2
0

ManageServer.php 37 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046
  1. <?php
  2. /**
  3. * Contains all the functionality required to be able to edit the core server
  4. * settings. This includes anything from which an error may result in the forum
  5. * destroying itself in a firey fury.
  6. *
  7. * Adding options to one of the setting screens isn't hard. Call prepareDBSettingsContext;
  8. * The basic format for a checkbox is:
  9. * array('check', 'nameInModSettingsAndSQL'),
  10. * And for a text box:
  11. * array('text', 'nameInModSettingsAndSQL')
  12. * (NOTE: You have to add an entry for this at the bottom!)
  13. *
  14. * In these cases, it will look for $txt['nameInModSettingsAndSQL'] as the description,
  15. * and $helptxt['nameInModSettingsAndSQL'] as the help popup description.
  16. *
  17. * Here's a quick explanation of how to add a new item:
  18. *
  19. * - A text input box. For textual values.
  20. * array('text', 'nameInModSettingsAndSQL', 'OptionalInputBoxWidth'),
  21. * - A text input box. For numerical values.
  22. * array('int', 'nameInModSettingsAndSQL', 'OptionalInputBoxWidth'),
  23. * - A text input box. For floating point values.
  24. * array('float', 'nameInModSettingsAndSQL', 'OptionalInputBoxWidth'),
  25. * - A large text input box. Used for textual values spanning multiple lines.
  26. * array('large_text', 'nameInModSettingsAndSQL', 'OptionalNumberOfRows'),
  27. * - A check box. Either one or zero. (boolean)
  28. * array('check', 'nameInModSettingsAndSQL'),
  29. * - A selection box. Used for the selection of something from a list.
  30. * array('select', 'nameInModSettingsAndSQL', array('valueForSQL' => $txt['displayedValue'])),
  31. * Note that just saying array('first', 'second') will put 0 in the SQL for 'first'.
  32. * - A password input box. Used for passwords, no less!
  33. * array('password', 'nameInModSettingsAndSQL', 'OptionalInputBoxWidth'),
  34. * - A permission - for picking groups who have a permission.
  35. * array('permissions', 'manage_groups'),
  36. * - A BBC selection box.
  37. * array('bbc', 'sig_bbc'),
  38. *
  39. * For each option:
  40. * - type (see above), variable name, size/possible values.
  41. * OR make type '' for an empty string for a horizontal rule.
  42. * - SET preinput - to put some HTML prior to the input box.
  43. * - SET postinput - to put some HTML following the input box.
  44. * - SET invalid - to mark the data as invalid.
  45. * - PLUS you can override label and help parameters by forcing their keys in the array, for example:
  46. * array('text', 'invalidlabel', 3, 'label' => 'Actual Label')
  47. *
  48. * Simple Machines Forum (SMF)
  49. *
  50. * @package SMF
  51. * @author Simple Machines http://www.simplemachines.org
  52. * @copyright 2013 Simple Machines and individual contributors
  53. * @license http://www.simplemachines.org/about/smf/license.php BSD
  54. *
  55. * @version 2.1 Alpha 1
  56. */
  57. if (!defined('SMF'))
  58. die('No direct access...');
  59. /**
  60. * This is the main dispatcher. Sets up all the available sub-actions, all the tabs and selects
  61. * the appropriate one based on the sub-action.
  62. *
  63. * Requires the admin_forum permission.
  64. * Redirects to the appropriate function based on the sub-action.
  65. *
  66. * @uses edit_settings adminIndex.
  67. */
  68. function ModifySettings()
  69. {
  70. global $context, $txt, $scripturl, $boarddir;
  71. // This is just to keep the database password more secure.
  72. isAllowedTo('admin_forum');
  73. // Load up all the tabs...
  74. $context[$context['admin_menu_name']]['tab_data'] = array(
  75. 'title' => $txt['admin_server_settings'],
  76. 'help' => 'serversettings',
  77. 'description' => $txt['admin_basic_settings'],
  78. );
  79. checkSession('request');
  80. // The settings are in here, I swear!
  81. loadLanguage('ManageSettings');
  82. $context['page_title'] = $txt['admin_server_settings'];
  83. $context['sub_template'] = 'show_settings';
  84. $subActions = array(
  85. 'general' => 'ModifyGeneralSettings',
  86. 'database' => 'ModifyDatabaseSettings',
  87. 'cookie' => 'ModifyCookieSettings',
  88. 'security' => 'ModifyGeneralSecuritySettings',
  89. 'cache' => 'ModifyCacheSettings',
  90. 'loads' => 'ModifyLoadBalancingSettings',
  91. 'phpinfo' => 'ShowPHPinfoSettings',
  92. );
  93. call_integration_hook('integrate_server_settings', array(&$subActions));
  94. // By default we're editing the core settings
  95. $_REQUEST['sa'] = isset($_REQUEST['sa']) && isset($subActions[$_REQUEST['sa']]) ? $_REQUEST['sa'] : 'general';
  96. $context['sub_action'] = $_REQUEST['sa'];
  97. // Any messages to speak of?
  98. $context['settings_message'] = (isset($_REQUEST['msg']) && isset($txt[$_REQUEST['msg']])) ? $txt[$_REQUEST['msg']] : '';
  99. // Warn the user if there's any relevant information regarding Settings.php.
  100. if ($_REQUEST['sa'] != 'cache')
  101. {
  102. // Warn the user if the backup of Settings.php failed.
  103. $settings_not_writable = !is_writable($boarddir . '/Settings.php');
  104. $settings_backup_fail = !@is_writable($boarddir . '/Settings_bak.php') || !@copy($boarddir . '/Settings.php', $boarddir . '/Settings_bak.php');
  105. if ($settings_not_writable)
  106. $context['settings_message'] = '<div class="centertext"><strong>' . $txt['settings_not_writable'] . '</strong></div><br />';
  107. elseif ($settings_backup_fail)
  108. $context['settings_message'] = '<div class="centertext"><strong>' . $txt['admin_backup_fail'] . '</strong></div><br />';
  109. $context['settings_not_writable'] = $settings_not_writable;
  110. }
  111. // Call the right function for this sub-action.
  112. $subActions[$_REQUEST['sa']]();
  113. }
  114. /**
  115. * General forum settings - forum name, maintenance mode, etc.
  116. * Practically, this shows an interface for the settings in Settings.php to be changed.
  117. *
  118. * - It uses the rawdata sub template (not theme-able.)
  119. * - Requires the admin_forum permission.
  120. * - Uses the edit_settings administration area.
  121. * - Contains the actual array of settings to show from Settings.php.
  122. * - Accessed from ?action=admin;area=serversettings;sa=general.
  123. *
  124. * @param $return_config
  125. */
  126. function ModifyGeneralSettings($return_config = false)
  127. {
  128. global $scripturl, $context, $txt;
  129. /* If you're writing a mod, it's a bad idea to add things here....
  130. For each option:
  131. variable name, description, type (constant), size/possible values, helptext.
  132. OR an empty string for a horizontal rule.
  133. OR a string for a titled section. */
  134. $config_vars = array(
  135. array('mbname', $txt['admin_title'], 'file', 'text', 30),
  136. '',
  137. array('maintenance', $txt['admin_maintain'], 'file', 'check'),
  138. array('mtitle', $txt['maintenance_subject'], 'file', 'text', 36),
  139. array('mmessage', $txt['maintenance_message'], 'file', 'text', 36),
  140. '',
  141. array('webmaster_email', $txt['admin_webmaster_email'], 'file', 'text', 30),
  142. '',
  143. array('enableCompressedOutput', $txt['enableCompressedOutput'], 'db', 'check', null, 'enableCompressedOutput'),
  144. array('disableTemplateEval', $txt['disableTemplateEval'], 'db', 'check', null, 'disableTemplateEval'),
  145. array('disableHostnameLookup', $txt['disableHostnameLookup'], 'db', 'check', null, 'disableHostnameLookup'),
  146. );
  147. call_integration_hook('integrate_general_settings', array(&$config_vars));
  148. if ($return_config)
  149. return $config_vars;
  150. // Setup the template stuff.
  151. $context['post_url'] = $scripturl . '?action=admin;area=serversettings;sa=general;save';
  152. $context['settings_title'] = $txt['general_settings'];
  153. // Saving settings?
  154. if (isset($_REQUEST['save']))
  155. {
  156. call_integration_hook('integrate_save_general_settings');
  157. saveSettings($config_vars);
  158. redirectexit('action=admin;area=serversettings;sa=general;' . $context['session_var'] . '=' . $context['session_id']. ';msg=' . (!empty($context['settings_message']) ? $context['settings_message'] : 'core_settings_saved'));
  159. }
  160. // Fill the config array.
  161. prepareServerSettingsContext($config_vars);
  162. }
  163. /**
  164. * Basic database and paths settings - database name, host, etc.
  165. *
  166. * - It shows an interface for the settings in Settings.php to be changed.
  167. * - It contains the actual array of settings to show from Settings.php.
  168. * - It uses the rawdata sub template (not theme-able.)
  169. * - Requires the admin_forum permission.
  170. * - Uses the edit_settings administration area.
  171. * - Accessed from ?action=admin;area=serversettings;sa=database.
  172. *
  173. * @param $return_config
  174. */
  175. function ModifyDatabaseSettings($return_config = false)
  176. {
  177. global $scripturl, $context, $settings, $txt, $boarddir;
  178. /* If you're writing a mod, it's a bad idea to add things here....
  179. For each option:
  180. variable name, description, type (constant), size/possible values, helptext.
  181. OR an empty string for a horizontal rule.
  182. OR a string for a titled section. */
  183. $config_vars = array(
  184. array('db_server', $txt['database_server'], 'file', 'text'),
  185. array('db_user', $txt['database_user'], 'file', 'text'),
  186. array('db_passwd', $txt['database_password'], 'file', 'password'),
  187. array('db_name', $txt['database_name'], 'file', 'text'),
  188. array('db_prefix', $txt['database_prefix'], 'file', 'text'),
  189. array('db_persist', $txt['db_persist'], 'file', 'check', null, 'db_persist'),
  190. array('db_error_send', $txt['db_error_send'], 'file', 'check'),
  191. array('ssi_db_user', $txt['ssi_db_user'], 'file', 'text', null, 'ssi_db_user'),
  192. array('ssi_db_passwd', $txt['ssi_db_passwd'], 'file', 'password'),
  193. '',
  194. array('autoFixDatabase', $txt['autoFixDatabase'], 'db', 'check', false, 'autoFixDatabase'),
  195. array('autoOptMaxOnline', $txt['autoOptMaxOnline'], 'subtext' => $txt['zero_for_no_limit'], 'db', 'int'),
  196. '',
  197. array('boardurl', $txt['admin_url'], 'file', 'text', 36),
  198. array('boarddir', $txt['boarddir'], 'file', 'text', 36),
  199. array('sourcedir', $txt['sourcesdir'], 'file', 'text', 36),
  200. array('cachedir', $txt['cachedir'], 'file', 'text', 36),
  201. );
  202. call_integration_hook('integrate_database_settings', array(&$config_vars));
  203. if ($return_config)
  204. return $config_vars;
  205. // Setup the template stuff.
  206. $context['post_url'] = $scripturl . '?action=admin;area=serversettings;sa=database;save';
  207. $context['settings_title'] = $txt['database_paths_settings'];
  208. $context['save_disabled'] = $context['settings_not_writable'];
  209. // Saving settings?
  210. if (isset($_REQUEST['save']))
  211. {
  212. call_integration_hook('integrate_save_database_settings');
  213. saveSettings($config_vars);
  214. redirectexit('action=admin;area=serversettings;sa=database;' . $context['session_var'] . '=' . $context['session_id'] . ';msg=' . (!empty($context['settings_message']) ? $context['settings_message'] : 'core_settings_saved'));
  215. }
  216. // Fill the config array.
  217. prepareServerSettingsContext($config_vars);
  218. }
  219. /**
  220. * This function handles cookies settings modifications.
  221. *
  222. * @param bool $return_config = false
  223. */
  224. function ModifyCookieSettings($return_config = false)
  225. {
  226. global $context, $scripturl, $txt, $sourcedir, $modSettings, $cookiename, $user_settings, $boardurl;
  227. // Define the variables we want to edit.
  228. $config_vars = array(
  229. // Cookies...
  230. array('cookiename', $txt['cookie_name'], 'file', 'text', 20),
  231. array('cookieTime', $txt['cookieTime'], 'db', 'int', 'postinput' => $txt['minutes']),
  232. array('localCookies', $txt['localCookies'], 'db', 'check', false, 'localCookies'),
  233. array('globalCookies', $txt['globalCookies'], 'db', 'check', false, 'globalCookies'),
  234. array('globalCookiesDomain', $txt['globalCookiesDomain'], 'db', 'text', false, 'globalCookiesDomain'),
  235. array('secureCookies', $txt['secureCookies'], 'db', 'check', false, 'secureCookies', 'disabled' => !isset($_SERVER['HTTPS']) || !(strtolower($_SERVER['HTTPS']) == 'on' || strtolower($_SERVER['HTTPS']) == '1')),
  236. array('httponlyCookies', $txt['httponlyCookies'], 'db', 'check', false, 'httponlyCookies'),
  237. '',
  238. // Sessions
  239. array('databaseSession_enable', $txt['databaseSession_enable'], 'db', 'check', false, 'databaseSession_enable'),
  240. array('databaseSession_loose', $txt['databaseSession_loose'], 'db', 'check', false, 'databaseSession_loose'),
  241. array('databaseSession_lifetime', $txt['databaseSession_lifetime'], 'db', 'int', false, 'databaseSession_lifetime', 'postinput' => $txt['seconds']),
  242. );
  243. addInlineJavascript('
  244. function hideGlobalCookies()
  245. {
  246. var usingLocal = $("#localCookies").prop("checked");
  247. $("#setting_globalCookies").closest("dt").toggle(!usingLocal);
  248. $("#globalCookies").closest("dd").toggle(!usingLocal);
  249. var usingGlobal = !usingLocal && $("#globalCookies").prop("checked");
  250. $("#setting_globalCookiesDomain").closest("dt").toggle(usingGlobal);
  251. $("#globalCookiesDomain").closest("dd").toggle(usingGlobal);
  252. };
  253. hideGlobalCookies();
  254. $("#localCookies, #globalCookies").click(function() {
  255. hideGlobalCookies();
  256. });', true);
  257. call_integration_hook('integrate_cookie_settings', array(&$config_vars));
  258. if ($return_config)
  259. return $config_vars;
  260. $context['post_url'] = $scripturl . '?action=admin;area=serversettings;sa=cookie;save';
  261. $context['settings_title'] = $txt['cookies_sessions_settings'];
  262. // Saving settings?
  263. if (isset($_REQUEST['save']))
  264. {
  265. call_integration_hook('integrate_save_cookie_settings');
  266. // Local and global do not play nicely together.
  267. if (!empty($_POST['localCookies']) && empty($_POST['globalCookies']))
  268. unset ($_POST['globalCookies']);
  269. if (!empty($_POST['globalCookiesDomain']) && strpos($boardurl, $_POST['globalCookiesDomain']) === false)
  270. fatal_lang_error('invalid_cookie_domain', false);
  271. saveSettings($config_vars);
  272. // If the cookie name was changed, reset the cookie.
  273. if ($cookiename != $_POST['cookiename'])
  274. {
  275. $original_session_id = $context['session_id'];
  276. include_once($sourcedir . '/Subs-Auth.php');
  277. // Remove the old cookie.
  278. setLoginCookie(-3600, 0);
  279. // Set the new one.
  280. $cookiename = $_POST['cookiename'];
  281. setLoginCookie(60 * $modSettings['cookieTime'], $user_settings['id_member'], sha1($user_settings['passwd'] . $user_settings['password_salt']));
  282. redirectexit('action=admin;area=serversettings;sa=cookie;' . $context['session_var'] . '=' . $original_session_id, $context['server']['needs_login_fix']);
  283. }
  284. redirectexit('action=admin;area=serversettings;sa=cookie;' . $context['session_var'] . '=' . $context['session_id']. ';msg=' . (!empty($context['settings_message']) ? $context['settings_message'] : 'core_settings_saved'));
  285. }
  286. // Fill the config array.
  287. prepareServerSettingsContext($config_vars);
  288. }
  289. /**
  290. * Settings really associated with general security aspects.
  291. *
  292. * @param $return_config
  293. */
  294. function ModifyGeneralSecuritySettings($return_config = false)
  295. {
  296. global $txt, $scripturl, $context, $settings, $sc, $modSettings;
  297. $config_vars = array(
  298. array('check', 'guest_hideContacts'),
  299. array('check', 'make_email_viewable'),
  300. '',
  301. array('int', 'failed_login_threshold'),
  302. array('int', 'loginHistoryDays'),
  303. '',
  304. array('check', 'securityDisable'),
  305. array('check', 'securityDisable_moderate'),
  306. '',
  307. // Reactive on email, and approve on delete
  308. array('check', 'send_validation_onChange'),
  309. array('check', 'approveAccountDeletion'),
  310. '',
  311. // Password strength.
  312. array('select', 'password_strength', array($txt['setting_password_strength_low'], $txt['setting_password_strength_medium'], $txt['setting_password_strength_high'])),
  313. array('check', 'enable_password_conversion'),
  314. '',
  315. // Reporting of personal messages?
  316. array('check', 'enableReportPM'),
  317. '',
  318. array('select', 'frame_security', array('SAMEORIGIN' => $txt['setting_frame_security_SAMEORIGIN'], 'DENY' => $txt['setting_frame_security_DENY'], 'DISABLE' => $txt['setting_frame_security_DISABLE'])),
  319. );
  320. call_integration_hook('integrate_general_security_settings', array(&$config_vars));
  321. if ($return_config)
  322. return $config_vars;
  323. // Saving?
  324. if (isset($_GET['save']))
  325. {
  326. saveDBSettings($config_vars);
  327. call_integration_hook('integrate_save_general_security_settings');
  328. writeLog();
  329. redirectexit('action=admin;area=serversettings;sa=security;' . $context['session_var'] . '=' . $context['session_id']);
  330. }
  331. $context['post_url'] = $scripturl . '?action=admin;area=serversettings;save;sa=security';
  332. $context['settings_title'] = $txt['security_settings'];
  333. prepareDBSettingContext($config_vars);
  334. }
  335. /**
  336. * Simply modifying cache functions
  337. *
  338. * @param bool $return_config = false
  339. */
  340. function ModifyCacheSettings($return_config = false)
  341. {
  342. global $context, $scripturl, $txt, $helptxt, $cache_enable;
  343. // Detect all available optimizers
  344. $detected = array();
  345. if (function_exists('eaccelerator_put'))
  346. $detected['eaccelerator'] = $txt['eAccelerator_cache'];
  347. if (function_exists('mmcache_put'))
  348. $detected['mmcache'] = $txt['mmcache_cache'];
  349. if (function_exists('apc_store'))
  350. $detected['apc'] = $txt['apc_cache'];
  351. if (function_exists('output_cache_put') || function_exists('zend_shm_cache_store'))
  352. $detected['zend'] = $txt['zend_cache'];
  353. if (function_exists('memcache_set') || function_exists('memcached_set'))
  354. $detected['memcached'] = $txt['memcached_cache'];
  355. if (function_exists('xcache_set'))
  356. $detected['xcache'] = $txt['xcache_cache'];
  357. if (function_exists('file_put_contents'))
  358. $detected['smf'] = $txt['default_cache'];
  359. // set our values to show what, if anything, we found
  360. if (empty($detected))
  361. {
  362. $txt['cache_settings_message'] = $txt['detected_no_caching'];
  363. $cache_level = array($txt['cache_off']);
  364. $detected['none'] = $txt['cache_off'];
  365. }
  366. else
  367. {
  368. $txt['cache_settings_message'] = sprintf($txt['detected_accelerators'], implode(', ', $detected));
  369. $cache_level = array($txt['cache_off'], $txt['cache_level1'], $txt['cache_level2'], $txt['cache_level3']);
  370. }
  371. // Define the variables we want to edit.
  372. $config_vars = array(
  373. // Only a few settings, but they are important
  374. array('', $txt['cache_settings_message'], '', 'desc'),
  375. array('cache_enable', $txt['cache_enable'], 'file', 'select', $cache_level, 'cache_enable'),
  376. array('cache_accelerator', $txt['cache_accelerator'], 'file', 'select', $detected),
  377. array('cache_memcached', $txt['cache_memcached'], 'file', 'text', $txt['cache_memcached'], 'cache_memcached'),
  378. array('cachedir', $txt['cachedir'], 'file', 'text', 36, 'cache_cachedir'),
  379. );
  380. // some javascript to enable / disable certain settings if the option is not selected
  381. $context['settings_post_javascript'] = '
  382. var cache_type = document.getElementById(\'cache_accelerator\');
  383. createEventListener(cache_type);
  384. cache_type.addEventListener("change", toggleCache);
  385. toggleCache();';
  386. call_integration_hook('integrate_modify_cache_settings', array(&$config_vars));
  387. if ($return_config)
  388. return $config_vars;
  389. // Saving again?
  390. if (isset($_GET['save']))
  391. {
  392. call_integration_hook('integrate_save_cache_settings');
  393. saveSettings($config_vars);
  394. // we need to save the $cache_enable to $modSettings as well
  395. updatesettings(array('cache_enable' => (int) $_POST['cache_enable']));
  396. // exit so we reload our new settings on the page
  397. redirectexit('action=admin;area=serversettings;sa=cache;' . $context['session_var'] . '=' . $context['session_id']);
  398. }
  399. loadLanguage('ManageMaintenance');
  400. createToken('admin-maint');
  401. $context['template_layers'][] = 'clean_cache_button';
  402. $context['post_url'] = $scripturl . '?action=admin;area=serversettings;sa=cache;save';
  403. $context['settings_title'] = $txt['caching_settings'];
  404. $context['settings_message'] = $txt['caching_information'];
  405. // Prepare the template.
  406. createToken('admin-ssc');
  407. prepareServerSettingsContext($config_vars);
  408. }
  409. /**
  410. * Allows to edit load balancing settings.
  411. *
  412. * @param bool $return_config = false
  413. */
  414. function ModifyLoadBalancingSettings($return_config = false)
  415. {
  416. global $txt, $scripturl, $context, $settings, $modSettings;
  417. // Setup a warning message, but disabled by default.
  418. $disabled = true;
  419. $context['settings_message'] = $txt['loadavg_disabled_conf'];
  420. if (stripos(PHP_OS, 'win') === 0)
  421. $context['settings_message'] = $txt['loadavg_disabled_windows'];
  422. else
  423. {
  424. $modSettings['load_average'] = @file_get_contents('/proc/loadavg');
  425. if (!empty($modSettings['load_average']) && preg_match('~^([^ ]+?) ([^ ]+?) ([^ ]+)~', $modSettings['load_average'], $matches) !== 0)
  426. $modSettings['load_average'] = (float) $matches[1];
  427. elseif (($modSettings['load_average'] = @`uptime`) !== null && preg_match('~load averages?: (\d+\.\d+), (\d+\.\d+), (\d+\.\d+)~i', $modSettings['load_average'], $matches) !== 0)
  428. $modSettings['load_average'] = (float) $matches[1];
  429. else
  430. unset($modSettings['load_average']);
  431. if (!empty($modSettings['load_average']))
  432. {
  433. $context['settings_message'] = sprintf($txt['loadavg_warning'], $modSettings['load_average']);
  434. $disabled = false;
  435. }
  436. }
  437. // Start with a simple checkbox.
  438. $config_vars = array(
  439. array('check', 'loadavg_enable', 'disabled' => $disabled),
  440. );
  441. // Set the default values for each option.
  442. $default_values = array(
  443. 'loadavg_auto_opt' => '1.0',
  444. 'loadavg_search' => '2.5',
  445. 'loadavg_allunread' => '2.0',
  446. 'loadavg_unreadreplies' => '3.5',
  447. 'loadavg_show_posts' => '2.0',
  448. 'loadavg_userstats' => '10.0',
  449. 'loadavg_bbc' => '30.0',
  450. 'loadavg_forum' => '40.0',
  451. );
  452. // Loop through the settings.
  453. foreach ($default_values as $name => $value)
  454. {
  455. // Use the default value if the setting isn't set yet.
  456. $value = !isset($modSettings[$name]) ? $value : $modSettings[$name];
  457. $config_vars[] = array('text', $name, 'value' => $value, 'disabled' => $disabled);
  458. }
  459. call_integration_hook('integrate_loadavg_settings', array(&$config_vars));
  460. if ($return_config)
  461. return $config_vars;
  462. $context['post_url'] = $scripturl . '?action=admin;area=serversettings;sa=loads;save';
  463. $context['settings_title'] = $txt['load_balancing_settings'];
  464. // Saving?
  465. if (isset($_GET['save']))
  466. {
  467. // Stupidity is not allowed.
  468. foreach ($_POST as $key => $value)
  469. {
  470. if (strpos($key, 'loadavg') === 0 || $key === 'loadavg_enable')
  471. continue;
  472. elseif ($key == 'loadavg_auto_opt' && $value <= 1)
  473. $_POST['loadavg_auto_opt'] = '1.0';
  474. elseif ($key == 'loadavg_forum' && $value < 10)
  475. $_POST['loadavg_forum'] = '10.0';
  476. elseif ($value < 2)
  477. $_POST[$key] = '2.0';
  478. }
  479. call_integration_hook('integrate_save_loadavg_settings');
  480. saveDBSettings($config_vars);
  481. redirectexit('action=admin;area=serversettings;sa=loads;' . $context['session_var'] . '=' . $context['session_id']);
  482. }
  483. createToken('admin-ssc');
  484. createToken('admin-dbsc');
  485. prepareDBSettingContext($config_vars);
  486. }
  487. /**
  488. * Helper function, it sets up the context for the manage server settings.
  489. * - The basic usage of the six numbered key fields are
  490. * - array (0 ,1, 2, 3, 4, 5
  491. * 0 variable name - the name of the saved variable
  492. * 1 label - the text to show on the settings page
  493. * 2 saveto - file or db, where to save the variable name - value pair
  494. * 3 type - type of data to save, int, float, text, check
  495. * 4 size - false or field size
  496. * 5 help - '' or helptxt variable name
  497. * )
  498. *
  499. * the following named keys are also permitted
  500. * 'disabled' => 'postinput' => 'preinput' =>
  501. *
  502. * @param array $config_vars
  503. */
  504. function prepareServerSettingsContext(&$config_vars)
  505. {
  506. global $context, $modSettings;
  507. $context['config_vars'] = array();
  508. foreach ($config_vars as $identifier => $config_var)
  509. {
  510. if (!is_array($config_var) || !isset($config_var[1]))
  511. $context['config_vars'][] = $config_var;
  512. else
  513. {
  514. $varname = $config_var[0];
  515. global $$varname;
  516. // Set the subtext in case it's part of the label.
  517. // @todo Temporary. Preventing divs inside label tags.
  518. $divPos = strpos($config_var[1], '<div');
  519. $subtext = '';
  520. if ($divPos !== false)
  521. {
  522. $subtext = preg_replace('~</?div[^>]*>~', '', substr($config_var[1], $divPos));
  523. $config_var[1] = substr($config_var[1], 0, $divPos);
  524. }
  525. $context['config_vars'][$config_var[0]] = array(
  526. 'label' => $config_var[1],
  527. 'help' => isset($config_var[5]) ? $config_var[5] : '',
  528. 'type' => $config_var[3],
  529. 'size' => empty($config_var[4]) ? 0 : $config_var[4],
  530. 'data' => isset($config_var[4]) && is_array($config_var[4]) && $config_var[3] != 'select' ? $config_var[4] : array(),
  531. 'name' => $config_var[0],
  532. 'value' => $config_var[2] == 'file' ? htmlspecialchars($$varname) : (isset($modSettings[$config_var[0]]) ? htmlspecialchars($modSettings[$config_var[0]]) : (in_array($config_var[3], array('int', 'float')) ? 0 : '')),
  533. 'disabled' => !empty($context['settings_not_writable']) || !empty($config_var['disabled']),
  534. 'invalid' => false,
  535. 'subtext' => !empty($config_var['subtext']) ? $config_var['subtext'] : $subtext,
  536. 'javascript' => '',
  537. 'preinput' => !empty($config_var['preinput']) ? $config_var['preinput'] : '',
  538. 'postinput' => !empty($config_var['postinput']) ? $config_var['postinput'] : '',
  539. );
  540. // If this is a select box handle any data.
  541. if (!empty($config_var[4]) && is_array($config_var[4]))
  542. {
  543. // If it's associative
  544. $config_values = array_values($config_var[4]);
  545. if (isset($config_values[0]) && is_array($config_values[0]))
  546. $context['config_vars'][$config_var[0]]['data'] = $config_var[4];
  547. else
  548. {
  549. foreach ($config_var[4] as $key => $item)
  550. $context['config_vars'][$config_var[0]]['data'][] = array($key, $item);
  551. }
  552. }
  553. }
  554. }
  555. // Two tokens because saving these settings requires both saveSettings and saveDBSettings
  556. createToken('admin-ssc');
  557. createToken('admin-dbsc');
  558. }
  559. /**
  560. * Helper function, it sets up the context for database settings.
  561. * @todo see rev. 10406 from 2.1-requests
  562. *
  563. * @param array $config_vars
  564. */
  565. function prepareDBSettingContext(&$config_vars)
  566. {
  567. global $txt, $helptxt, $context, $modSettings, $sourcedir;
  568. loadLanguage('Help');
  569. $context['config_vars'] = array();
  570. $inlinePermissions = array();
  571. $bbcChoice = array();
  572. foreach ($config_vars as $config_var)
  573. {
  574. // HR?
  575. if (!is_array($config_var))
  576. $context['config_vars'][] = $config_var;
  577. else
  578. {
  579. // If it has no name it doesn't have any purpose!
  580. if (empty($config_var[1]))
  581. continue;
  582. // Special case for inline permissions
  583. if ($config_var[0] == 'permissions' && allowedTo('manage_permissions'))
  584. $inlinePermissions[] = $config_var[1];
  585. elseif ($config_var[0] == 'permissions')
  586. continue;
  587. // Are we showing the BBC selection box?
  588. if ($config_var[0] == 'bbc')
  589. $bbcChoice[] = $config_var[1];
  590. $context['config_vars'][$config_var[1]] = array(
  591. 'label' => isset($config_var['text_label']) ? $config_var['text_label'] : (isset($txt[$config_var[1]]) ? $txt[$config_var[1]] : (isset($config_var[3]) && !is_array($config_var[3]) ? $config_var[3] : '')),
  592. 'help' => isset($helptxt[$config_var[1]]) ? $config_var[1] : '',
  593. 'type' => $config_var[0],
  594. 'size' => !empty($config_var[2]) && !is_array($config_var[2]) ? $config_var[2] : (in_array($config_var[0], array('int', 'float')) ? 6 : 0),
  595. 'data' => array(),
  596. 'name' => $config_var[1],
  597. 'value' => isset($modSettings[$config_var[1]]) ? ($config_var[0] == 'select' ? $modSettings[$config_var[1]] : htmlspecialchars($modSettings[$config_var[1]])) : (in_array($config_var[0], array('int', 'float')) ? 0 : (!empty($config_var['multiple']) ? serialize(array()) : '')),
  598. 'disabled' => false,
  599. 'invalid' => !empty($config_var['invalid']),
  600. 'javascript' => '',
  601. 'var_message' => !empty($config_var['message']) && isset($txt[$config_var['message']]) ? $txt[$config_var['message']] : '',
  602. 'preinput' => isset($config_var['preinput']) ? $config_var['preinput'] : '',
  603. 'postinput' => isset($config_var['postinput']) ? $config_var['postinput'] : '',
  604. );
  605. // If this is a select box handle any data.
  606. if (!empty($config_var[2]) && is_array($config_var[2]))
  607. {
  608. // If we allow multiple selections, we need to adjust a few things.
  609. if ($config_var[0] == 'select' && !empty($config_var['multiple']))
  610. {
  611. $context['config_vars'][$config_var[1]]['name'] .= '[]';
  612. $context['config_vars'][$config_var[1]]['value'] = unserialize($context['config_vars'][$config_var[1]]['value']);
  613. }
  614. // If it's associative
  615. if (isset($config_var[2][0]) && is_array($config_var[2][0]))
  616. $context['config_vars'][$config_var[1]]['data'] = $config_var[2];
  617. else
  618. {
  619. foreach ($config_var[2] as $key => $item)
  620. $context['config_vars'][$config_var[1]]['data'][] = array($key, $item);
  621. }
  622. }
  623. // Finally allow overrides - and some final cleanups.
  624. foreach ($config_var as $k => $v)
  625. {
  626. if (!is_numeric($k))
  627. {
  628. if (substr($k, 0, 2) == 'on')
  629. $context['config_vars'][$config_var[1]]['javascript'] .= ' ' . $k . '="' . $v . '"';
  630. else
  631. $context['config_vars'][$config_var[1]][$k] = $v;
  632. }
  633. // See if there are any other labels that might fit?
  634. if (isset($txt['setting_' . $config_var[1]]))
  635. $context['config_vars'][$config_var[1]]['label'] = $txt['setting_' . $config_var[1]];
  636. elseif (isset($txt['groups_' . $config_var[1]]))
  637. $context['config_vars'][$config_var[1]]['label'] = $txt['groups_' . $config_var[1]];
  638. }
  639. // Set the subtext in case it's part of the label.
  640. // @todo Temporary. Preventing divs inside label tags.
  641. $divPos = strpos($context['config_vars'][$config_var[1]]['label'], '<div');
  642. if ($divPos !== false)
  643. {
  644. $context['config_vars'][$config_var[1]]['subtext'] = preg_replace('~</?div[^>]*>~', '', substr($context['config_vars'][$config_var[1]]['label'], $divPos));
  645. $context['config_vars'][$config_var[1]]['label'] = substr($context['config_vars'][$config_var[1]]['label'], 0, $divPos);
  646. }
  647. }
  648. }
  649. // If we have inline permissions we need to prep them.
  650. if (!empty($inlinePermissions) && allowedTo('manage_permissions'))
  651. {
  652. require_once($sourcedir . '/ManagePermissions.php');
  653. init_inline_permissions($inlinePermissions, isset($context['permissions_excluded']) ? $context['permissions_excluded'] : array());
  654. }
  655. // What about any BBC selection boxes?
  656. if (!empty($bbcChoice))
  657. {
  658. // What are the options, eh?
  659. $temp = parse_bbc(false);
  660. $bbcTags = array();
  661. foreach ($temp as $tag)
  662. $bbcTags[] = $tag['tag'];
  663. $bbcTags = array_unique($bbcTags);
  664. $totalTags = count($bbcTags);
  665. // The number of columns we want to show the BBC tags in.
  666. $numColumns = isset($context['num_bbc_columns']) ? $context['num_bbc_columns'] : 3;
  667. // Start working out the context stuff.
  668. $context['bbc_columns'] = array();
  669. $tagsPerColumn = ceil($totalTags / $numColumns);
  670. $col = 0; $i = 0;
  671. foreach ($bbcTags as $tag)
  672. {
  673. if ($i % $tagsPerColumn == 0 && $i != 0)
  674. $col++;
  675. $context['bbc_columns'][$col][] = array(
  676. 'tag' => $tag,
  677. // @todo 'tag_' . ?
  678. 'show_help' => isset($helptxt[$tag]),
  679. );
  680. $i++;
  681. }
  682. // Now put whatever BBC options we may have into context too!
  683. $context['bbc_sections'] = array();
  684. foreach ($bbcChoice as $bbc)
  685. {
  686. $context['bbc_sections'][$bbc] = array(
  687. 'title' => isset($txt['bbc_title_' . $bbc]) ? $txt['bbc_title_' . $bbc] : $txt['bbcTagsToUse_select'],
  688. 'disabled' => empty($modSettings['bbc_disabled_' . $bbc]) ? array() : $modSettings['bbc_disabled_' . $bbc],
  689. 'all_selected' => empty($modSettings['bbc_disabled_' . $bbc]),
  690. );
  691. }
  692. }
  693. call_integration_hook('integrate_prepare_db_settings', array(&$config_vars));
  694. createToken('admin-dbsc');
  695. }
  696. /**
  697. * Helper function. Saves settings by putting them in Settings.php or saving them in the settings table.
  698. *
  699. * - Saves those settings set from ?action=admin;area=serversettings.
  700. * - Requires the admin_forum permission.
  701. * - Contains arrays of the types of data to save into Settings.php.
  702. *
  703. * @param $config_vars
  704. */
  705. function saveSettings(&$config_vars)
  706. {
  707. global $boarddir, $sc, $cookiename, $modSettings, $user_settings;
  708. global $sourcedir, $context, $cachedir;
  709. validateToken('admin-ssc');
  710. // Fix the darn stupid cookiename! (more may not be allowed, but these for sure!)
  711. if (isset($_POST['cookiename']))
  712. $_POST['cookiename'] = preg_replace('~[,;\s\.$]+~' . ($context['utf8'] ? 'u' : ''), '', $_POST['cookiename']);
  713. // Fix the forum's URL if necessary.
  714. if (isset($_POST['boardurl']))
  715. {
  716. if (substr($_POST['boardurl'], -10) == '/index.php')
  717. $_POST['boardurl'] = substr($_POST['boardurl'], 0, -10);
  718. elseif (substr($_POST['boardurl'], -1) == '/')
  719. $_POST['boardurl'] = substr($_POST['boardurl'], 0, -1);
  720. if (substr($_POST['boardurl'], 0, 7) != 'http://' && substr($_POST['boardurl'], 0, 7) != 'file://' && substr($_POST['boardurl'], 0, 8) != 'https://')
  721. $_POST['boardurl'] = 'http://' . $_POST['boardurl'];
  722. }
  723. // Any passwords?
  724. $config_passwords = array(
  725. 'db_passwd',
  726. 'ssi_db_passwd',
  727. );
  728. // All the strings to write.
  729. $config_strs = array(
  730. 'mtitle', 'mmessage',
  731. 'language', 'mbname', 'boardurl',
  732. 'cookiename',
  733. 'webmaster_email',
  734. 'db_name', 'db_user', 'db_server', 'db_prefix', 'ssi_db_user',
  735. 'boarddir', 'sourcedir',
  736. 'cachedir', 'cache_accelerator', 'cache_memcached',
  737. );
  738. // All the numeric variables.
  739. $config_ints = array(
  740. 'cache_enable',
  741. );
  742. // All the checkboxes.
  743. $config_bools = array(
  744. 'db_persist', 'db_error_send',
  745. 'maintenance',
  746. );
  747. // Now sort everything into a big array, and figure out arrays and etc.
  748. $new_settings = array();
  749. foreach ($config_passwords as $config_var)
  750. {
  751. if (isset($_POST[$config_var][1]) && $_POST[$config_var][0] == $_POST[$config_var][1])
  752. $new_settings[$config_var] = '\'' . addcslashes($_POST[$config_var][0], '\'\\') . '\'';
  753. }
  754. foreach ($config_strs as $config_var)
  755. {
  756. if (isset($_POST[$config_var]))
  757. $new_settings[$config_var] = '\'' . addcslashes($_POST[$config_var], '\'\\') . '\'';
  758. }
  759. foreach ($config_ints as $config_var)
  760. {
  761. if (isset($_POST[$config_var]))
  762. $new_settings[$config_var] = (int) $_POST[$config_var];
  763. }
  764. foreach ($config_bools as $key)
  765. {
  766. if (!empty($_POST[$key]))
  767. $new_settings[$key] = '1';
  768. else
  769. $new_settings[$key] = '0';
  770. }
  771. // Save the relevant settings in the Settings.php file.
  772. require_once($sourcedir . '/Subs-Admin.php');
  773. updateSettingsFile($new_settings);
  774. // Now loop through the remaining (database-based) settings.
  775. $new_settings = array();
  776. foreach ($config_vars as $config_var)
  777. {
  778. // We just saved the file-based settings, so skip their definitions.
  779. if (!is_array($config_var) || $config_var[2] == 'file')
  780. continue;
  781. // Rewrite the definition a bit.
  782. $new_settings[] = array($config_var[3], $config_var[0]);
  783. }
  784. // Save the new database-based settings, if any.
  785. if (!empty($new_settings))
  786. saveDBSettings($new_settings);
  787. }
  788. /**
  789. * Helper function for saving database settings.
  790. * @todo see rev. 10406 from 2.1-requests
  791. *
  792. * @param array $config_vars
  793. */
  794. function saveDBSettings(&$config_vars)
  795. {
  796. global $sourcedir, $context;
  797. validateToken('admin-dbsc');
  798. $inlinePermissions = array();
  799. foreach ($config_vars as $var)
  800. {
  801. if (!isset($var[1]) || (!isset($_POST[$var[1]]) && $var[0] != 'check' && $var[0] != 'permissions' && ($var[0] != 'bbc' || !isset($_POST[$var[1] . '_enabledTags']))))
  802. continue;
  803. // Checkboxes!
  804. elseif ($var[0] == 'check')
  805. $setArray[$var[1]] = !empty($_POST[$var[1]]) ? '1' : '0';
  806. // Select boxes!
  807. elseif ($var[0] == 'select' && in_array($_POST[$var[1]], array_keys($var[2])))
  808. $setArray[$var[1]] = $_POST[$var[1]];
  809. elseif ($var[0] == 'select' && !empty($var['multiple']) && array_intersect($_POST[$var[1]], array_keys($var[2])) != array())
  810. {
  811. // For security purposes we validate this line by line.
  812. $options = array();
  813. foreach ($_POST[$var[1]] as $invar)
  814. if (in_array($invar, array_keys($var[2])))
  815. $options[] = $invar;
  816. $setArray[$var[1]] = serialize($options);
  817. }
  818. // Integers!
  819. elseif ($var[0] == 'int')
  820. $setArray[$var[1]] = (int) $_POST[$var[1]];
  821. // Floating point!
  822. elseif ($var[0] == 'float')
  823. $setArray[$var[1]] = (float) $_POST[$var[1]];
  824. // Text!
  825. elseif ($var[0] == 'text' || $var[0] == 'large_text')
  826. $setArray[$var[1]] = $_POST[$var[1]];
  827. // Passwords!
  828. elseif ($var[0] == 'password')
  829. {
  830. if (isset($_POST[$var[1]][1]) && $_POST[$var[1]][0] == $_POST[$var[1]][1])
  831. $setArray[$var[1]] = $_POST[$var[1]][0];
  832. }
  833. // BBC.
  834. elseif ($var[0] == 'bbc')
  835. {
  836. $bbcTags = array();
  837. foreach (parse_bbc(false) as $tag)
  838. $bbcTags[] = $tag['tag'];
  839. if (!isset($_POST[$var[1] . '_enabledTags']))
  840. $_POST[$var[1] . '_enabledTags'] = array();
  841. elseif (!is_array($_POST[$var[1] . '_enabledTags']))
  842. $_POST[$var[1] . '_enabledTags'] = array($_POST[$var[1] . '_enabledTags']);
  843. $setArray[$var[1]] = implode(',', array_diff($bbcTags, $_POST[$var[1] . '_enabledTags']));
  844. }
  845. // Permissions?
  846. elseif ($var[0] == 'permissions')
  847. $inlinePermissions[] = $var[1];
  848. }
  849. if (!empty($setArray))
  850. updateSettings($setArray);
  851. // If we have inline permissions we need to save them.
  852. if (!empty($inlinePermissions) && allowedTo('manage_permissions'))
  853. {
  854. require_once($sourcedir . '/ManagePermissions.php');
  855. save_inline_permissions($inlinePermissions);
  856. }
  857. }
  858. /**
  859. * Allows us to see the servers php settings
  860. *
  861. * - loads the settings into an array for display in a template
  862. * - drops cookie values just in case
  863. */
  864. function ShowPHPinfoSettings()
  865. {
  866. global $context, $txt;
  867. $info_lines = array();
  868. $category = $txt['phpinfo_settings'];
  869. // get the data
  870. ob_start();
  871. phpinfo();
  872. // We only want it for its body, pigs that we are
  873. $info_lines = preg_replace('~^.*<body>(.*)</body>.*$~', '$1', ob_get_contents());
  874. $info_lines = explode("\n", strip_tags($info_lines, "<tr><td><h2>"));
  875. ob_end_clean();
  876. // remove things that could be considered sensitive
  877. $remove = '_COOKIE|Cookie|_GET|_REQUEST|REQUEST_URI|QUERY_STRING|REQUEST_URL|HTTP_REFERER';
  878. // put all of it into an array
  879. foreach ($info_lines as $line)
  880. {
  881. if (preg_match('~(' . $remove . ')~', $line))
  882. continue;
  883. // new category?
  884. if (strpos($line, '<h2>') !== false)
  885. $category = preg_match('~<h2>(.*)</h2>~', $line, $title) ? $category = $title[1] : $category;
  886. // load it as setting => value or the old setting local master
  887. if (preg_match('~<tr><td[^>]+>([^<]*)</td><td[^>]+>([^<]*)</td></tr>~', $line, $val))
  888. $pinfo[$category][$val[1]] = $val[2];
  889. elseif (preg_match('~<tr><td[^>]+>([^<]*)</td><td[^>]+>([^<]*)</td><td[^>]+>([^<]*)</td></tr>~', $line, $val))
  890. $pinfo[$category][$val[1]] = array($txt['phpinfo_localsettings'] => $val[2], $txt['phpinfo_defaultsettings'] => $val[3]);
  891. }
  892. // load it in to context and display it
  893. $context['pinfo'] = $pinfo;
  894. $context['page_title'] = $txt['admin_server_settings'];
  895. $context['sub_template'] = 'php_info';
  896. return;
  897. }
  898. ?>