
 105     msg('Changelog is writable',1);
 106   }else{
 107     if (@file_exists($conf['changelog'])) {
 108       msg('Changelog is not writable',-1);
 109     }
 110   }
 111
 112   if (isset($conf['changelog_old']) && @file_exists($conf['changelog_old'])) {
 113     msg('Old changelog exists', 0);
 114   }
 115
 116   if (@file_exists($conf['changelog'].'_failed')) {
 117     msg('Importing old changelog failed', -1);
 118   } else if (@file_exists($conf['changelog'].'_importing')) {
 119     msg('Importing old changelog now.', 0);
 120   } else if (@file_exists($conf['changelog'].'_import_ok')) {
 121     msg('Old changelog imported', 1);
 122     if (!plugin_isdisabled('importoldchangelog')) {
 123       msg('Importoldchangelog plugin not disabled after import', -1);
 124     }
 125   }
 126
 127   if(is_writable($conf['datadir'])){
 128     msg('Datadir is writable',1);
 129   }else{
 130     msg('Datadir is not writable',-1);
 131   }
 132
 133   if(is_writable($conf['olddir'])){
 134     msg('Attic is writable',1);
 135   }else{
 136     msg('Attic is not writable',-1);
 137   }
 138
 139   if(is_writable($conf['mediadir'])){
 140     msg('Mediadir is writable',1);
 141   }else{
 142     msg('Mediadir is not writable',-1);
 143   }
 144
 145   if(is_writable($conf['cachedir'])){
 146     msg('Cachedir is writable',1);
 147   }else{
 148     msg('Cachedir is not writable',-1);
 149   }
 150
 151   if(is_writable($conf['lockdir'])){
 152     msg('Lockdir is writable',1);
 153   }else{
 154     msg('Lockdir is not writable',-1);
 155   }
 156
 157   if($conf['authtype'] == 'plain'){
 158     if(is_writable(DOKU_CONF.'users.auth.php')){
 159       msg('conf/users.auth.php is writable',1);
 160     }else{
 161       msg('conf/users.auth.php is not writable',0);
 162     }
 163   }
 164
 165   if(function_exists('mb_strpos')){
 166     if(defined('UTF8_NOMBSTRING')){
 167       msg('mb_string extension is available but will not be used',0);
 168     }else{
 169       msg('mb_string extension is available and will be used',1);
 170       if(ini_get('mbstring.func_overload') != 0){
 171         msg('mb_string function overloading is enabled, this will cause problems and should be disabled',-1);
 172       }
 173     }
 174   }else{
 175     msg('mb_string extension not available - PHP only replacements will be used',0);
 176   }
 177
 178   if($conf['allowdebug']){
 179     msg('Debugging support is enabled. If you don\'t need it you should set $conf[\'allowdebug\'] = 0',-1);
 180   }else{
 181     msg('Debugging support is disabled',1);
 182   }
 183
 184   if($INFO['userinfo']['name']){
 185     msg('You are currently logged in as '.$_SERVER['REMOTE_USER'].' ('.$INFO['userinfo']['name'].')',0);
 186     msg('You are part of the groups '.join($INFO['userinfo']['grps'],', '),0);
 187   }else{
 188     msg('You are currently not logged in',0);
 189   }
 190
 191   msg('Your current permission for this page is '.$INFO['perm'],0);
 192
 193   if(is_writable($INFO['filepath'])){
 194     msg('The current page is writable by the webserver',0);
 195   }else{
 196     msg('The current page is not writable by the webserver',0);
 197   }
 198
 199   if($INFO['writable']){
 200     msg('The current page is writable by you',0);
 201   }else{
 202     msg('The current page is not writable by you',0);
 203   }
 204
 205   require_once(DOKU_INC.'inc/HTTPClient.php');
 206   $check = wl('','',true).'data/_dummy';
 207   $http = new DokuHTTPClient();
 208   $http->timeout = 6;
 209   $res = $http->get($check);
 210   if(strpos($res,'data directory') !== false){
 211     msg('It seems like the data directory is accessible from the web.
 212          Make sure this directory is properly protected
 213          (See <a href="http://www.dokuwiki.org/security">security</a>)',-1);
 214   }elseif($http->status == 404 || $http->status == 403){
 215     msg('The data directory seems to be properly protected',1);
 216   }else{
 217     msg('Failed to check if the data directory is accessible from the web.
 218          Make sure this directory is properly protected
 219          (See <a href="http://www.dokuwiki.org/security">security</a>)',-1);
 220   }
 221 }
 222
 223 /**
 224  * print a message
 225  *
 226  * If HTTP headers were not sent yet the message is added
 227  * to the global message array else it's printed directly
 228  * using html_msgarea()
 229  *
 230  *
 231  * Levels can be:
 232  *
 233  * -1 error
 234  *  0 info
 235  *  1 success
 236  *
 237  * @author Andreas Gohr <andi@splitbrain.org>
 238  * @see    html_msgarea
 239  */
 240 function msg($message,$lvl=0,$line='',$file=''){
 241   global $MSG;
 242   $errors[-1] = 'error';
 243   $errors[0]  = 'info';
 244   $errors[1]  = 'success';
 245   $errors[2]  = 'notify';
 246
 247   if($line || $file) $message.=' ['.basename($file).':'.$line.']';
 248
 249   if(!headers_sent()){
 250     if(!isset($MSG)) $MSG = array();
 251     $MSG[]=array('lvl' => $errors[$lvl], 'msg' => $message);
 252   }else{
 253     $MSG = array();
 254     $MSG[]=array('lvl' => $errors[$lvl], 'msg' => $message);
 255     if(function_exists('html_msgarea')){
 256       html_msgarea();
 257     }else{
 258       print "ERROR($lvl) $message";
 259     }
 260   }
 261 }
 262
 263 /**
 264  * print debug messages
 265  *
 266  * little function to print the content of a var
 267  *
 268  * @author Andreas Gohr <andi@splitbrain.org>
 269  */
 270 function dbg($msg,$hidden=false){
 271   (!$hidden) ? print '<pre class="dbg">' : print "<!--\n";
 272   print_r($msg);
 273   (!$hidden) ? print '</pre>' : print "\n-->";
 274 }
 275
 276 /**
 277  * Print info to a log file
 278  *
 279  * @author Andreas Gohr <andi@splitbrain.org>
 280  */
 281 function dbglog($msg,$header=''){
 282   global $conf;
 283   if(is_object($msg) || is_array($msg)){
 284     $msg = print_r($msg,true);
 285   }
 286
 287   if($header) $msg = "$header\n$msg";
 288
 289   $file = $conf['cachedir'].'/debug.log';
 290   $fh = fopen($file,'a');
 291   if($fh){
 292     fwrite($fh,date('H:i:s ').$_SERVER['REMOTE_ADDR'].': '.$msg."\n");
 293     fclose($fh);
 294   }
 295 }
 296
 297 /**
 298  * Print a reversed, prettyprinted backtrace
 299  *
 300  * @author Gary Owen <gary_owen@bigfoot.com>
 301  */
 302 function dbg_backtrace(){
 303   // Get backtrace
 304   $backtrace = debug_backtrace();
 305
 306   // Unset call to debug_print_backtrace
 307   array_shift($backtrace);
 308
 309   // Iterate backtrace
 310   $calls = array();
 311   $depth = count($backtrace) - 1;
 312   foreach ($backtrace as $i => $call) {
 313     $location = $call['file'] . ':' . $call['line'];
 314     $function = (isset($call['class'])) ?
 315     $call['class'] . $call['type'] . $call['function'] : $call['function'];
 316
 317     $params = array();
 318     if (isset($call['args'])){
 319         foreach($call['args'] as $arg){
 320             if(is_object($arg)){
 321                 $params[] = '[Object '.get_class($arg).']';
 322             }elseif(is_array($arg)){
 323                 $params[] = '[Array]';
 324             }elseif(is_null($arg)){
 325                 $param[] = '[NULL]';
 326             }else{
 327                 $params[] = (string) '"'.$arg.'"';
 328             }
 329         }
 330     }
 331     $params = implode(', ',$params);
 332
 333     $calls[$depth - $i] = sprintf('%s(%s) called at %s',
 334                           $function,
 335                           str_replace("\n", '\n', $params),
 336                           $location);
 337   }
 338   ksort($calls);
 339
 340   return implode("\n", $calls);
 341 }
 342
 343 /**
 344  * Remove all data from an array where the key seems to point to sensitive data
 345  *
 346  * This is used to remove passwords, mail addresses and similar data from the
 347  * debug output
 348  *
 349  * @author Andreas Gohr <andi@splitbrain.org>
 350  */
 351 function debug_guard(&$data){
 352     foreach($data as $key => $value){
 353         if(preg_match('/(notify|pass|auth|secret|ftp|userinfo|token|buid|mail|proxy)/i',$key)){
 354             $data[$key] = '***';
 355             continue;
 356         }
 357         if(is_array($value)) debug_guard($data[$key]);
 358     }
 359 }