ManageServer.php 35 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987
  1. <?php
  2. /**
  3. * Contains all the functionality required to be able to edit the core server
  4. * settings. This includes anything from which an error may result in the forum
  5. * destroying itself in a firey fury.
  6. *
  7. * Adding options to one of the setting screens isn't hard. Call prepareDBSettingsContext;
  8. * The basic format for a checkbox is:
  9. * array('check', 'nameInModSettingsAndSQL'),
  10. * And for a text box:
  11. * array('text', 'nameInModSettingsAndSQL')
  12. * (NOTE: You have to add an entry for this at the bottom!)
  13. *
  14. * In these cases, it will look for $txt['nameInModSettingsAndSQL'] as the description,
  15. * and $helptxt['nameInModSettingsAndSQL'] as the help popup description.
  16. *
  17. * Here's a quick explanation of how to add a new item:
  18. *
  19. * - A text input box. For textual values.
  20. * array('text', 'nameInModSettingsAndSQL', 'OptionalInputBoxWidth'),
  21. * - A text input box. For numerical values.
  22. * array('int', 'nameInModSettingsAndSQL', 'OptionalInputBoxWidth'),
  23. * - A text input box. For floating point values.
  24. * array('float', 'nameInModSettingsAndSQL', 'OptionalInputBoxWidth'),
  25. * - A large text input box. Used for textual values spanning multiple lines.
  26. * array('large_text', 'nameInModSettingsAndSQL', 'OptionalNumberOfRows'),
  27. * - A check box. Either one or zero. (boolean)
  28. * array('check', 'nameInModSettingsAndSQL'),
  29. * - A selection box. Used for the selection of something from a list.
  30. * array('select', 'nameInModSettingsAndSQL', array('valueForSQL' => $txt['displayedValue'])),
  31. * Note that just saying array('first', 'second') will put 0 in the SQL for 'first'.
  32. * - A password input box. Used for passwords, no less!
  33. * array('password', 'nameInModSettingsAndSQL', 'OptionalInputBoxWidth'),
  34. * - A permission - for picking groups who have a permission.
  35. * array('permissions', 'manage_groups'),
  36. * - A BBC selection box.
  37. * array('bbc', 'sig_bbc'),
  38. *
  39. * For each option:
  40. * - type (see above), variable name, size/possible values.
  41. * OR make type '' for an empty string for a horizontal rule.
  42. * - SET preinput - to put some HTML prior to the input box.
  43. * - SET postinput - to put some HTML following the input box.
  44. * - SET invalid - to mark the data as invalid.
  45. * - PLUS you can override label and help parameters by forcing their keys in the array, for example:
  46. * array('text', 'invalidlabel', 3, 'label' => 'Actual Label')
  47. *
  48. * Simple Machines Forum (SMF)
  49. *
  50. * @package SMF
  51. * @author Simple Machines http://www.simplemachines.org
  52. * @copyright 2011 Simple Machines
  53. * @license http://www.simplemachines.org/about/smf/license.php BSD
  54. *
  55. * @version 2.1 Alpha 1
  56. */
  57. if (!defined('SMF'))
  58. die('Hacking attempt...');
  59. /**
  60. * This is the main dispatcher. Sets up all the available sub-actions, all the tabs and selects
  61. * the appropriate one based on the sub-action.
  62. *
  63. * Requires the admin_forum permission.
  64. * Redirects to the appropriate function based on the sub-action.
  65. *
  66. * @uses edit_settings adminIndex.
  67. */
  68. function ModifySettings()
  69. {
  70. global $context, $txt, $scripturl, $boarddir;
  71. // This is just to keep the database password more secure.
  72. isAllowedTo('admin_forum');
  73. // Load up all the tabs...
  74. $context[$context['admin_menu_name']]['tab_data'] = array(
  75. 'title' => $txt['admin_server_settings'],
  76. 'help' => 'serversettings',
  77. 'description' => $txt['admin_basic_settings'],
  78. );
  79. checkSession('request');
  80. // The settings are in here, I swear!
  81. loadLanguage('ManageSettings');
  82. $context['page_title'] = $txt['admin_server_settings'];
  83. $context['sub_template'] = 'show_settings';
  84. $subActions = array(
  85. 'general' => 'ModifyGeneralSettings',
  86. 'database' => 'ModifyDatabaseSettings',
  87. 'cookie' => 'ModifyCookieSettings',
  88. 'cache' => 'ModifyCacheSettings',
  89. 'loads' => 'ModifyLoadBalancingSettings',
  90. 'phpinfo' => 'ShowPHPinfoSettings',
  91. );
  92. call_integration_hook('integrate_server_settings', array(&$subActions));
  93. // By default we're editing the core settings
  94. $_REQUEST['sa'] = isset($_REQUEST['sa']) && isset($subActions[$_REQUEST['sa']]) ? $_REQUEST['sa'] : 'general';
  95. $context['sub_action'] = $_REQUEST['sa'];
  96. // Any messages to speak of?
  97. $context['settings_message'] = (isset($_REQUEST['msg']) && isset($txt[$_REQUEST['msg']])) ? $txt[$_REQUEST['msg']] : '';
  98. // Warn the user if there's any relevant information regarding Settings.php.
  99. if ($_REQUEST['sa'] != 'cache')
  100. {
  101. // Warn the user if the backup of Settings.php failed.
  102. $settings_not_writable = !is_writable($boarddir . '/Settings.php');
  103. $settings_backup_fail = !@is_writable($boarddir . '/Settings_bak.php') || !@copy($boarddir . '/Settings.php', $boarddir . '/Settings_bak.php');
  104. if ($settings_not_writable)
  105. $context['settings_message'] = '<div class="centertext"><strong>' . $txt['settings_not_writable'] . '</strong></div><br />';
  106. elseif ($settings_backup_fail)
  107. $context['settings_message'] = '<div class="centertext"><strong>' . $txt['admin_backup_fail'] . '</strong></div><br />';
  108. $context['settings_not_writable'] = $settings_not_writable;
  109. }
  110. // Call the right function for this sub-action.
  111. $subActions[$_REQUEST['sa']]();
  112. }
  113. /**
  114. * General forum settings - forum name, maintenance mode, etc.
  115. * Practically, this shows an interface for the settings in Settings.php to be changed.
  116. *
  117. * - It uses the rawdata sub template (not theme-able.)
  118. * - Requires the admin_forum permission.
  119. * - Uses the edit_settings administration area.
  120. * - Contains the actual array of settings to show from Settings.php.
  121. * - Accessed from ?action=admin;area=serversettings;sa=general.
  122. *
  123. * @param $return_config
  124. */
  125. function ModifyGeneralSettings($return_config = false)
  126. {
  127. global $scripturl, $context, $txt;
  128. /* If you're writing a mod, it's a bad idea to add things here....
  129. For each option:
  130. variable name, description, type (constant), size/possible values, helptext.
  131. OR an empty string for a horizontal rule.
  132. OR a string for a titled section. */
  133. $config_vars = array(
  134. array('mbname', $txt['admin_title'], 'file', 'text', 30),
  135. '',
  136. array('maintenance', $txt['admin_maintain'], 'file', 'check'),
  137. array('mtitle', $txt['maintenance_subject'], 'file', 'text', 36),
  138. array('mmessage', $txt['maintenance_message'], 'file', 'text', 36),
  139. '',
  140. array('webmaster_email', $txt['admin_webmaster_email'], 'file', 'text', 30),
  141. '',
  142. array('enableCompressedOutput', $txt['enableCompressedOutput'], 'db', 'check', null, 'enableCompressedOutput'),
  143. array('disableTemplateEval', $txt['disableTemplateEval'], 'db', 'check', null, 'disableTemplateEval'),
  144. array('disableHostnameLookup', $txt['disableHostnameLookup'], 'db', 'check', null, 'disableHostnameLookup'),
  145. );
  146. call_integration_hook('integrate_general_settings', array(&$config_vars));
  147. if ($return_config)
  148. return $config_vars;
  149. // Setup the template stuff.
  150. $context['post_url'] = $scripturl . '?action=admin;area=serversettings;sa=general;save';
  151. $context['settings_title'] = $txt['general_settings'];
  152. // Saving settings?
  153. if (isset($_REQUEST['save']))
  154. {
  155. call_integration_hook('integrate_save_general_settings');
  156. saveSettings($config_vars);
  157. redirectexit('action=admin;area=serversettings;sa=general;' . $context['session_var'] . '=' . $context['session_id']. ';msg=' . (!empty($context['settings_message']) ? $context['settings_message'] : 'core_settings_saved'));
  158. }
  159. // Fill the config array.
  160. prepareServerSettingsContext($config_vars);
  161. }
  162. /**
  163. * Basic database and paths settings - database name, host, etc.
  164. *
  165. * - It shows an interface for the settings in Settings.php to be changed.
  166. * - It contains the actual array of settings to show from Settings.php.
  167. * - It uses the rawdata sub template (not theme-able.)
  168. * - Requires the admin_forum permission.
  169. * - Uses the edit_settings administration area.
  170. * - Accessed from ?action=admin;area=serversettings;sa=database.
  171. *
  172. * @param $return_config
  173. */
  174. function ModifyDatabaseSettings($return_config = false)
  175. {
  176. global $scripturl, $context, $settings, $txt, $boarddir;
  177. /* If you're writing a mod, it's a bad idea to add things here....
  178. For each option:
  179. variable name, description, type (constant), size/possible values, helptext.
  180. OR an empty string for a horizontal rule.
  181. OR a string for a titled section. */
  182. $config_vars = array(
  183. array('db_server', $txt['database_server'], 'file', 'text'),
  184. array('db_user', $txt['database_user'], 'file', 'text'),
  185. array('db_passwd', $txt['database_password'], 'file', 'password'),
  186. array('db_name', $txt['database_name'], 'file', 'text'),
  187. array('db_prefix', $txt['database_prefix'], 'file', 'text'),
  188. array('db_persist', $txt['db_persist'], 'file', 'check', null, 'db_persist'),
  189. array('db_error_send', $txt['db_error_send'], 'file', 'check'),
  190. array('ssi_db_user', $txt['ssi_db_user'], 'file', 'text', null, 'ssi_db_user'),
  191. array('ssi_db_passwd', $txt['ssi_db_passwd'], 'file', 'password'),
  192. '',
  193. array('autoFixDatabase', $txt['autoFixDatabase'], 'db', 'check', false, 'autoFixDatabase'),
  194. array('autoOptMaxOnline', $txt['autoOptMaxOnline'], 'subtext' => $txt['zero_for_no_limit'], 'db', 'int'),
  195. '',
  196. array('boardurl', $txt['admin_url'], 'file', 'text', 36),
  197. array('boarddir', $txt['boarddir'], 'file', 'text', 36),
  198. array('sourcedir', $txt['sourcesdir'], 'file', 'text', 36),
  199. array('cachedir', $txt['cachedir'], 'file', 'text', 36),
  200. );
  201. call_integration_hook('integrate_database_settings', array(&$config_vars));
  202. if ($return_config)
  203. return $config_vars;
  204. // Setup the template stuff.
  205. $context['post_url'] = $scripturl . '?action=admin;area=serversettings;sa=database;save';
  206. $context['settings_title'] = $txt['database_paths_settings'];
  207. $context['save_disabled'] = $context['settings_not_writable'];
  208. // Saving settings?
  209. if (isset($_REQUEST['save']))
  210. {
  211. call_integration_hook('integrate_save_database_settings');
  212. saveSettings($config_vars);
  213. redirectexit('action=admin;area=serversettings;sa=database;' . $context['session_var'] . '=' . $context['session_id'] . ';msg=' . (!empty($context['settings_message']) ? $context['settings_message'] : 'core_settings_saved'));
  214. }
  215. // Fill the config array.
  216. prepareServerSettingsContext($config_vars);
  217. }
  218. /**
  219. * This function handles cookies settings modifications.
  220. *
  221. * @param bool $return_config = false
  222. */
  223. function ModifyCookieSettings($return_config = false)
  224. {
  225. global $context, $scripturl, $txt, $sourcedir, $modSettings, $cookiename, $user_settings, $boardurl;
  226. // Define the variables we want to edit.
  227. $config_vars = array(
  228. // Cookies...
  229. array('cookiename', $txt['cookie_name'], 'file', 'text', 20),
  230. array('cookieTime', $txt['cookieTime'], 'db', 'int', 'postinput' => $txt['minutes']),
  231. array('localCookies', $txt['localCookies'], 'subtext' => $txt['localCookies_note'], 'db', 'check', false, 'localCookies'),
  232. array('globalCookies', $txt['globalCookies'], 'subtext' => $txt['globalCookies_note'], 'db', 'check', false, 'globalCookies'),
  233. array('globalCookiesDomain', $txt['globalCookiesDomain'], 'subtext' => $txt['globalCookiesDomain_note'], 'db', 'text', false, 'globalCookiesDomain'),
  234. array('secureCookies', $txt['secureCookies'], 'subtext' => $txt['secureCookies_note'], 'db', 'check', false, 'secureCookies', 'disabled' => !isset($_SERVER['HTTPS']) || !(strtolower($_SERVER['HTTPS']) == 'on' || strtolower($_SERVER['HTTPS']) == '1')),
  235. array('httponlyCookies', $txt['httponlyCookies'], 'subtext' => $txt['httponlyCookies_note'], 'db', 'check', false, 'httponlyCookies'),
  236. '',
  237. // Sessions
  238. array('databaseSession_enable', $txt['databaseSession_enable'], 'db', 'check', false, 'databaseSession_enable'),
  239. array('databaseSession_loose', $txt['databaseSession_loose'], 'db', 'check', false, 'databaseSession_loose'),
  240. array('databaseSession_lifetime', $txt['databaseSession_lifetime'], 'db', 'int', false, 'databaseSession_lifetime', 'postinput' => $txt['seconds']),
  241. );
  242. call_integration_hook('integrate_cookie_settings', array(&$config_vars));
  243. if ($return_config)
  244. return $config_vars;
  245. $context['post_url'] = $scripturl . '?action=admin;area=serversettings;sa=cookie;save';
  246. $context['settings_title'] = $txt['cookies_sessions_settings'];
  247. // Saving settings?
  248. if (isset($_REQUEST['save']))
  249. {
  250. call_integration_hook('integrate_save_cookie_settings');
  251. if (!empty($_POST['globalCookiesDomain']) && strpos($boardurl, $_POST['globalCookiesDomain']) === false)
  252. fatal_lang_error('invalid_cookie_domain', false);
  253. saveSettings($config_vars);
  254. // If the cookie name was changed, reset the cookie.
  255. if ($cookiename != $_POST['cookiename'])
  256. {
  257. $original_session_id = $context['session_id'];
  258. include_once($sourcedir . '/Subs-Auth.php');
  259. // Remove the old cookie.
  260. setLoginCookie(-3600, 0);
  261. // Set the new one.
  262. $cookiename = $_POST['cookiename'];
  263. setLoginCookie(60 * $modSettings['cookieTime'], $user_settings['id_member'], sha1($user_settings['passwd'] . $user_settings['password_salt']));
  264. redirectexit('action=admin;area=serversettings;sa=cookie;' . $context['session_var'] . '=' . $original_session_id, $context['server']['needs_login_fix']);
  265. }
  266. redirectexit('action=admin;area=serversettings;sa=cookie;' . $context['session_var'] . '=' . $context['session_id']. ';msg=' . (!empty($context['settings_message']) ? $context['settings_message'] : 'core_settings_saved'));
  267. }
  268. // Fill the config array.
  269. prepareServerSettingsContext($config_vars);
  270. }
  271. /**
  272. * Simply modifying cache functions
  273. *
  274. * @param bool $return_config = false
  275. */
  276. function ModifyCacheSettings($return_config = false)
  277. {
  278. global $context, $scripturl, $txt, $helptxt, $cache_enable;
  279. // Detect all available optimizers
  280. $detected = array();
  281. if (function_exists('eaccelerator_put'))
  282. $detected['eaccelerator'] = $txt['eAccelerator_cache'];
  283. if (function_exists('mmcache_put'))
  284. $detected['mmcache'] = $txt['mmcache_cache'];
  285. if (function_exists('apc_store'))
  286. $detected['apc'] = $txt['apc_cache'];
  287. if (function_exists('output_cache_put') || function_exists('zend_shm_cache_store'))
  288. $detected['zend'] = $txt['zend_cache'];
  289. if (function_exists('memcache_set') || function_exists('memcached_set'))
  290. $detected['memcached'] = $txt['memcached_cache'];
  291. if (function_exists('xcache_set'))
  292. $detected['xcache'] = $txt['xcache_cache'];
  293. // set a message to show what, if anything, we found
  294. if (empty($detected))
  295. $txt['cache_settings_message'] = $txt['detected_no_caching'];
  296. else
  297. $txt['cache_settings_message'] = sprintf($txt['detected_accelerators'], implode(', ', $detected));
  298. // This is always an option
  299. $detected['smf'] = $txt['default_cache'];
  300. // Define the variables we want to edit.
  301. $config_vars = array(
  302. // Only a few settings, but they are important
  303. array('', $txt['cache_settings_message'], '', 'desc'),
  304. array('cache_enable', $txt['cache_enable'], 'file', 'select', array($txt['cache_off'], $txt['cache_level1'], $txt['cache_level2'], $txt['cache_level3']), 'cache_enable'),
  305. array('cache_accelerator', $txt['cache_accelerator'], 'file', 'select', $detected),
  306. array('cache_memcached', $txt['cache_memcached'], 'file', 'text', $txt['cache_memcached'], 'cache_memcached'),
  307. array('cachedir', $txt['cachedir'], 'file', 'text', 36, 'cache_cachedir'),
  308. );
  309. // some javascript to enable / disable certain settings if the option is not selected
  310. $context['settings_post_javascript'] = '
  311. var cache_type = document.getElementById(\'cache_accelerator\');
  312. mod_addEvent(cache_type, \'change\', toggleCache);
  313. toggleCache();
  314. function mod_addEvent(control, ev, fn)
  315. {
  316. if (control.addEventListener)
  317. {
  318. control.addEventListener(ev, fn, false);
  319. }
  320. else if (control.attachEvent)
  321. {
  322. control.attachEvent(\'on\'+ev, fn);
  323. }
  324. }
  325. function toggleCache()
  326. {
  327. var select_elem1 = document.getElementById(\'cache_memcached\');
  328. var select_elem2 = document.getElementById(\'cachedir\');
  329. select_elem1.disabled = cache_type.value != "memcached";
  330. select_elem2.disabled = cache_type.value != "smf";
  331. }
  332. ';
  333. call_integration_hook('integrate_modify_cache_settings', array(&$config_vars));
  334. if ($return_config)
  335. return $config_vars;
  336. // Saving again?
  337. if (isset($_GET['save']))
  338. {
  339. call_integration_hook('integrate_save_cache_settings');
  340. saveSettings($config_vars);
  341. // we need to save the $cache_enable to $modSettings as well
  342. updatesettings(array('cache_enable' => (int) $_POST['cache_enable']));
  343. // exit so we reload our new settings on the page
  344. redirectexit('action=admin;area=serversettings;sa=cache;' . $context['session_var'] . '=' . $context['session_id']);
  345. }
  346. // if its off, allow them to clear it as well
  347. // @todo why only when its off ?
  348. if (empty($cache_enable))
  349. {
  350. loadLanguage('ManageMaintenance');
  351. createToken('admin-maint');
  352. $context['template_layers'][] = 'clean_cache_button';
  353. }
  354. $context['post_url'] = $scripturl . '?action=admin;area=serversettings;sa=cache;save';
  355. $context['settings_title'] = $txt['caching_settings'];
  356. $context['settings_message'] = $txt['caching_information'];
  357. // Prepare the template.
  358. createToken('admin-ssc');
  359. prepareServerSettingsContext($config_vars);
  360. }
  361. /**
  362. * Allows to edit load balancing settings.
  363. *
  364. * @param bool $return_config = false
  365. */
  366. function ModifyLoadBalancingSettings($return_config = false)
  367. {
  368. global $txt, $scripturl, $context, $settings, $modSettings;
  369. // Setup a warning message, but disabled by default.
  370. $disabled = true;
  371. $context['settings_message'] = $txt['loadavg_disabled_conf'];
  372. if (stripos(PHP_OS, 'win') === 0)
  373. $context['settings_message'] = $txt['loadavg_disabled_windows'];
  374. else
  375. {
  376. $modSettings['load_average'] = @file_get_contents('/proc/loadavg');
  377. if (!empty($modSettings['load_average']) && preg_match('~^([^ ]+?) ([^ ]+?) ([^ ]+)~', $modSettings['load_average'], $matches) !== 0)
  378. $modSettings['load_average'] = (float) $matches[1];
  379. elseif (($modSettings['load_average'] = @`uptime`) !== null && preg_match('~load averages?: (\d+\.\d+), (\d+\.\d+), (\d+\.\d+)~i', $modSettings['load_average'], $matches) !== 0)
  380. $modSettings['load_average'] = (float) $matches[1];
  381. else
  382. unset($modSettings['load_average']);
  383. if (!empty($modSettings['load_average']))
  384. {
  385. $context['settings_message'] = sprintf($txt['loadavg_warning'], $modSettings['load_average']);
  386. $disabled = false;
  387. }
  388. }
  389. // Start with a simple checkbox.
  390. $config_vars = array(
  391. array('check', 'loadavg_enable', 'disabled' => $disabled),
  392. );
  393. // Set the default values for each option.
  394. $default_values = array(
  395. 'loadavg_auto_opt' => '1.0',
  396. 'loadavg_search' => '2.5',
  397. 'loadavg_allunread' => '2.0',
  398. 'loadavg_unreadreplies' => '3.5',
  399. 'loadavg_show_posts' => '2.0',
  400. 'loadavg_userstats' => '10.0',
  401. 'loadavg_bbc' => '30.0',
  402. 'loadavg_forum' => '40.0',
  403. );
  404. // Loop through the settings.
  405. foreach ($default_values as $name => $value)
  406. {
  407. // Use the default value if the setting isn't set yet.
  408. $value = !isset($modSettings[$name]) ? $value : $modSettings[$name];
  409. $config_vars[] = array('text', $name, 'value' => $value, 'disabled' => $disabled);
  410. }
  411. call_integration_hook('integrate_loadavg_settings', array(&$config_vars));
  412. if ($return_config)
  413. return $config_vars;
  414. $context['post_url'] = $scripturl . '?action=admin;area=serversettings;sa=loads;save';
  415. $context['settings_title'] = $txt['load_balancing_settings'];
  416. // Saving?
  417. if (isset($_GET['save']))
  418. {
  419. // Stupidity is not allowed.
  420. foreach ($_POST as $key => $value)
  421. {
  422. if (strpos($key, 'loadavg') === 0 || $key === 'loadavg_enable')
  423. continue;
  424. elseif ($key == 'loadavg_auto_opt' && $value <= 1)
  425. $_POST['loadavg_auto_opt'] = '1.0';
  426. elseif ($key == 'loadavg_forum' && $value < 10)
  427. $_POST['loadavg_forum'] = '10.0';
  428. elseif ($value < 2)
  429. $_POST[$key] = '2.0';
  430. }
  431. call_integration_hook('integrate_save_loadavg_settings');
  432. saveDBSettings($config_vars);
  433. redirectexit('action=admin;area=serversettings;sa=loads;' . $context['session_var'] . '=' . $context['session_id']);
  434. }
  435. createToken('admin-ssc');
  436. createToken('admin-dbsc');
  437. prepareDBSettingContext($config_vars);
  438. }
  439. /**
  440. * Helper function, it sets up the context for the manage server settings.
  441. * - The basic usage of the six numbered key fields are
  442. * - array (0 ,1, 2, 3, 4, 5
  443. * 0 variable name - the name of the saved variable
  444. * 1 label - the text to show on the settings page
  445. * 2 saveto - file or db, where to save the variable name - value pair
  446. * 3 type - type of data to save, int, float, text, check
  447. * 4 size - false or field size
  448. * 5 help - '' or helptxt variable name
  449. * )
  450. *
  451. * the following named keys are also permitted
  452. * 'disabled' => 'postinput' => 'preinput' =>
  453. *
  454. * @param array $config_vars
  455. */
  456. function prepareServerSettingsContext(&$config_vars)
  457. {
  458. global $context, $modSettings;
  459. $context['config_vars'] = array();
  460. foreach ($config_vars as $identifier => $config_var)
  461. {
  462. if (!is_array($config_var) || !isset($config_var[1]))
  463. $context['config_vars'][] = $config_var;
  464. else
  465. {
  466. $varname = $config_var[0];
  467. global $$varname;
  468. // Set the subtext in case it's part of the label.
  469. // @todo Temporary. Preventing divs inside label tags.
  470. $divPos = strpos($config_var[1], '<div');
  471. $subtext = '';
  472. if ($divPos !== false)
  473. {
  474. $subtext = preg_replace('~</?div[^>]*>~', '', substr($config_var[1], $divPos));
  475. $config_var[1] = substr($config_var[1], 0, $divPos);
  476. }
  477. $context['config_vars'][$config_var[0]] = array(
  478. 'label' => $config_var[1],
  479. 'help' => isset($config_var[5]) ? $config_var[5] : '',
  480. 'type' => $config_var[3],
  481. 'size' => empty($config_var[4]) ? 0 : $config_var[4],
  482. 'data' => isset($config_var[4]) && is_array($config_var[4]) && $config_var[3] != 'select' ? $config_var[4] : array(),
  483. 'name' => $config_var[0],
  484. 'value' => $config_var[2] == 'file' ? htmlspecialchars($$varname) : (isset($modSettings[$config_var[0]]) ? htmlspecialchars($modSettings[$config_var[0]]) : (in_array($config_var[3], array('int', 'float')) ? 0 : '')),
  485. 'disabled' => !empty($context['settings_not_writable']) || !empty($config_var['disabled']),
  486. 'invalid' => false,
  487. 'subtext' => !empty($config_var['subtext']) ? $config_var['subtext'] : $subtext,
  488. 'javascript' => '',
  489. 'preinput' => !empty($config_var['preinput']) ? $config_var['preinput'] : '',
  490. 'postinput' => !empty($config_var['postinput']) ? $config_var['postinput'] : '',
  491. );
  492. // If this is a select box handle any data.
  493. if (!empty($config_var[4]) && is_array($config_var[4]))
  494. {
  495. // If it's associative
  496. $config_values = array_values($config_var[4]);
  497. if (isset($config_values[0]) && is_array($config_values[0]))
  498. $context['config_vars'][$config_var[0]]['data'] = $config_var[4];
  499. else
  500. {
  501. foreach ($config_var[4] as $key => $item)
  502. $context['config_vars'][$config_var[0]]['data'][] = array($key, $item);
  503. }
  504. }
  505. }
  506. }
  507. // Two tokens because saving these settings requires both saveSettings and saveDBSettings
  508. createToken('admin-ssc');
  509. createToken('admin-dbsc');
  510. }
  511. /**
  512. * Helper function, it sets up the context for database settings.
  513. * @todo see rev. 10406 from 2.1-requests
  514. *
  515. * @param array $config_vars
  516. */
  517. function prepareDBSettingContext(&$config_vars)
  518. {
  519. global $txt, $helptxt, $context, $modSettings, $sourcedir;
  520. loadLanguage('Help');
  521. $context['config_vars'] = array();
  522. $inlinePermissions = array();
  523. $bbcChoice = array();
  524. foreach ($config_vars as $config_var)
  525. {
  526. // HR?
  527. if (!is_array($config_var))
  528. $context['config_vars'][] = $config_var;
  529. else
  530. {
  531. // If it has no name it doesn't have any purpose!
  532. if (empty($config_var[1]))
  533. continue;
  534. // Special case for inline permissions
  535. if ($config_var[0] == 'permissions' && allowedTo('manage_permissions'))
  536. $inlinePermissions[] = $config_var[1];
  537. elseif ($config_var[0] == 'permissions')
  538. continue;
  539. // Are we showing the BBC selection box?
  540. if ($config_var[0] == 'bbc')
  541. $bbcChoice[] = $config_var[1];
  542. $context['config_vars'][$config_var[1]] = array(
  543. 'label' => isset($config_var['text_label']) ? $config_var['text_label'] : (isset($txt[$config_var[1]]) ? $txt[$config_var[1]] : (isset($config_var[3]) && !is_array($config_var[3]) ? $config_var[3] : '')),
  544. 'help' => isset($helptxt[$config_var[1]]) ? $config_var[1] : '',
  545. 'type' => $config_var[0],
  546. 'size' => !empty($config_var[2]) && !is_array($config_var[2]) ? $config_var[2] : (in_array($config_var[0], array('int', 'float')) ? 6 : 0),
  547. 'data' => array(),
  548. 'name' => $config_var[1],
  549. 'value' => isset($modSettings[$config_var[1]]) ? ($config_var[0] == 'select' ? $modSettings[$config_var[1]] : htmlspecialchars($modSettings[$config_var[1]])) : (in_array($config_var[0], array('int', 'float')) ? 0 : ''),
  550. 'disabled' => false,
  551. 'invalid' => !empty($config_var['invalid']),
  552. 'javascript' => '',
  553. 'var_message' => !empty($config_var['message']) && isset($txt[$config_var['message']]) ? $txt[$config_var['message']] : '',
  554. 'preinput' => isset($config_var['preinput']) ? $config_var['preinput'] : '',
  555. 'postinput' => isset($config_var['postinput']) ? $config_var['postinput'] : '',
  556. );
  557. // If this is a select box handle any data.
  558. if (!empty($config_var[2]) && is_array($config_var[2]))
  559. {
  560. // If we allow multiple selections, we need to adjust a few things.
  561. if ($config_var[0] == 'select' && !empty($config_var['multiple']))
  562. {
  563. $context['config_vars'][$config_var[1]]['name'] .= '[]';
  564. $context['config_vars'][$config_var[1]]['value'] = unserialize($context['config_vars'][$config_var[1]]['value']);
  565. }
  566. // If it's associative
  567. if (isset($config_var[2][0]) && is_array($config_var[2][0]))
  568. $context['config_vars'][$config_var[1]]['data'] = $config_var[2];
  569. else
  570. {
  571. foreach ($config_var[2] as $key => $item)
  572. $context['config_vars'][$config_var[1]]['data'][] = array($key, $item);
  573. }
  574. }
  575. // Finally allow overrides - and some final cleanups.
  576. foreach ($config_var as $k => $v)
  577. {
  578. if (!is_numeric($k))
  579. {
  580. if (substr($k, 0, 2) == 'on')
  581. $context['config_vars'][$config_var[1]]['javascript'] .= ' ' . $k . '="' . $v . '"';
  582. else
  583. $context['config_vars'][$config_var[1]][$k] = $v;
  584. }
  585. // See if there are any other labels that might fit?
  586. if (isset($txt['setting_' . $config_var[1]]))
  587. $context['config_vars'][$config_var[1]]['label'] = $txt['setting_' . $config_var[1]];
  588. elseif (isset($txt['groups_' . $config_var[1]]))
  589. $context['config_vars'][$config_var[1]]['label'] = $txt['groups_' . $config_var[1]];
  590. }
  591. // Set the subtext in case it's part of the label.
  592. // @todo Temporary. Preventing divs inside label tags.
  593. $divPos = strpos($context['config_vars'][$config_var[1]]['label'], '<div');
  594. if ($divPos !== false)
  595. {
  596. $context['config_vars'][$config_var[1]]['subtext'] = preg_replace('~</?div[^>]*>~', '', substr($context['config_vars'][$config_var[1]]['label'], $divPos));
  597. $context['config_vars'][$config_var[1]]['label'] = substr($context['config_vars'][$config_var[1]]['label'], 0, $divPos);
  598. }
  599. }
  600. }
  601. // If we have inline permissions we need to prep them.
  602. if (!empty($inlinePermissions) && allowedTo('manage_permissions'))
  603. {
  604. require_once($sourcedir . '/ManagePermissions.php');
  605. init_inline_permissions($inlinePermissions, isset($context['permissions_excluded']) ? $context['permissions_excluded'] : array());
  606. }
  607. // What about any BBC selection boxes?
  608. if (!empty($bbcChoice))
  609. {
  610. // What are the options, eh?
  611. $temp = parse_bbc(false);
  612. $bbcTags = array();
  613. foreach ($temp as $tag)
  614. $bbcTags[] = $tag['tag'];
  615. $bbcTags = array_unique($bbcTags);
  616. $totalTags = count($bbcTags);
  617. // The number of columns we want to show the BBC tags in.
  618. $numColumns = isset($context['num_bbc_columns']) ? $context['num_bbc_columns'] : 3;
  619. // Start working out the context stuff.
  620. $context['bbc_columns'] = array();
  621. $tagsPerColumn = ceil($totalTags / $numColumns);
  622. $col = 0; $i = 0;
  623. foreach ($bbcTags as $tag)
  624. {
  625. if ($i % $tagsPerColumn == 0 && $i != 0)
  626. $col++;
  627. $context['bbc_columns'][$col][] = array(
  628. 'tag' => $tag,
  629. // @todo 'tag_' . ?
  630. 'show_help' => isset($helptxt[$tag]),
  631. );
  632. $i++;
  633. }
  634. // Now put whatever BBC options we may have into context too!
  635. $context['bbc_sections'] = array();
  636. foreach ($bbcChoice as $bbc)
  637. {
  638. $context['bbc_sections'][$bbc] = array(
  639. 'title' => isset($txt['bbc_title_' . $bbc]) ? $txt['bbc_title_' . $bbc] : $txt['bbcTagsToUse_select'],
  640. 'disabled' => empty($modSettings['bbc_disabled_' . $bbc]) ? array() : $modSettings['bbc_disabled_' . $bbc],
  641. 'all_selected' => empty($modSettings['bbc_disabled_' . $bbc]),
  642. );
  643. }
  644. }
  645. call_integration_hook('integrate_prepare_db_settings', array(&$config_vars));
  646. createToken('admin-dbsc');
  647. }
  648. /**
  649. * Helper function. Saves settings by putting them in Settings.php or saving them in the settings table.
  650. *
  651. * - Saves those settings set from ?action=admin;area=serversettings.
  652. * - Requires the admin_forum permission.
  653. * - Contains arrays of the types of data to save into Settings.php.
  654. *
  655. * @param $config_vars
  656. */
  657. function saveSettings(&$config_vars)
  658. {
  659. global $boarddir, $sc, $cookiename, $modSettings, $user_settings;
  660. global $sourcedir, $context, $cachedir;
  661. validateToken('admin-ssc');
  662. // Fix the darn stupid cookiename! (more may not be allowed, but these for sure!)
  663. if (isset($_POST['cookiename']))
  664. $_POST['cookiename'] = preg_replace('~[,;\s\.$]+~' . ($context['utf8'] ? 'u' : ''), '', $_POST['cookiename']);
  665. // Fix the forum's URL if necessary.
  666. if (isset($_POST['boardurl']))
  667. {
  668. if (substr($_POST['boardurl'], -10) == '/index.php')
  669. $_POST['boardurl'] = substr($_POST['boardurl'], 0, -10);
  670. elseif (substr($_POST['boardurl'], -1) == '/')
  671. $_POST['boardurl'] = substr($_POST['boardurl'], 0, -1);
  672. if (substr($_POST['boardurl'], 0, 7) != 'http://' && substr($_POST['boardurl'], 0, 7) != 'file://' && substr($_POST['boardurl'], 0, 8) != 'https://')
  673. $_POST['boardurl'] = 'http://' . $_POST['boardurl'];
  674. }
  675. // Any passwords?
  676. $config_passwords = array(
  677. 'db_passwd',
  678. 'ssi_db_passwd',
  679. );
  680. // All the strings to write.
  681. $config_strs = array(
  682. 'mtitle', 'mmessage',
  683. 'language', 'mbname', 'boardurl',
  684. 'cookiename',
  685. 'webmaster_email',
  686. 'db_name', 'db_user', 'db_server', 'db_prefix', 'ssi_db_user',
  687. 'boarddir', 'sourcedir',
  688. 'cachedir', 'cache_accelerator', 'cache_memcached',
  689. );
  690. // All the numeric variables.
  691. $config_ints = array(
  692. 'cache_enable',
  693. );
  694. // All the checkboxes.
  695. $config_bools = array(
  696. 'db_persist', 'db_error_send',
  697. 'maintenance',
  698. );
  699. // Now sort everything into a big array, and figure out arrays and etc.
  700. $new_settings = array();
  701. foreach ($config_passwords as $config_var)
  702. {
  703. if (isset($_POST[$config_var][1]) && $_POST[$config_var][0] == $_POST[$config_var][1])
  704. $new_settings[$config_var] = '\'' . addcslashes($_POST[$config_var][0], '\'\\') . '\'';
  705. }
  706. foreach ($config_strs as $config_var)
  707. {
  708. if (isset($_POST[$config_var]))
  709. $new_settings[$config_var] = '\'' . addcslashes($_POST[$config_var], '\'\\') . '\'';
  710. }
  711. foreach ($config_ints as $config_var)
  712. {
  713. if (isset($_POST[$config_var]))
  714. $new_settings[$config_var] = (int) $_POST[$config_var];
  715. }
  716. foreach ($config_bools as $key)
  717. {
  718. if (!empty($_POST[$key]))
  719. $new_settings[$key] = '1';
  720. else
  721. $new_settings[$key] = '0';
  722. }
  723. // Save the relevant settings in the Settings.php file.
  724. require_once($sourcedir . '/Subs-Admin.php');
  725. updateSettingsFile($new_settings);
  726. // Now loop through the remaining (database-based) settings.
  727. $new_settings = array();
  728. foreach ($config_vars as $config_var)
  729. {
  730. // We just saved the file-based settings, so skip their definitions.
  731. if (!is_array($config_var) || $config_var[2] == 'file')
  732. continue;
  733. // Rewrite the definition a bit.
  734. $new_settings[] = array($config_var[3], $config_var[0]);
  735. }
  736. // Save the new database-based settings, if any.
  737. if (!empty($new_settings))
  738. saveDBSettings($new_settings);
  739. }
  740. /**
  741. * Helper function for saving database settings.
  742. * @todo see rev. 10406 from 2.1-requests
  743. *
  744. * @param array $config_vars
  745. */
  746. function saveDBSettings(&$config_vars)
  747. {
  748. global $sourcedir, $context;
  749. validateToken('admin-dbsc');
  750. $inlinePermissions = array();
  751. foreach ($config_vars as $var)
  752. {
  753. if (!isset($var[1]) || (!isset($_POST[$var[1]]) && $var[0] != 'check' && $var[0] != 'permissions' && ($var[0] != 'bbc' || !isset($_POST[$var[1] . '_enabledTags']))))
  754. continue;
  755. // Checkboxes!
  756. elseif ($var[0] == 'check')
  757. $setArray[$var[1]] = !empty($_POST[$var[1]]) ? '1' : '0';
  758. // Select boxes!
  759. elseif ($var[0] == 'select' && in_array($_POST[$var[1]], array_keys($var[2])))
  760. $setArray[$var[1]] = $_POST[$var[1]];
  761. elseif ($var[0] == 'select' && !empty($var['multiple']) && array_intersect($_POST[$var[1]], array_keys($var[2])) != array())
  762. {
  763. // For security purposes we validate this line by line.
  764. $options = array();
  765. foreach ($_POST[$var[1]] as $invar)
  766. if (in_array($invar, array_keys($var[2])))
  767. $options[] = $invar;
  768. $setArray[$var[1]] = serialize($options);
  769. }
  770. // Integers!
  771. elseif ($var[0] == 'int')
  772. $setArray[$var[1]] = (int) $_POST[$var[1]];
  773. // Floating point!
  774. elseif ($var[0] == 'float')
  775. $setArray[$var[1]] = (float) $_POST[$var[1]];
  776. // Text!
  777. elseif ($var[0] == 'text' || $var[0] == 'large_text')
  778. $setArray[$var[1]] = $_POST[$var[1]];
  779. // Passwords!
  780. elseif ($var[0] == 'password')
  781. {
  782. if (isset($_POST[$var[1]][1]) && $_POST[$var[1]][0] == $_POST[$var[1]][1])
  783. $setArray[$var[1]] = $_POST[$var[1]][0];
  784. }
  785. // BBC.
  786. elseif ($var[0] == 'bbc')
  787. {
  788. $bbcTags = array();
  789. foreach (parse_bbc(false) as $tag)
  790. $bbcTags[] = $tag['tag'];
  791. if (!isset($_POST[$var[1] . '_enabledTags']))
  792. $_POST[$var[1] . '_enabledTags'] = array();
  793. elseif (!is_array($_POST[$var[1] . '_enabledTags']))
  794. $_POST[$var[1] . '_enabledTags'] = array($_POST[$var[1] . '_enabledTags']);
  795. $setArray[$var[1]] = implode(',', array_diff($bbcTags, $_POST[$var[1] . '_enabledTags']));
  796. }
  797. // Permissions?
  798. elseif ($var[0] == 'permissions')
  799. $inlinePermissions[] = $var[1];
  800. }
  801. if (!empty($setArray))
  802. updateSettings($setArray);
  803. // If we have inline permissions we need to save them.
  804. if (!empty($inlinePermissions) && allowedTo('manage_permissions'))
  805. {
  806. require_once($sourcedir . '/ManagePermissions.php');
  807. save_inline_permissions($inlinePermissions);
  808. }
  809. }
  810. /**
  811. * Allows us to see the servers php settings
  812. *
  813. * - loads the settings into an array for display in a template
  814. * - drops cookie values just in case
  815. */
  816. function ShowPHPinfoSettings()
  817. {
  818. global $context, $txt;
  819. $info_lines = array();
  820. $category = $txt['phpinfo_settings'];
  821. // get the data
  822. ob_start();
  823. phpinfo();
  824. // We only want it for its body, pigs that we are
  825. $info_lines = preg_replace('~^.*<body>(.*)</body>.*$~', '$1', ob_get_contents());
  826. $info_lines = explode("\n", strip_tags($info_lines, "<tr><td><h2>"));
  827. ob_end_clean();
  828. // remove things that could be considered sensative
  829. $remove = '_COOKIE|Cookie|_GET|_REQUEST|REQUEST_URI|QUERY_STRING|REQUEST_URL|HTTP_REFERER';
  830. // put all of it into an array
  831. foreach ($info_lines as $line)
  832. {
  833. if (preg_match('~(' . $remove . ')~', $line))
  834. continue;
  835. // new category?
  836. if (strpos($line, '<h2>') !== false)
  837. $category = preg_match('~<h2>(.*)</h2>~', $line, $title) ? $category = $title[1] : $category;
  838. // load it as setting => value or the old setting local master
  839. if (preg_match('~<tr><td[^>]+>([^<]*)</td><td[^>]+>([^<]*)</td></tr>~', $line, $val))
  840. $pinfo[$category][$val[1]] = $val[2];
  841. elseif (preg_match('~<tr><td[^>]+>([^<]*)</td><td[^>]+>([^<]*)</td><td[^>]+>([^<]*)</td></tr>~', $line, $val))
  842. $pinfo[$category][$val[1]] = array($txt['phpinfo_localsettings'] => $val[2], $txt['phpinfo_defaultsettings'] => $val[3]);
  843. }
  844. // load it in to context and display it
  845. $context['pinfo'] = $pinfo;
  846. $context['page_title'] = $txt['admin_server_settings'];
  847. $context['sub_template'] = 'php_info';
  848. return;
  849. }
  850. ?>