ManageServer.php 38 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108
  1. <?php
  2. /**
  3. * Contains all the functionality required to be able to edit the core server
  4. * settings. This includes anything from which an error may result in the forum
  5. * destroying itself in a firey fury.
  6. *
  7. * Adding options to one of the setting screens isn't hard. Call prepareDBSettingsContext;
  8. * The basic format for a checkbox is:
  9. * array('check', 'nameInModSettingsAndSQL'),
  10. * And for a text box:
  11. * array('text', 'nameInModSettingsAndSQL')
  12. * (NOTE: You have to add an entry for this at the bottom!)
  13. *
  14. * In these cases, it will look for $txt['nameInModSettingsAndSQL'] as the description,
  15. * and $helptxt['nameInModSettingsAndSQL'] as the help popup description.
  16. *
  17. * Here's a quick explanation of how to add a new item:
  18. *
  19. * - A text input box. For textual values.
  20. * array('text', 'nameInModSettingsAndSQL', 'OptionalInputBoxWidth'),
  21. * - A text input box. For numerical values.
  22. * array('int', 'nameInModSettingsAndSQL', 'OptionalInputBoxWidth'),
  23. * - A text input box. For floating point values.
  24. * array('float', 'nameInModSettingsAndSQL', 'OptionalInputBoxWidth'),
  25. * - A large text input box. Used for textual values spanning multiple lines.
  26. * array('large_text', 'nameInModSettingsAndSQL', 'OptionalNumberOfRows'),
  27. * - A check box. Either one or zero. (boolean)
  28. * array('check', 'nameInModSettingsAndSQL'),
  29. * - A selection box. Used for the selection of something from a list.
  30. * array('select', 'nameInModSettingsAndSQL', array('valueForSQL' => $txt['displayedValue'])),
  31. * Note that just saying array('first', 'second') will put 0 in the SQL for 'first'.
  32. * - A password input box. Used for passwords, no less!
  33. * array('password', 'nameInModSettingsAndSQL', 'OptionalInputBoxWidth'),
  34. * - A permission - for picking groups who have a permission.
  35. * array('permissions', 'manage_groups'),
  36. * - A BBC selection box.
  37. * array('bbc', 'sig_bbc'),
  38. * - A list of boards to choose from
  39. * array('boards', 'likes_boards'),
  40. * Note that the storage in the database is as 1,2,3,4
  41. *
  42. * For each option:
  43. * - type (see above), variable name, size/possible values.
  44. * OR make type '' for an empty string for a horizontal rule.
  45. * - SET preinput - to put some HTML prior to the input box.
  46. * - SET postinput - to put some HTML following the input box.
  47. * - SET invalid - to mark the data as invalid.
  48. * - PLUS you can override label and help parameters by forcing their keys in the array, for example:
  49. * array('text', 'invalidlabel', 3, 'label' => 'Actual Label')
  50. *
  51. * Simple Machines Forum (SMF)
  52. *
  53. * @package SMF
  54. * @author Simple Machines http://www.simplemachines.org
  55. * @copyright 2013 Simple Machines and individual contributors
  56. * @license http://www.simplemachines.org/about/smf/license.php BSD
  57. *
  58. * @version 2.1 Alpha 1
  59. */
  60. if (!defined('SMF'))
  61. die('No direct access...');
  62. /**
  63. * This is the main dispatcher. Sets up all the available sub-actions, all the tabs and selects
  64. * the appropriate one based on the sub-action.
  65. *
  66. * Requires the admin_forum permission.
  67. * Redirects to the appropriate function based on the sub-action.
  68. *
  69. * @uses edit_settings adminIndex.
  70. */
  71. function ModifySettings()
  72. {
  73. global $context, $txt, $scripturl, $boarddir;
  74. // This is just to keep the database password more secure.
  75. isAllowedTo('admin_forum');
  76. // Load up all the tabs...
  77. $context[$context['admin_menu_name']]['tab_data'] = array(
  78. 'title' => $txt['admin_server_settings'],
  79. 'help' => 'serversettings',
  80. 'description' => $txt['admin_basic_settings'],
  81. );
  82. checkSession('request');
  83. // The settings are in here, I swear!
  84. loadLanguage('ManageSettings');
  85. $context['page_title'] = $txt['admin_server_settings'];
  86. $context['sub_template'] = 'show_settings';
  87. $subActions = array(
  88. 'general' => 'ModifyGeneralSettings',
  89. 'database' => 'ModifyDatabaseSettings',
  90. 'cookie' => 'ModifyCookieSettings',
  91. 'security' => 'ModifyGeneralSecuritySettings',
  92. 'cache' => 'ModifyCacheSettings',
  93. 'loads' => 'ModifyLoadBalancingSettings',
  94. 'phpinfo' => 'ShowPHPinfoSettings',
  95. );
  96. call_integration_hook('integrate_server_settings', array(&$subActions));
  97. // By default we're editing the core settings
  98. $_REQUEST['sa'] = isset($_REQUEST['sa']) && isset($subActions[$_REQUEST['sa']]) ? $_REQUEST['sa'] : 'general';
  99. $context['sub_action'] = $_REQUEST['sa'];
  100. // Any messages to speak of?
  101. $context['settings_message'] = (isset($_REQUEST['msg']) && isset($txt[$_REQUEST['msg']])) ? $txt[$_REQUEST['msg']] : '';
  102. // Warn the user if there's any relevant information regarding Settings.php.
  103. if ($_REQUEST['sa'] != 'cache')
  104. {
  105. // Warn the user if the backup of Settings.php failed.
  106. $settings_not_writable = !is_writable($boarddir . '/Settings.php');
  107. $settings_backup_fail = !@is_writable($boarddir . '/Settings_bak.php') || !@copy($boarddir . '/Settings.php', $boarddir . '/Settings_bak.php');
  108. if ($settings_not_writable)
  109. $context['settings_message'] = '<div class="centertext"><strong>' . $txt['settings_not_writable'] . '</strong></div><br />';
  110. elseif ($settings_backup_fail)
  111. $context['settings_message'] = '<div class="centertext"><strong>' . $txt['admin_backup_fail'] . '</strong></div><br />';
  112. $context['settings_not_writable'] = $settings_not_writable;
  113. }
  114. // Call the right function for this sub-action.
  115. $subActions[$_REQUEST['sa']]();
  116. }
  117. /**
  118. * General forum settings - forum name, maintenance mode, etc.
  119. * Practically, this shows an interface for the settings in Settings.php to be changed.
  120. *
  121. * - It uses the rawdata sub template (not theme-able.)
  122. * - Requires the admin_forum permission.
  123. * - Uses the edit_settings administration area.
  124. * - Contains the actual array of settings to show from Settings.php.
  125. * - Accessed from ?action=admin;area=serversettings;sa=general.
  126. *
  127. * @param $return_config
  128. */
  129. function ModifyGeneralSettings($return_config = false)
  130. {
  131. global $scripturl, $context, $txt;
  132. /* If you're writing a mod, it's a bad idea to add things here....
  133. For each option:
  134. variable name, description, type (constant), size/possible values, helptext.
  135. OR an empty string for a horizontal rule.
  136. OR a string for a titled section. */
  137. $config_vars = array(
  138. array('mbname', $txt['admin_title'], 'file', 'text', 30),
  139. '',
  140. array('maintenance', $txt['admin_maintain'], 'file', 'check'),
  141. array('mtitle', $txt['maintenance_subject'], 'file', 'text', 36),
  142. array('mmessage', $txt['maintenance_message'], 'file', 'text', 36),
  143. '',
  144. array('webmaster_email', $txt['admin_webmaster_email'], 'file', 'text', 30),
  145. '',
  146. array('enableCompressedOutput', $txt['enableCompressedOutput'], 'db', 'check', null, 'enableCompressedOutput'),
  147. array('disableTemplateEval', $txt['disableTemplateEval'], 'db', 'check', null, 'disableTemplateEval'),
  148. array('disableHostnameLookup', $txt['disableHostnameLookup'], 'db', 'check', null, 'disableHostnameLookup'),
  149. );
  150. call_integration_hook('integrate_general_settings', array(&$config_vars));
  151. if ($return_config)
  152. return $config_vars;
  153. // Setup the template stuff.
  154. $context['post_url'] = $scripturl . '?action=admin;area=serversettings;sa=general;save';
  155. $context['settings_title'] = $txt['general_settings'];
  156. // Saving settings?
  157. if (isset($_REQUEST['save']))
  158. {
  159. call_integration_hook('integrate_save_general_settings');
  160. saveSettings($config_vars);
  161. redirectexit('action=admin;area=serversettings;sa=general;' . $context['session_var'] . '=' . $context['session_id']. ';msg=' . (!empty($context['settings_message']) ? $context['settings_message'] : 'core_settings_saved'));
  162. }
  163. // Fill the config array.
  164. prepareServerSettingsContext($config_vars);
  165. }
  166. /**
  167. * Basic database and paths settings - database name, host, etc.
  168. *
  169. * - It shows an interface for the settings in Settings.php to be changed.
  170. * - It contains the actual array of settings to show from Settings.php.
  171. * - It uses the rawdata sub template (not theme-able.)
  172. * - Requires the admin_forum permission.
  173. * - Uses the edit_settings administration area.
  174. * - Accessed from ?action=admin;area=serversettings;sa=database.
  175. *
  176. * @param $return_config
  177. */
  178. function ModifyDatabaseSettings($return_config = false)
  179. {
  180. global $scripturl, $context, $settings, $txt, $boarddir;
  181. /* If you're writing a mod, it's a bad idea to add things here....
  182. For each option:
  183. variable name, description, type (constant), size/possible values, helptext.
  184. OR an empty string for a horizontal rule.
  185. OR a string for a titled section. */
  186. $config_vars = array(
  187. array('db_persist', $txt['db_persist'], 'file', 'check', null, 'db_persist'),
  188. array('db_error_send', $txt['db_error_send'], 'file', 'check'),
  189. array('ssi_db_user', $txt['ssi_db_user'], 'file', 'text', null, 'ssi_db_user'),
  190. array('ssi_db_passwd', $txt['ssi_db_passwd'], 'file', 'password'),
  191. '',
  192. array('autoFixDatabase', $txt['autoFixDatabase'], 'db', 'check', false, 'autoFixDatabase'),
  193. array('autoOptMaxOnline', $txt['autoOptMaxOnline'], 'subtext' => $txt['zero_for_no_limit'], 'db', 'int'),
  194. '',
  195. array('cachedir', $txt['cachedir'], 'file', 'text', 36),
  196. );
  197. call_integration_hook('integrate_database_settings', array(&$config_vars));
  198. if ($return_config)
  199. return $config_vars;
  200. // Setup the template stuff.
  201. $context['post_url'] = $scripturl . '?action=admin;area=serversettings;sa=database;save';
  202. $context['settings_title'] = $txt['database_paths_settings'];
  203. $context['save_disabled'] = $context['settings_not_writable'];
  204. // Saving settings?
  205. if (isset($_REQUEST['save']))
  206. {
  207. call_integration_hook('integrate_save_database_settings');
  208. saveSettings($config_vars);
  209. redirectexit('action=admin;area=serversettings;sa=database;' . $context['session_var'] . '=' . $context['session_id'] . ';msg=' . (!empty($context['settings_message']) ? $context['settings_message'] : 'core_settings_saved'));
  210. }
  211. // Fill the config array.
  212. prepareServerSettingsContext($config_vars);
  213. }
  214. /**
  215. * This function handles cookies settings modifications.
  216. *
  217. * @param bool $return_config = false
  218. */
  219. function ModifyCookieSettings($return_config = false)
  220. {
  221. global $context, $scripturl, $txt, $sourcedir, $modSettings, $cookiename, $user_settings, $boardurl;
  222. // Define the variables we want to edit.
  223. $config_vars = array(
  224. // Cookies...
  225. array('cookiename', $txt['cookie_name'], 'file', 'text', 20),
  226. array('cookieTime', $txt['cookieTime'], 'db', 'int', 'postinput' => $txt['minutes']),
  227. array('localCookies', $txt['localCookies'], 'db', 'check', false, 'localCookies'),
  228. array('globalCookies', $txt['globalCookies'], 'db', 'check', false, 'globalCookies'),
  229. array('globalCookiesDomain', $txt['globalCookiesDomain'], 'db', 'text', false, 'globalCookiesDomain'),
  230. array('secureCookies', $txt['secureCookies'], 'db', 'check', false, 'secureCookies', 'disabled' => !isset($_SERVER['HTTPS']) || !(strtolower($_SERVER['HTTPS']) == 'on' || strtolower($_SERVER['HTTPS']) == '1')),
  231. array('httponlyCookies', $txt['httponlyCookies'], 'db', 'check', false, 'httponlyCookies'),
  232. '',
  233. // Sessions
  234. array('databaseSession_enable', $txt['databaseSession_enable'], 'db', 'check', false, 'databaseSession_enable'),
  235. array('databaseSession_loose', $txt['databaseSession_loose'], 'db', 'check', false, 'databaseSession_loose'),
  236. array('databaseSession_lifetime', $txt['databaseSession_lifetime'], 'db', 'int', false, 'databaseSession_lifetime', 'postinput' => $txt['seconds']),
  237. );
  238. addInlineJavascript('
  239. function hideGlobalCookies()
  240. {
  241. var usingLocal = $("#localCookies").prop("checked");
  242. $("#setting_globalCookies").closest("dt").toggle(!usingLocal);
  243. $("#globalCookies").closest("dd").toggle(!usingLocal);
  244. var usingGlobal = !usingLocal && $("#globalCookies").prop("checked");
  245. $("#setting_globalCookiesDomain").closest("dt").toggle(usingGlobal);
  246. $("#globalCookiesDomain").closest("dd").toggle(usingGlobal);
  247. };
  248. hideGlobalCookies();
  249. $("#localCookies, #globalCookies").click(function() {
  250. hideGlobalCookies();
  251. });', true);
  252. call_integration_hook('integrate_cookie_settings', array(&$config_vars));
  253. if ($return_config)
  254. return $config_vars;
  255. $context['post_url'] = $scripturl . '?action=admin;area=serversettings;sa=cookie;save';
  256. $context['settings_title'] = $txt['cookies_sessions_settings'];
  257. // Saving settings?
  258. if (isset($_REQUEST['save']))
  259. {
  260. call_integration_hook('integrate_save_cookie_settings');
  261. // Local and global do not play nicely together.
  262. if (!empty($_POST['localCookies']) && empty($_POST['globalCookies']))
  263. unset ($_POST['globalCookies']);
  264. if (!empty($_POST['globalCookiesDomain']) && strpos($boardurl, $_POST['globalCookiesDomain']) === false)
  265. fatal_lang_error('invalid_cookie_domain', false);
  266. saveSettings($config_vars);
  267. // If the cookie name was changed, reset the cookie.
  268. if ($cookiename != $_POST['cookiename'])
  269. {
  270. $original_session_id = $context['session_id'];
  271. include_once($sourcedir . '/Subs-Auth.php');
  272. // Remove the old cookie.
  273. setLoginCookie(-3600, 0);
  274. // Set the new one.
  275. $cookiename = $_POST['cookiename'];
  276. setLoginCookie(60 * $modSettings['cookieTime'], $user_settings['id_member'], sha1($user_settings['passwd'] . $user_settings['password_salt']));
  277. redirectexit('action=admin;area=serversettings;sa=cookie;' . $context['session_var'] . '=' . $original_session_id, $context['server']['needs_login_fix']);
  278. }
  279. redirectexit('action=admin;area=serversettings;sa=cookie;' . $context['session_var'] . '=' . $context['session_id']. ';msg=' . (!empty($context['settings_message']) ? $context['settings_message'] : 'core_settings_saved'));
  280. }
  281. // Fill the config array.
  282. prepareServerSettingsContext($config_vars);
  283. }
  284. /**
  285. * Settings really associated with general security aspects.
  286. *
  287. * @param $return_config
  288. */
  289. function ModifyGeneralSecuritySettings($return_config = false)
  290. {
  291. global $txt, $scripturl, $context, $settings, $sc, $modSettings;
  292. $config_vars = array(
  293. array('check', 'make_email_viewable'),
  294. '',
  295. array('int', 'failed_login_threshold'),
  296. array('int', 'loginHistoryDays'),
  297. '',
  298. array('check', 'securityDisable'),
  299. array('check', 'securityDisable_moderate'),
  300. '',
  301. // Reactive on email, and approve on delete
  302. array('check', 'send_validation_onChange'),
  303. array('check', 'approveAccountDeletion'),
  304. '',
  305. // Password strength.
  306. array('select', 'password_strength', array($txt['setting_password_strength_low'], $txt['setting_password_strength_medium'], $txt['setting_password_strength_high'])),
  307. array('check', 'enable_password_conversion'),
  308. '',
  309. // Reporting of personal messages?
  310. array('check', 'enableReportPM'),
  311. '',
  312. array('select', 'frame_security', array('SAMEORIGIN' => $txt['setting_frame_security_SAMEORIGIN'], 'DENY' => $txt['setting_frame_security_DENY'], 'DISABLE' => $txt['setting_frame_security_DISABLE'])),
  313. );
  314. call_integration_hook('integrate_general_security_settings', array(&$config_vars));
  315. if ($return_config)
  316. return $config_vars;
  317. // Saving?
  318. if (isset($_GET['save']))
  319. {
  320. saveDBSettings($config_vars);
  321. call_integration_hook('integrate_save_general_security_settings');
  322. writeLog();
  323. redirectexit('action=admin;area=serversettings;sa=security;' . $context['session_var'] . '=' . $context['session_id']);
  324. }
  325. $context['post_url'] = $scripturl . '?action=admin;area=serversettings;save;sa=security';
  326. $context['settings_title'] = $txt['security_settings'];
  327. prepareDBSettingContext($config_vars);
  328. }
  329. /**
  330. * Simply modifying cache functions
  331. *
  332. * @param bool $return_config = false
  333. */
  334. function ModifyCacheSettings($return_config = false)
  335. {
  336. global $context, $scripturl, $txt, $helptxt, $cache_enable;
  337. // Detect all available optimizers
  338. $detected = array();
  339. if (function_exists('eaccelerator_put'))
  340. $detected['eaccelerator'] = $txt['eAccelerator_cache'];
  341. if (function_exists('mmcache_put'))
  342. $detected['mmcache'] = $txt['mmcache_cache'];
  343. if (function_exists('apc_store'))
  344. $detected['apc'] = $txt['apc_cache'];
  345. if (function_exists('output_cache_put') || function_exists('zend_shm_cache_store'))
  346. $detected['zend'] = $txt['zend_cache'];
  347. if (function_exists('memcache_set') || function_exists('memcached_set'))
  348. $detected['memcached'] = $txt['memcached_cache'];
  349. if (function_exists('xcache_set'))
  350. $detected['xcache'] = $txt['xcache_cache'];
  351. if (function_exists('file_put_contents'))
  352. $detected['smf'] = $txt['default_cache'];
  353. // set our values to show what, if anything, we found
  354. if (empty($detected))
  355. {
  356. $txt['cache_settings_message'] = $txt['detected_no_caching'];
  357. $cache_level = array($txt['cache_off']);
  358. $detected['none'] = $txt['cache_off'];
  359. }
  360. else
  361. {
  362. $txt['cache_settings_message'] = sprintf($txt['detected_accelerators'], implode(', ', $detected));
  363. $cache_level = array($txt['cache_off'], $txt['cache_level1'], $txt['cache_level2'], $txt['cache_level3']);
  364. }
  365. // Define the variables we want to edit.
  366. $config_vars = array(
  367. // Only a few settings, but they are important
  368. array('', $txt['cache_settings_message'], '', 'desc'),
  369. array('cache_enable', $txt['cache_enable'], 'file', 'select', $cache_level, 'cache_enable'),
  370. array('cache_accelerator', $txt['cache_accelerator'], 'file', 'select', $detected),
  371. array('cache_memcached', $txt['cache_memcached'], 'file', 'text', $txt['cache_memcached'], 'cache_memcached'),
  372. array('cachedir', $txt['cachedir'], 'file', 'text', 36, 'cache_cachedir'),
  373. );
  374. // some javascript to enable / disable certain settings if the option is not selected
  375. $context['settings_post_javascript'] = '
  376. var cache_type = document.getElementById(\'cache_accelerator\');
  377. createEventListener(cache_type);
  378. cache_type.addEventListener("change", toggleCache);
  379. toggleCache();';
  380. call_integration_hook('integrate_modify_cache_settings', array(&$config_vars));
  381. if ($return_config)
  382. return $config_vars;
  383. // Saving again?
  384. if (isset($_GET['save']))
  385. {
  386. call_integration_hook('integrate_save_cache_settings');
  387. saveSettings($config_vars);
  388. // we need to save the $cache_enable to $modSettings as well
  389. updatesettings(array('cache_enable' => (int) $_POST['cache_enable']));
  390. // exit so we reload our new settings on the page
  391. redirectexit('action=admin;area=serversettings;sa=cache;' . $context['session_var'] . '=' . $context['session_id']);
  392. }
  393. loadLanguage('ManageMaintenance');
  394. createToken('admin-maint');
  395. $context['template_layers'][] = 'clean_cache_button';
  396. $context['post_url'] = $scripturl . '?action=admin;area=serversettings;sa=cache;save';
  397. $context['settings_title'] = $txt['caching_settings'];
  398. $context['settings_message'] = $txt['caching_information'];
  399. // Prepare the template.
  400. createToken('admin-ssc');
  401. prepareServerSettingsContext($config_vars);
  402. }
  403. /**
  404. * Allows to edit load balancing settings.
  405. *
  406. * @param bool $return_config = false
  407. */
  408. function ModifyLoadBalancingSettings($return_config = false)
  409. {
  410. global $txt, $scripturl, $context, $settings, $modSettings;
  411. // Setup a warning message, but disabled by default.
  412. $disabled = true;
  413. $context['settings_message'] = $txt['loadavg_disabled_conf'];
  414. if (stripos(PHP_OS, 'win') === 0)
  415. $context['settings_message'] = $txt['loadavg_disabled_windows'];
  416. else
  417. {
  418. $modSettings['load_average'] = @file_get_contents('/proc/loadavg');
  419. if (!empty($modSettings['load_average']) && preg_match('~^([^ ]+?) ([^ ]+?) ([^ ]+)~', $modSettings['load_average'], $matches) !== 0)
  420. $modSettings['load_average'] = (float) $matches[1];
  421. elseif (($modSettings['load_average'] = @`uptime`) !== null && preg_match('~load averages?: (\d+\.\d+), (\d+\.\d+), (\d+\.\d+)~i', $modSettings['load_average'], $matches) !== 0)
  422. $modSettings['load_average'] = (float) $matches[1];
  423. else
  424. unset($modSettings['load_average']);
  425. if (!empty($modSettings['load_average']))
  426. {
  427. $context['settings_message'] = sprintf($txt['loadavg_warning'], $modSettings['load_average']);
  428. $disabled = false;
  429. }
  430. }
  431. // Start with a simple checkbox.
  432. $config_vars = array(
  433. array('check', 'loadavg_enable', 'disabled' => $disabled),
  434. );
  435. // Set the default values for each option.
  436. $default_values = array(
  437. 'loadavg_auto_opt' => '1.0',
  438. 'loadavg_search' => '2.5',
  439. 'loadavg_allunread' => '2.0',
  440. 'loadavg_unreadreplies' => '3.5',
  441. 'loadavg_show_posts' => '2.0',
  442. 'loadavg_userstats' => '10.0',
  443. 'loadavg_bbc' => '30.0',
  444. 'loadavg_forum' => '40.0',
  445. );
  446. // Loop through the settings.
  447. foreach ($default_values as $name => $value)
  448. {
  449. // Use the default value if the setting isn't set yet.
  450. $value = !isset($modSettings[$name]) ? $value : $modSettings[$name];
  451. $config_vars[] = array('text', $name, 'value' => $value, 'disabled' => $disabled);
  452. }
  453. call_integration_hook('integrate_loadavg_settings', array(&$config_vars));
  454. if ($return_config)
  455. return $config_vars;
  456. $context['post_url'] = $scripturl . '?action=admin;area=serversettings;sa=loads;save';
  457. $context['settings_title'] = $txt['load_balancing_settings'];
  458. // Saving?
  459. if (isset($_GET['save']))
  460. {
  461. // Stupidity is not allowed.
  462. foreach ($_POST as $key => $value)
  463. {
  464. if (strpos($key, 'loadavg') === 0 || $key === 'loadavg_enable')
  465. continue;
  466. elseif ($key == 'loadavg_auto_opt' && $value <= 1)
  467. $_POST['loadavg_auto_opt'] = '1.0';
  468. elseif ($key == 'loadavg_forum' && $value < 10)
  469. $_POST['loadavg_forum'] = '10.0';
  470. elseif ($value < 2)
  471. $_POST[$key] = '2.0';
  472. }
  473. call_integration_hook('integrate_save_loadavg_settings');
  474. saveDBSettings($config_vars);
  475. redirectexit('action=admin;area=serversettings;sa=loads;' . $context['session_var'] . '=' . $context['session_id']);
  476. }
  477. createToken('admin-ssc');
  478. createToken('admin-dbsc');
  479. prepareDBSettingContext($config_vars);
  480. }
  481. /**
  482. * Helper function, it sets up the context for the manage server settings.
  483. * - The basic usage of the six numbered key fields are
  484. * - array (0 ,1, 2, 3, 4, 5
  485. * 0 variable name - the name of the saved variable
  486. * 1 label - the text to show on the settings page
  487. * 2 saveto - file or db, where to save the variable name - value pair
  488. * 3 type - type of data to save, int, float, text, check
  489. * 4 size - false or field size
  490. * 5 help - '' or helptxt variable name
  491. * )
  492. *
  493. * the following named keys are also permitted
  494. * 'disabled' => 'postinput' => 'preinput' =>
  495. *
  496. * @param array $config_vars
  497. */
  498. function prepareServerSettingsContext(&$config_vars)
  499. {
  500. global $context, $modSettings, $smcFunc;
  501. $context['config_vars'] = array();
  502. foreach ($config_vars as $identifier => $config_var)
  503. {
  504. if (!is_array($config_var) || !isset($config_var[1]))
  505. $context['config_vars'][] = $config_var;
  506. else
  507. {
  508. $varname = $config_var[0];
  509. global $$varname;
  510. // Set the subtext in case it's part of the label.
  511. // @todo Temporary. Preventing divs inside label tags.
  512. $divPos = strpos($config_var[1], '<div');
  513. $subtext = '';
  514. if ($divPos !== false)
  515. {
  516. $subtext = preg_replace('~</?div[^>]*>~', '', substr($config_var[1], $divPos));
  517. $config_var[1] = substr($config_var[1], 0, $divPos);
  518. }
  519. $context['config_vars'][$config_var[0]] = array(
  520. 'label' => $config_var[1],
  521. 'help' => isset($config_var[5]) ? $config_var[5] : '',
  522. 'type' => $config_var[3],
  523. 'size' => empty($config_var[4]) ? 0 : $config_var[4],
  524. 'data' => isset($config_var[4]) && is_array($config_var[4]) && $config_var[3] != 'select' ? $config_var[4] : array(),
  525. 'name' => $config_var[0],
  526. 'value' => $config_var[2] == 'file' ? $smcFunc['htmlspecialchars']($$varname) : (isset($modSettings[$config_var[0]]) ? $smcFunc['htmlspecialchars']($modSettings[$config_var[0]]) : (in_array($config_var[3], array('int', 'float')) ? 0 : '')),
  527. 'disabled' => !empty($context['settings_not_writable']) || !empty($config_var['disabled']),
  528. 'invalid' => false,
  529. 'subtext' => !empty($config_var['subtext']) ? $config_var['subtext'] : $subtext,
  530. 'javascript' => '',
  531. 'preinput' => !empty($config_var['preinput']) ? $config_var['preinput'] : '',
  532. 'postinput' => !empty($config_var['postinput']) ? $config_var['postinput'] : '',
  533. );
  534. // If this is a select box handle any data.
  535. if (!empty($config_var[4]) && is_array($config_var[4]))
  536. {
  537. // If it's associative
  538. $config_values = array_values($config_var[4]);
  539. if (isset($config_values[0]) && is_array($config_values[0]))
  540. $context['config_vars'][$config_var[0]]['data'] = $config_var[4];
  541. else
  542. {
  543. foreach ($config_var[4] as $key => $item)
  544. $context['config_vars'][$config_var[0]]['data'][] = array($key, $item);
  545. }
  546. }
  547. }
  548. }
  549. // Two tokens because saving these settings requires both saveSettings and saveDBSettings
  550. createToken('admin-ssc');
  551. createToken('admin-dbsc');
  552. }
  553. /**
  554. * Helper function, it sets up the context for database settings.
  555. * @todo see rev. 10406 from 2.1-requests
  556. *
  557. * @param array $config_vars
  558. */
  559. function prepareDBSettingContext(&$config_vars)
  560. {
  561. global $txt, $helptxt, $context, $modSettings, $sourcedir, $smcFunc;
  562. loadLanguage('Help');
  563. $context['config_vars'] = array();
  564. $inlinePermissions = array();
  565. $bbcChoice = array();
  566. $board_list = false;
  567. foreach ($config_vars as $config_var)
  568. {
  569. // HR?
  570. if (!is_array($config_var))
  571. $context['config_vars'][] = $config_var;
  572. else
  573. {
  574. // If it has no name it doesn't have any purpose!
  575. if (empty($config_var[1]))
  576. continue;
  577. // Special case for inline permissions
  578. if ($config_var[0] == 'permissions' && allowedTo('manage_permissions'))
  579. $inlinePermissions[] = $config_var[1];
  580. elseif ($config_var[0] == 'permissions')
  581. continue;
  582. if ($config_var[0] == 'boards')
  583. $board_list = true;
  584. // Are we showing the BBC selection box?
  585. if ($config_var[0] == 'bbc')
  586. $bbcChoice[] = $config_var[1];
  587. // We need to do some parsing of the value before we pass it in.
  588. if (isset($modSettings[$config_var[1]]))
  589. {
  590. switch ($config_var[0])
  591. {
  592. case 'select':
  593. $value = $modSettings[$config_var[1]];
  594. break;
  595. case 'boards':
  596. $value = explode(',', $modSettings[$config_var[1]]);
  597. break;
  598. default:
  599. $value = $smcFunc['htmlspecialchars']($modSettings[$config_var[1]]);
  600. }
  601. }
  602. else
  603. {
  604. // Darn, it's empty. What type is expected?
  605. switch ($config_var[0])
  606. {
  607. case 'int':
  608. case 'float':
  609. $value = 0;
  610. break;
  611. case 'select':
  612. $value = !empty($config_var['multiple']) ? serialize(array()) : '';
  613. break;
  614. case 'boards':
  615. $value = array();
  616. break;
  617. default:
  618. $value = '';
  619. }
  620. }
  621. $context['config_vars'][$config_var[1]] = array(
  622. 'label' => isset($config_var['text_label']) ? $config_var['text_label'] : (isset($txt[$config_var[1]]) ? $txt[$config_var[1]] : (isset($config_var[3]) && !is_array($config_var[3]) ? $config_var[3] : '')),
  623. 'help' => isset($helptxt[$config_var[1]]) ? $config_var[1] : '',
  624. 'type' => $config_var[0],
  625. 'size' => !empty($config_var[2]) && !is_array($config_var[2]) ? $config_var[2] : (in_array($config_var[0], array('int', 'float')) ? 6 : 0),
  626. 'data' => array(),
  627. 'name' => $config_var[1],
  628. 'value' => $value,
  629. 'disabled' => false,
  630. 'invalid' => !empty($config_var['invalid']),
  631. 'javascript' => '',
  632. 'var_message' => !empty($config_var['message']) && isset($txt[$config_var['message']]) ? $txt[$config_var['message']] : '',
  633. 'preinput' => isset($config_var['preinput']) ? $config_var['preinput'] : '',
  634. 'postinput' => isset($config_var['postinput']) ? $config_var['postinput'] : '',
  635. );
  636. // If this is a select box handle any data.
  637. if (!empty($config_var[2]) && is_array($config_var[2]))
  638. {
  639. // If we allow multiple selections, we need to adjust a few things.
  640. if ($config_var[0] == 'select' && !empty($config_var['multiple']))
  641. {
  642. $context['config_vars'][$config_var[1]]['name'] .= '[]';
  643. $context['config_vars'][$config_var[1]]['value'] = unserialize($context['config_vars'][$config_var[1]]['value']);
  644. }
  645. // If it's associative
  646. if (isset($config_var[2][0]) && is_array($config_var[2][0]))
  647. $context['config_vars'][$config_var[1]]['data'] = $config_var[2];
  648. else
  649. {
  650. foreach ($config_var[2] as $key => $item)
  651. $context['config_vars'][$config_var[1]]['data'][] = array($key, $item);
  652. }
  653. }
  654. // Finally allow overrides - and some final cleanups.
  655. foreach ($config_var as $k => $v)
  656. {
  657. if (!is_numeric($k))
  658. {
  659. if (substr($k, 0, 2) == 'on')
  660. $context['config_vars'][$config_var[1]]['javascript'] .= ' ' . $k . '="' . $v . '"';
  661. else
  662. $context['config_vars'][$config_var[1]][$k] = $v;
  663. }
  664. // See if there are any other labels that might fit?
  665. if (isset($txt['setting_' . $config_var[1]]))
  666. $context['config_vars'][$config_var[1]]['label'] = $txt['setting_' . $config_var[1]];
  667. elseif (isset($txt['groups_' . $config_var[1]]))
  668. $context['config_vars'][$config_var[1]]['label'] = $txt['groups_' . $config_var[1]];
  669. }
  670. // Set the subtext in case it's part of the label.
  671. // @todo Temporary. Preventing divs inside label tags.
  672. $divPos = strpos($context['config_vars'][$config_var[1]]['label'], '<div');
  673. if ($divPos !== false)
  674. {
  675. $context['config_vars'][$config_var[1]]['subtext'] = preg_replace('~</?div[^>]*>~', '', substr($context['config_vars'][$config_var[1]]['label'], $divPos));
  676. $context['config_vars'][$config_var[1]]['label'] = substr($context['config_vars'][$config_var[1]]['label'], 0, $divPos);
  677. }
  678. }
  679. }
  680. // If we have inline permissions we need to prep them.
  681. if (!empty($inlinePermissions) && allowedTo('manage_permissions'))
  682. {
  683. require_once($sourcedir . '/ManagePermissions.php');
  684. init_inline_permissions($inlinePermissions, isset($context['permissions_excluded']) ? $context['permissions_excluded'] : array());
  685. }
  686. if ($board_list)
  687. {
  688. require_once($sourcedir . '/Subs-MessageIndex.php');
  689. $context['board_list'] = getBoardList();
  690. }
  691. // What about any BBC selection boxes?
  692. if (!empty($bbcChoice))
  693. {
  694. // What are the options, eh?
  695. $temp = parse_bbc(false);
  696. $bbcTags = array();
  697. foreach ($temp as $tag)
  698. $bbcTags[] = $tag['tag'];
  699. $bbcTags = array_unique($bbcTags);
  700. $totalTags = count($bbcTags);
  701. // The number of columns we want to show the BBC tags in.
  702. $numColumns = isset($context['num_bbc_columns']) ? $context['num_bbc_columns'] : 3;
  703. // Start working out the context stuff.
  704. $context['bbc_columns'] = array();
  705. $tagsPerColumn = ceil($totalTags / $numColumns);
  706. $col = 0; $i = 0;
  707. foreach ($bbcTags as $tag)
  708. {
  709. if ($i % $tagsPerColumn == 0 && $i != 0)
  710. $col++;
  711. $context['bbc_columns'][$col][] = array(
  712. 'tag' => $tag,
  713. // @todo 'tag_' . ?
  714. 'show_help' => isset($helptxt[$tag]),
  715. );
  716. $i++;
  717. }
  718. // Now put whatever BBC options we may have into context too!
  719. $context['bbc_sections'] = array();
  720. foreach ($bbcChoice as $bbc)
  721. {
  722. $context['bbc_sections'][$bbc] = array(
  723. 'title' => isset($txt['bbc_title_' . $bbc]) ? $txt['bbc_title_' . $bbc] : $txt['bbcTagsToUse_select'],
  724. 'disabled' => empty($modSettings['bbc_disabled_' . $bbc]) ? array() : $modSettings['bbc_disabled_' . $bbc],
  725. 'all_selected' => empty($modSettings['bbc_disabled_' . $bbc]),
  726. );
  727. }
  728. }
  729. call_integration_hook('integrate_prepare_db_settings', array(&$config_vars));
  730. createToken('admin-dbsc');
  731. }
  732. /**
  733. * Helper function. Saves settings by putting them in Settings.php or saving them in the settings table.
  734. *
  735. * - Saves those settings set from ?action=admin;area=serversettings.
  736. * - Requires the admin_forum permission.
  737. * - Contains arrays of the types of data to save into Settings.php.
  738. *
  739. * @param $config_vars
  740. */
  741. function saveSettings(&$config_vars)
  742. {
  743. global $boarddir, $sc, $cookiename, $modSettings, $user_settings;
  744. global $sourcedir, $context, $cachedir;
  745. validateToken('admin-ssc');
  746. // Fix the darn stupid cookiename! (more may not be allowed, but these for sure!)
  747. if (isset($_POST['cookiename']))
  748. $_POST['cookiename'] = preg_replace('~[,;\s\.$]+~' . ($context['utf8'] ? 'u' : ''), '', $_POST['cookiename']);
  749. // Fix the forum's URL if necessary.
  750. if (isset($_POST['boardurl']))
  751. {
  752. if (substr($_POST['boardurl'], -10) == '/index.php')
  753. $_POST['boardurl'] = substr($_POST['boardurl'], 0, -10);
  754. elseif (substr($_POST['boardurl'], -1) == '/')
  755. $_POST['boardurl'] = substr($_POST['boardurl'], 0, -1);
  756. if (substr($_POST['boardurl'], 0, 7) != 'http://' && substr($_POST['boardurl'], 0, 7) != 'file://' && substr($_POST['boardurl'], 0, 8) != 'https://')
  757. $_POST['boardurl'] = 'http://' . $_POST['boardurl'];
  758. }
  759. // Any passwords?
  760. $config_passwords = array(
  761. 'db_passwd',
  762. 'ssi_db_passwd',
  763. );
  764. // All the strings to write.
  765. $config_strs = array(
  766. 'mtitle', 'mmessage',
  767. 'language', 'mbname', 'boardurl',
  768. 'cookiename',
  769. 'webmaster_email',
  770. 'db_name', 'db_user', 'db_server', 'db_prefix', 'ssi_db_user',
  771. 'boarddir', 'sourcedir',
  772. 'cachedir', 'cache_accelerator', 'cache_memcached',
  773. );
  774. // All the numeric variables.
  775. $config_ints = array(
  776. 'cache_enable',
  777. );
  778. // All the checkboxes.
  779. $config_bools = array(
  780. 'db_persist', 'db_error_send',
  781. 'maintenance',
  782. );
  783. // Now sort everything into a big array, and figure out arrays and etc.
  784. $new_settings = array();
  785. foreach ($config_passwords as $config_var)
  786. {
  787. if (isset($_POST[$config_var][1]) && $_POST[$config_var][0] == $_POST[$config_var][1])
  788. $new_settings[$config_var] = '\'' . addcslashes($_POST[$config_var][0], '\'\\') . '\'';
  789. }
  790. foreach ($config_strs as $config_var)
  791. {
  792. if (isset($_POST[$config_var]))
  793. $new_settings[$config_var] = '\'' . addcslashes($_POST[$config_var], '\'\\') . '\'';
  794. }
  795. foreach ($config_ints as $config_var)
  796. {
  797. if (isset($_POST[$config_var]))
  798. $new_settings[$config_var] = (int) $_POST[$config_var];
  799. }
  800. foreach ($config_bools as $key)
  801. {
  802. if (!empty($_POST[$key]))
  803. $new_settings[$key] = '1';
  804. else
  805. $new_settings[$key] = '0';
  806. }
  807. // Save the relevant settings in the Settings.php file.
  808. require_once($sourcedir . '/Subs-Admin.php');
  809. updateSettingsFile($new_settings);
  810. // Now loop through the remaining (database-based) settings.
  811. $new_settings = array();
  812. foreach ($config_vars as $config_var)
  813. {
  814. // We just saved the file-based settings, so skip their definitions.
  815. if (!is_array($config_var) || $config_var[2] == 'file')
  816. continue;
  817. // Rewrite the definition a bit.
  818. $new_settings[] = array($config_var[3], $config_var[0]);
  819. }
  820. // Save the new database-based settings, if any.
  821. if (!empty($new_settings))
  822. saveDBSettings($new_settings);
  823. }
  824. /**
  825. * Helper function for saving database settings.
  826. * @todo see rev. 10406 from 2.1-requests
  827. *
  828. * @param array $config_vars
  829. */
  830. function saveDBSettings(&$config_vars)
  831. {
  832. global $sourcedir, $context, $smcFunc;
  833. static $board_list = null;
  834. validateToken('admin-dbsc');
  835. $inlinePermissions = array();
  836. foreach ($config_vars as $var)
  837. {
  838. if (!isset($var[1]) || (!isset($_POST[$var[1]]) && $var[0] != 'check' && $var[0] != 'permissions' && ($var[0] != 'bbc' || !isset($_POST[$var[1] . '_enabledTags']))))
  839. continue;
  840. // Checkboxes!
  841. elseif ($var[0] == 'check')
  842. $setArray[$var[1]] = !empty($_POST[$var[1]]) ? '1' : '0';
  843. // Select boxes!
  844. elseif ($var[0] == 'select' && in_array($_POST[$var[1]], array_keys($var[2])))
  845. $setArray[$var[1]] = $_POST[$var[1]];
  846. elseif ($var[0] == 'select' && !empty($var['multiple']) && array_intersect($_POST[$var[1]], array_keys($var[2])) != array())
  847. {
  848. // For security purposes we validate this line by line.
  849. $options = array();
  850. foreach ($_POST[$var[1]] as $invar)
  851. if (in_array($invar, array_keys($var[2])))
  852. $options[] = $invar;
  853. $setArray[$var[1]] = serialize($options);
  854. }
  855. // List of boards!
  856. elseif ($var[0] == 'boards')
  857. {
  858. // We just need a simple list of valid boards, nothing more.
  859. if ($board_list === null)
  860. {
  861. $board_list = array();
  862. $request = $smcFunc['db_query']('', '
  863. SELECT id_board
  864. FROM {db_prefix}boards');
  865. while ($row = $smcFunc['db_fetch_row']($request))
  866. $board_list[$row[0]] = true;
  867. $smcFunc['db_free_result']($request);
  868. }
  869. $options = array();
  870. foreach ($_POST[$var[1]] as $invar => $dummy)
  871. if (isset($board_list[$invar]))
  872. $options[] = $invar;
  873. $setArray[$var[1]] = implode(',', $options);
  874. }
  875. // Integers!
  876. elseif ($var[0] == 'int')
  877. $setArray[$var[1]] = (int) $_POST[$var[1]];
  878. // Floating point!
  879. elseif ($var[0] == 'float')
  880. $setArray[$var[1]] = (float) $_POST[$var[1]];
  881. // Text!
  882. elseif ($var[0] == 'text' || $var[0] == 'large_text')
  883. $setArray[$var[1]] = $_POST[$var[1]];
  884. // Passwords!
  885. elseif ($var[0] == 'password')
  886. {
  887. if (isset($_POST[$var[1]][1]) && $_POST[$var[1]][0] == $_POST[$var[1]][1])
  888. $setArray[$var[1]] = $_POST[$var[1]][0];
  889. }
  890. // BBC.
  891. elseif ($var[0] == 'bbc')
  892. {
  893. $bbcTags = array();
  894. foreach (parse_bbc(false) as $tag)
  895. $bbcTags[] = $tag['tag'];
  896. if (!isset($_POST[$var[1] . '_enabledTags']))
  897. $_POST[$var[1] . '_enabledTags'] = array();
  898. elseif (!is_array($_POST[$var[1] . '_enabledTags']))
  899. $_POST[$var[1] . '_enabledTags'] = array($_POST[$var[1] . '_enabledTags']);
  900. $setArray[$var[1]] = implode(',', array_diff($bbcTags, $_POST[$var[1] . '_enabledTags']));
  901. }
  902. // Permissions?
  903. elseif ($var[0] == 'permissions')
  904. $inlinePermissions[] = $var[1];
  905. }
  906. if (!empty($setArray))
  907. updateSettings($setArray);
  908. // If we have inline permissions we need to save them.
  909. if (!empty($inlinePermissions) && allowedTo('manage_permissions'))
  910. {
  911. require_once($sourcedir . '/ManagePermissions.php');
  912. save_inline_permissions($inlinePermissions);
  913. }
  914. }
  915. /**
  916. * Allows us to see the servers php settings
  917. *
  918. * - loads the settings into an array for display in a template
  919. * - drops cookie values just in case
  920. */
  921. function ShowPHPinfoSettings()
  922. {
  923. global $context, $txt;
  924. $info_lines = array();
  925. $category = $txt['phpinfo_settings'];
  926. // get the data
  927. ob_start();
  928. phpinfo();
  929. // We only want it for its body, pigs that we are
  930. $info_lines = preg_replace('~^.*<body>(.*)</body>.*$~', '$1', ob_get_contents());
  931. $info_lines = explode("\n", strip_tags($info_lines, "<tr><td><h2>"));
  932. ob_end_clean();
  933. // remove things that could be considered sensitive
  934. $remove = '_COOKIE|Cookie|_GET|_REQUEST|REQUEST_URI|QUERY_STRING|REQUEST_URL|HTTP_REFERER';
  935. // put all of it into an array
  936. foreach ($info_lines as $line)
  937. {
  938. if (preg_match('~(' . $remove . ')~', $line))
  939. continue;
  940. // new category?
  941. if (strpos($line, '<h2>') !== false)
  942. $category = preg_match('~<h2>(.*)</h2>~', $line, $title) ? $category = $title[1] : $category;
  943. // load it as setting => value or the old setting local master
  944. if (preg_match('~<tr><td[^>]+>([^<]*)</td><td[^>]+>([^<]*)</td></tr>~', $line, $val))
  945. $pinfo[$category][$val[1]] = $val[2];
  946. elseif (preg_match('~<tr><td[^>]+>([^<]*)</td><td[^>]+>([^<]*)</td><td[^>]+>([^<]*)</td></tr>~', $line, $val))
  947. $pinfo[$category][$val[1]] = array($txt['phpinfo_localsettings'] => $val[2], $txt['phpinfo_defaultsettings'] => $val[3]);
  948. }
  949. // load it in to context and display it
  950. $context['pinfo'] = $pinfo;
  951. $context['page_title'] = $txt['admin_server_settings'];
  952. $context['sub_template'] = 'php_info';
  953. return;
  954. }
  955. ?>