function prefs_list($message = '') { global $textarray; echo pagetop(gTxt('edit_preferences'), $message); extract(get_prefs()); $locale = setlocale(LC_ALL, $locale); $textarray = load_lang($language); echo n . n . '<form method="post" action="index.php">' . n . n . startTable('list') . n . n . tr(tdcs(hed(gTxt('site_prefs'), 1), 3)) . n . n . tr(tdcs(sLink('prefs', 'prefs_list', gTxt('site_prefs'), 'navlink-active') . sp . sLink('prefs', 'advanced_prefs', gTxt('advanced_preferences'), 'navlink') . sp . sLink('prefs', 'list_languages', gTxt('manage_languages'), 'navlink'), '3')); $evt_list = safe_column('event', 'txp_prefs', "type = 0 and prefs_id = 1 group by event order by event desc"); foreach ($evt_list as $event) { $rs = safe_rows_start('*', 'txp_prefs', "type = 0 and prefs_id = 1 and event = '" . doSlash($event) . "' order by position"); $cur_evt = ''; while ($a = nextRow($rs)) { if ($a['event'] != $cur_evt) { $cur_evt = $a['event']; if ($cur_evt == 'comments' && !$use_comments) { continue; } echo n . n . tr(tdcs(hed(gTxt($a['event']), 2, ' class="pref-heading"'), 3)); } if ($cur_evt == 'comments' && !$use_comments) { continue; } // Skip old settings that don't have an input type if (!is_callable($a['html'])) { continue; } $label = $a['html'] != 'yesnoradio' ? '<label for="' . $a['name'] . '">' . gTxt($a['name']) . '</label>' : gTxt($a['name']); $out = tda($label, ' style="text-align: right; vertical-align: middle;"'); if ($a['html'] == 'text_input') { $out .= td(pref_func('text_input', $a['name'], $a['val'], 20)); } else { $out .= td(pref_func($a['html'], $a['name'], $a['val'])); } $out .= tda(popHelp($a['name']), ' style="vertical-align: middle;"'); echo tr($out); } } echo n . n . tr(tda(fInput('submit', 'Submit', gTxt('save_button'), 'publish') . n . sInput('prefs_save') . n . eInput('prefs') . n . hInput('prefs_id', '1'), ' colspan="3" class="noline"')) . n . n . endTable() . n . n . '</form>'; $check_updates = gps('check_updates'); if ($check_updates) { $updates = checkUpdates(); if (is_array($updates)) { $out = join(br, $updates); } else { $out = $updates; } echo n . n . startTable('edit') . n . n . tr(tda($out)) . n . n . endTable(); } else { echo form(graf('<strong>' . gTxt('check_for_txp_updates') . '</strong>' . sp . n . '<input type="submit" name="check_updates" value="' . gTxt('go') . '" class="publish" />' . n . eInput('prefs') . n . sInput('prefs_list')), 'text-align: center;'); } }
function prefs_list($message = '') { global $textarray; extract(get_prefs()); $locale = setlocale(LC_ALL, $locale); $textarray = load_lang($language); echo pagetop(gTxt('edit_preferences'), $message), '<form action="index.php" method="post">', startTable('list'), tr(tdcs(hed(gTxt('site_prefs'), 1), 3)), tr(tdcs(sLink('prefs', 'advanced_prefs', gTxt('advanced_preferences'), 'navlink') . sp . sLink('prefs', 'list_languages', gTxt('manage_languages'), 'navlink'), '3')); $evt_list = safe_column('event', 'txp_prefs', "type='0' AND prefs_id='1' GROUP BY 'event' ORDER BY 'event' DESC"); foreach ($evt_list as $event) { $rs = safe_rows_start('*', 'txp_prefs', "type='0' AND prefs_id='1' AND event='{$event}' ORDER BY 'position'"); $cur_evt = ''; while ($a = nextRow($rs)) { if ($a['event'] != $cur_evt) { $cur_evt = $a['event']; if ($cur_evt == 'comments' && !$use_comments) { continue; } echo tr(tdcs(hed(gTxt($a['event']), 1), 3)); } if ($cur_evt == 'comments' && !$use_comments) { continue; } # Skip old settings that don't have an input type if (!is_callable($a['html'])) { continue; } $out = tda(gTxt($a['name']), ' style="text-align:right;vertical-align:middle"'); if ($a['html'] == 'text_input') { $size = 20; $out .= td(pref_func('text_input', $a['name'], $a['val'], $size)); } else { $out .= td(pref_func($a['html'], $a['name'], $a['val'])); } $out .= tda(popHelp($a['name']), ' style="vertical-align:middle"'); echo tr($out); } } echo tr(tda(fInput('submit', 'Submit', gTxt('save_button'), 'publish'), ' colspan="3" class="noline"')), endTable(), sInput('prefs_save'), eInput('prefs'), hInput('prefs_id', "1"), hInput('lastmod', "now()"), '</form>'; $check_updates = gps('check_updates'); if (!empty($check_updates)) { $updates = checkUpdates(); if (is_array($updates)) { $out = join(br, $updates); } else { $out = $updates; } echo startTable('edit'), tr(tda($out)), endTable(); } else { echo startTable('edit'), form(tr(tda(tag(gTxt('check_for_txp_updates'), 'strong'), ' style="text-align:right;vertical-align:middle"') . tda('<input type="submit" value="' . gTxt('go') . '" name="check_updates" class="publish" />')) . eInput('prefs') . sInput('prefs_list')), endTable(); } }
/** * Outputs a diagnostics report. * * This is the main panel. */ function doDiagnostics() { global $prefs, $files, $txpcfg, $event, $step, $theme, $DB; extract(get_prefs()); $urlparts = parse_url(hu); $mydomain = $urlparts['host']; $is_apache = stristr(serverSet('SERVER_SOFTWARE'), 'Apache') || is_callable('apache_get_version'); $real_doc_root = isset($_SERVER['DOCUMENT_ROOT']) ? realpath($_SERVER['DOCUMENT_ROOT']) : ''; // ini_get() returns string values passed via php_value as a string, not boolean. $is_register_globals = (strcasecmp(ini_get('register_globals'), 'on') === 0 or ini_get('register_globals') === '1'); // Check for Textpattern updates, at most once every 24 hours. $now = time(); $updateInfo = unserialize(get_pref('last_update_check', '')); if (!$updateInfo || $now > $updateInfo['when'] + 60 * 60 * 24) { $updates = checkUpdates(); $updateInfo['msg'] = $updates ? gTxt($updates['msg'], array('{version}' => $updates['version'])) : ''; $updateInfo['when'] = $now; set_pref('last_update_check', serialize($updateInfo), 'publish', PREF_HIDDEN, 'text_input'); } $fail = array(); if (!empty($updateInfo['msg'])) { $fail['textpattern_version_update'] = diag_msg_wrap($updateInfo['msg'], 'information'); } if (!is_callable('version_compare') || version_compare(PHP_VERSION, REQUIRED_PHP_VERSION, '<')) { $fail['php_version_required'] = diag_msg_wrap(gTxt('php_version_required', array('{version}' => REQUIRED_PHP_VERSION))); } if (!isset($path_to_site)) { $fail['path_to_site_missing'] = diag_msg_wrap(gTxt('path_to_site_missing'), 'warning'); } if (@gethostbyname($mydomain) === $mydomain) { $fail['dns_lookup_fails'] = diag_msg_wrap(gTxt('dns_lookup_fails') . cs . $mydomain, 'warning'); } if (!@is_dir($path_to_site)) { $fail['path_to_site_inacc'] = diag_msg_wrap(gTxt('path_to_site_inacc') . cs . $path_to_site); } if (rtrim($siteurl, '/') != $siteurl) { $fail['site_trailing_slash'] = diag_msg_wrap(gTxt('site_trailing_slash') . cs . $path_to_site, 'warning'); } if (!@is_file($path_to_site . "/index.php") || !@is_readable($path_to_site . "/index.php")) { $fail['index_inaccessible'] = diag_msg_wrap("{$path_to_site}/index.php " . gTxt('is_inaccessible')); } $not_readable = array(); if (!@is_writable($path_to_site . '/' . $img_dir)) { $not_readable[] = diag_msg_wrap(str_replace('{dirtype}', gTxt('img_dir'), gTxt('dir_not_writable')) . ": {$path_to_site}/{$img_dir}", 'warning'); } if (!@is_writable($file_base_path)) { $not_readable[] = diag_msg_wrap(str_replace('{dirtype}', gTxt('file_base_path'), gTxt('dir_not_writable')) . ": {$file_base_path}", 'warning'); } if (!@is_writable($tempdir)) { $not_readable[] = diag_msg_wrap(str_replace('{dirtype}', gTxt('tempdir'), gTxt('dir_not_writable')) . ": {$tempdir}", 'warning'); } if ($not_readable) { $fail['dir_not_writable'] = join(n, $not_readable); } if ($permlink_mode != 'messy' && !$is_apache) { $fail['cleanurl_only_apache'] = diag_msg_wrap(gTxt('cleanurl_only_apache'), 'information'); } if ($permlink_mode != 'messy' and !@is_readable($path_to_site . '/.htaccess')) { $fail['htaccess_missing'] = diag_msg_wrap(gTxt('htaccess_missing')); } if ($permlink_mode != 'messy' and is_callable('apache_get_modules') and !apache_module('mod_rewrite')) { $fail['mod_rewrite_missing'] = diag_msg_wrap(gTxt('mod_rewrite_missing')); } if (!ini_get('file_uploads')) { $fail['file_uploads_disabled'] = diag_msg_wrap(gTxt('file_uploads_disabled'), 'information'); } if (@is_dir(txpath . DS . 'setup')) { $fail['setup_still_exists'] = diag_msg_wrap(txpath . DS . "setup" . DS . ' ' . gTxt('still_exists'), 'warning'); } if (empty($tempdir)) { $fail['no_temp_dir'] = diag_msg_wrap(gTxt('no_temp_dir'), 'warning'); } if (is_disabled('mail')) { $fail['warn_mail_unavailable'] = diag_msg_wrap(gTxt('warn_mail_unavailable'), 'warning'); } if ($is_register_globals) { $fail['warn_register_globals_or_update'] = diag_msg_wrap(gTxt('warn_register_globals_or_update'), 'warning'); } if ($permlink_mode != 'messy') { $rs = safe_column("name", "txp_section", "1"); foreach ($rs as $name) { if ($name and @file_exists($path_to_site . '/' . $name)) { $fail['old_placeholder_exists'] = diag_msg_wrap(gTxt('old_placeholder') . ": {$path_to_site}/{$name}"); } } } $cs = check_file_integrity(INTEGRITY_REALPATH); if (!$cs) { $cs = array(); } // Files that don't match their checksums. if ($modified_files = array_keys($cs, INTEGRITY_MODIFIED)) { $fail['modified_files'] = diag_msg_wrap(gTxt('modified_files') . cs . n . t . join(', ' . n . t, $modified_files), 'warning'); } // Running development code in live mode is not recommended. if (preg_match('/-dev$/', txp_version) and $production_status == 'live') { $fail['dev_version_live'] = diag_msg_wrap(gTxt('dev_version_live'), 'warning'); } // Missing files. if ($missing = array_merge(array_keys($cs, INTEGRITY_MISSING), array_keys($cs, INTEGRITY_NOT_FILE), array_keys($cs, INTEGRITY_NOT_READABLE))) { $fail['missing_files'] = diag_msg_wrap(gTxt('missing_files') . cs . n . t . join(', ' . n . t, $missing)); } // Anything might break if arbitrary functions are disabled. if (ini_get('disable_functions')) { $disabled_funcs = array_map('trim', explode(',', ini_get('disable_functions'))); // Commonly disabled functions that we don't need. $disabled_funcs = array_diff($disabled_funcs, array('imagefilltoborder', 'escapeshellarg', 'escapeshellcmd', 'exec', 'passthru', 'proc_close', 'proc_get_status', 'proc_nice', 'proc_open', 'proc_terminate', 'shell_exec', 'system', 'popen', 'dl', 'chown')); if ($disabled_funcs) { $fail['some_php_functions_disabled'] = diag_msg_wrap(gTxt('some_php_functions_disabled') . cs . join(', ', $disabled_funcs), 'warning'); } } // Not sure about this one. // if (strncmp(php_sapi_name(), 'cgi', 3) == 0 and ini_get('cgi.rfc2616_headers')) // $fail['cgi_header_config'] = gTxt('cgi_header_config'); $guess_site_url = $_SERVER['HTTP_HOST'] . preg_replace('#[/\\\\]$#', '', dirname(dirname($_SERVER['SCRIPT_NAME']))); if ($siteurl and strip_prefix($siteurl, 'www.') != strip_prefix($guess_site_url, 'www.')) { $fail['site_url_mismatch'] = diag_msg_wrap(gTxt('site_url_mismatch') . cs . $guess_site_url, 'warning'); } // Test clean URL server vars. if (hu) { if (ini_get('allow_url_fopen') and $permlink_mode != 'messy') { $s = md5(uniqid(rand(), true)); ini_set('default_socket_timeout', 10); $pretext_data = @file(hu . $s . '/?txpcleantest=1'); if ($pretext_data) { $pretext_req = trim(@$pretext_data[0]); if ($pretext_req != md5('/' . $s . '/?txpcleantest=1')) { $fail['clean_url_data_failed'] = diag_msg_wrap(gTxt('clean_url_data_failed') . cs . txpspecialchars($pretext_req), 'warning'); } } else { $fail['clean_url_test_failed'] = diag_msg_wrap(gTxt('clean_url_test_failed'), 'warning'); } } } if ($tables = list_txp_tables()) { $table_errors = check_tables($tables); if ($table_errors) { $fail['mysql_table_errors'] = diag_msg_wrap(gTxt('mysql_table_errors') . cs . n . t . join(', ' . n . t, $table_errors)); } } $active_plugins = array(); if ($rows = safe_rows('name, version, code_md5, md5(code) as md5', 'txp_plugin', 'status > 0')) { foreach ($rows as $row) { $n = $row['name'] . '-' . $row['version']; if (strtolower($row['md5']) != strtolower($row['code_md5'])) { $n .= 'm'; } $active_plugins[] = $n; } } $theme_manifest = $theme->manifest(); // Check GD info. if (function_exists('gd_info')) { $gd_info = gd_info(); $gd_support = array(); if ($gd_info['GIF Create Support']) { $gd_support[] = 'GIF'; } // Aside: In PHP 5.3, they chose to add a previously unemployed capital "E" to the array key. if (!empty($gd_info['JPEG Support']) || !empty($gd_info['JPG Support'])) { $gd_support[] = 'JPG'; } if ($gd_info['PNG Support']) { $gd_support[] = 'PNG'; } if ($gd_support) { $gd_support = join(', ', $gd_support); } else { $gd_support = gTxt('none'); } $gd = gTxt('gd_info', array('{version}' => $gd_info['GD Version'], '{supported}' => $gd_support)); } else { $gd = gTxt('gd_unavailable'); } if (realpath($prefs['tempdir']) === realpath($prefs['plugin_cache_dir'])) { $fail['tmp_plugin_paths_match'] = diag_msg_wrap(gTxt('tmp_plugin_paths_match')); } // Database server time. extract(doSpecial(getRow('select @@global.time_zone as db_global_timezone, @@session.time_zone as db_session_timezone, now() as db_server_time, unix_timestamp(now()) as db_server_timestamp'))); $db_server_timeoffset = $db_server_timestamp - $now; echo pagetop(gTxt('tab_diagnostics'), ''); echo hed(gTxt('tab_diagnostics'), 1, array('class' => 'txp-heading')); echo n . '<div id="' . $event . '_container" class="txp-container">' . n . '<div id="pre_flight_check">' . hed(gTxt('preflight_check'), 2); if ($fail) { foreach ($fail as $help => $message) { echo graf(nl2br($message) . popHelp($help)); } } else { echo graf(diag_msg_wrap(gTxt('all_checks_passed'), 'success')); } echo '</div>'; echo '<div id="diagnostics">', hed(gTxt('diagnostic_info'), 2); $fmt_date = '%Y-%m-%d %H:%M:%S'; $out = array('<p><textarea class="code" id="diagnostics-detail" cols="' . INPUT_LARGE . '" rows="' . TEXTAREA_HEIGHT_LARGE . '" dir="ltr" readonly>', gTxt('txp_version') . cs . txp_version . ' (' . check_file_integrity(INTEGRITY_DIGEST) . ')' . n, gTxt('last_update') . cs . gmstrftime($fmt_date, $dbupdatetime) . '/' . gmstrftime($fmt_date, @filemtime(txpath . '/update/_update.php')) . n, gTxt('document_root') . cs . @$_SERVER['DOCUMENT_ROOT'] . ($real_doc_root != @$_SERVER['DOCUMENT_ROOT'] ? ' (' . $real_doc_root . ')' : '') . n, '$path_to_site' . cs . $path_to_site . n, gTxt('txp_path') . cs . txpath . n, gTxt('permlink_mode') . cs . $permlink_mode . n, ini_get('open_basedir') ? 'open_basedir: ' . ini_get('open_basedir') . n : '', ini_get('upload_tmp_dir') ? 'upload_tmp_dir: ' . ini_get('upload_tmp_dir') . n : '', gTxt('tempdir') . cs . $tempdir . n, gTxt('web_domain') . cs . $siteurl . n, gTxt('php_version') . cs . phpversion() . n, $is_register_globals ? gTxt('register_globals') . cs . $is_register_globals . n : '', gTxt('gd_library') . cs . $gd . n, gTxt('server') . ' TZ: ' . Txp::get('Textpattern_Date_Timezone')->getTimeZone() . n, gTxt('server_time') . cs . strftime('%Y-%m-%d %H:%M:%S') . n, strip_tags(gTxt('is_dst')) . cs . $is_dst . n, strip_tags(gTxt('auto_dst')) . cs . $auto_dst . n, strip_tags(gTxt('gmtoffset')) . cs . $timezone_key . sp . "({$gmtoffset})" . n, 'MySQL' . cs . mysql_get_server_info() . n, gTxt('db_server_time') . cs . $db_server_time . n, gTxt('db_server_timeoffset') . cs . $db_server_timeoffset . ' s' . n, gTxt('db_global_timezone') . cs . $db_global_timezone . n, gTxt('db_session_timezone') . cs . $db_session_timezone . n, gTxt('locale') . cs . $locale . n, isset($_SERVER['SERVER_SOFTWARE']) ? gTxt('server') . cs . $_SERVER['SERVER_SOFTWARE'] . n : '', is_callable('apache_get_version') ? gTxt('apache_version') . cs . @apache_get_version() . n : '', gTxt('php_sapi_mode') . cs . PHP_SAPI . n, gTxt('rfc2616_headers') . cs . ini_get('cgi.rfc2616_headers') . n, gTxt('os_version') . cs . php_uname('s') . ' ' . php_uname('r') . n, $active_plugins ? gTxt('active_plugins') . cs . join(', ', $active_plugins) . n : '', gTxt('theme_name') . cs . $theme_name . sp . $theme_manifest['version'] . n, $fail ? n . gTxt('preflight_check') . cs . n . ln . join("\n", doStripTags($fail)) . n . ln : '', is_readable($path_to_site . '/.htaccess') ? n . gTxt('htaccess_contents') . cs . n . ln . txpspecialchars(join('', file($path_to_site . '/.htaccess'))) . n . ln : ''); if ($step == 'high') { $out[] = n . 'Charset (default/config)' . cs . $DB->default_charset . '/' . $DB->charset . n; $result = safe_query("SHOW variables like 'character_se%'"); while ($row = mysql_fetch_row($result)) { $out[] = $row[0] . cs . $row[1] . n; if ($row[0] == 'character_set_connection') { $conn_char = $row[1]; } } $table_names = array(PFX . 'textpattern'); $result = safe_query("SHOW TABLES LIKE '" . PFX . "txp\\_%'"); while ($row = mysql_fetch_row($result)) { $table_names[] = $row[0]; } $table_msg = array(); foreach ($table_names as $table) { $ctr = safe_query("SHOW CREATE TABLE " . $table . ""); if (!$ctr) { unset($table_names[$table]); continue; } $ctcharset = preg_replace('#^CREATE TABLE.*SET=([^ ]+)[^)]*$#is', '\\1', mysql_result($ctr, 0, 'Create Table')); if (isset($conn_char) && !stristr($ctcharset, 'CREATE') && $conn_char != $ctcharset) { $table_msg[] = "{$table} is {$ctcharset}"; } $ctr = safe_query("CHECK TABLE " . $table); if (in_array(mysql_result($ctr, 0, 'Msg_type'), array('error', 'warning'))) { $table_msg[] = $table . cs . mysql_result($ctr, 0, 'Msg_Text'); } } if ($table_msg == array()) { $table_msg = count($table_names) < 17 ? array('-') : array('OK'); } $out[] = count($table_names) . ' Tables' . cs . implode(', ', $table_msg) . n; $cf = preg_grep('/^custom_\\d+/', getThings('describe `' . PFX . 'textpattern`')); $out[] = n . get_pref('max_custom_fields', 10) . sp . gTxt('custom') . cs . implode(', ', $cf) . sp . '(' . count($cf) . ')' . n; $extns = get_loaded_extensions(); $extv = array(); foreach ($extns as $e) { $extv[] = $e . (phpversion($e) ? '/' . phpversion($e) : ''); } $out[] = n . gTxt('php_extensions') . cs . join(', ', $extv) . n; if (is_callable('apache_get_modules')) { $out[] = n . gTxt('apache_modules') . cs . join(', ', apache_get_modules()) . n; } if (@is_array($pretext_data) and count($pretext_data) > 1) { $out[] = n . gTxt('pretext_data') . cs . txpspecialchars(join('', array_slice($pretext_data, 1, 20))) . n; } $out[] = n; if ($md5s = check_file_integrity(INTEGRITY_MD5)) { foreach ($md5s as $f => $checksum) { $out[] = $f . cs . n . t . (!$checksum ? gTxt('unknown') : $checksum) . n; } } $out[] = n . ln; } $out[] = callback_event('diag_results', $step) . n; $out[] = '</textarea></p>'; $dets = array('low' => gTxt('low'), 'high' => gTxt('high')); $out[] = form(graf(eInput('diag') . n . '<label>' . gTxt('detail') . '</label>' . selectInput('step', $dets, $step, 0, 1))); echo join('', $out), '</div>', '</div>'; }
function prefs_list($message = '') { global $prefs; extract($prefs); // Read real DB value instead of potentially 'stale' $prefs array when value has just changed $use_comments = safe_field('val', 'txp_prefs', "name='use_comments'"); echo pagetop(gTxt('edit_preferences'), $message); $locale = setlocale(LC_ALL, $locale); echo n . '<div id="prefs_container" class="txp-container txp-list">' . n . n . '<form method="post" class="prefs-form basic" action="index.php">' . n . n . startTable('list', '', 'list') . n . n . tr(tdcs(hed(gTxt('site_prefs'), 2), 3)) . n . n . tr(tdcs(sLink('prefs', 'prefs_list', gTxt('site_prefs'), 'navlink-active') . sp . sLink('prefs', 'advanced_prefs', gTxt('advanced_preferences'), 'navlink') . sp . sLink('prefs', 'list_languages', gTxt('manage_languages'), 'navlink'), '3', '', 'nav-tertiary')); $evt_list = safe_column('event', 'txp_prefs', "type = 0 and prefs_id = 1 group by event order by event desc"); foreach ($evt_list as $event) { $rs = safe_rows_start('*', 'txp_prefs', "type = 0 and prefs_id = 1 and event = '" . doSlash($event) . "' order by position"); $cur_evt = ''; while ($a = nextRow($rs)) { if ($a['event'] != $cur_evt) { $cur_evt = $a['event']; $ctr = 1; if ($cur_evt == 'comments' && !$use_comments) { continue; } echo n . n . tr(tdcs(hed(gTxt($a['event']), 3, ' class="pref-heading ' . $a['event'] . '-prefs"'), 3)); } if ($cur_evt == 'comments' && !$use_comments) { continue; } // Skip old settings that don't have an input type if (!is_callable($a['html'])) { continue; } $label = $a['html'] != 'yesnoradio' ? '<label for="' . $a['name'] . '">' . gTxt($a['name']) . '</label>' : gTxt($a['name']); $out = tda($label, ' style="text-align: right; vertical-align: middle;" class="pref-label"'); if ($a['html'] == 'text_input') { $out .= td(pref_func('text_input', $a['name'], $a['val'], 20), '', 'pref-value'); } else { $out .= td(pref_func($a['html'], $a['name'], $a['val']), '', 'pref-value'); } $out .= tda(popHelp($a['name']), ' style="vertical-align: middle;"'); echo tr($out, " id='prefs-{$a['name']}' class='{$a['event']}-prefs " . ($ctr % 2 == 0 ? 'even' : 'odd') . "'"); $ctr++; } } echo n . n . tr(tda(fInput('submit', 'Submit', gTxt('save_button'), 'publish') . n . sInput('prefs_save') . n . eInput('prefs') . n . hInput('prefs_id', '1'), ' colspan="3" class="noline"')) . n . n . endTable() . n . n . '</form>' . n . '</div>'; $check_updates = gps('check_updates'); echo '<div id="prefs_control" class="txp-control-panel">'; if ($check_updates) { $updates = checkUpdates(); if (is_array($updates)) { $out = join(br, $updates); } else { $out = $updates; } echo n . n . startTable('edit') . n . n . tr(tda($out)) . n . n . endTable(); } else { echo form(graf('<strong>' . gTxt('check_for_txp_updates') . '</strong>' . sp . n . '<input type="submit" name="check_updates" value="' . gTxt('go') . '" class="smallerbox" />' . n . eInput('prefs') . n . sInput('prefs_list')), 'text-align: center;'); } echo '</div>'; }
if (isset($_POST["notesRequest_Type"])) { if ($_POST["notesRequest_Type"] == "page") { if (ctype_digit($_POST["notesRequest_LastGroupNo"]) && ctype_digit($_POST["noteRequest_Page"])) { getNotesPage($conn, $_POST["notesRequest_LastGroupNo"], $_POST["noteRequest_Page"]); } } else { if ($_POST["notesRequest_Type"] == "remove") { if (ctype_digit($_POST["noteNo"])) { removeNote($conn, $_POST["noteNo"]); } } else { if ($_POST["notesRequest_Type"] == "elementno") { if (ctype_digit($_POST["notesRequest_Elements"])) { getNotesElementNo($conn, $_POST["notesRequest_Elements"]); } } else { if ($_POST["notesRequest_Type"] == "checkupdate") { checkUpdates($conn, $_POST["notesRequest_CheckNotes"]); } else { if ($_POST["notesRequest_Type"] == "add") { insertNote($conn); } else { if ($_POST["notesRequest_Type"] == "update") { updateNote($conn); } } } } } } }
function doDiagnostics() { global $prefs, $files, $txpcfg, $event, $step, $theme; extract(get_prefs()); $urlparts = parse_url(hu); $mydomain = $urlparts['host']; $server_software = @$_SERVER['SERVER_SOFTWARE'] || @$_SERVER['HTTP_HOST'] ? @$_SERVER['SERVER_SOFTWARE'] ? @$_SERVER['SERVER_SOFTWARE'] : $_SERVER['HTTP_HOST'] : ''; $is_apache = ($server_software and stristr($server_software, 'Apache')) or is_callable('apache_get_version'); $real_doc_root = isset($_SERVER['DOCUMENT_ROOT']) ? realpath($_SERVER['DOCUMENT_ROOT']) : ''; // ini_get() returns string values passed via php_value as a string, not boolean $is_register_globals = (strcasecmp(ini_get('register_globals'), 'on') === 0 or ini_get('register_globals') === '1'); // Check for Textpattern updates, at most once every 24 hours $now = time(); $updateInfo = unserialize(get_pref('last_update_check', '')); if (!$updateInfo || $now > $updateInfo['when'] + 60 * 60 * 24) { $updates = checkUpdates(); $updateInfo['msg'] = $updates ? gTxt($updates['msg'], array('{version}' => $updates['version'])) : ''; $updateInfo['when'] = $now; set_pref('last_update_check', serialize($updateInfo), 'publish', PREF_HIDDEN, 'text_input'); } $fail = array('textpattern_version_update' => $updateInfo['msg'] ? diag_msg_wrap($updateInfo['msg'], 'information') : '', 'php_version_required' => (!is_callable('version_compare') or version_compare(PHP_VERSION, REQUIRED_PHP_VERSION, '<')) ? diag_msg_wrap(gTxt('php_version_required', array('{version}' => REQUIRED_PHP_VERSION))) : '', 'path_to_site_missing' => !isset($path_to_site) ? diag_msg_wrap(gTxt('path_to_site_missing'), 'warning') : '', 'dns_lookup_fails' => @gethostbyname($mydomain) == $mydomain ? diag_msg_wrap(gTxt('dns_lookup_fails') . cs . $mydomain, 'warning') : '', 'path_to_site_inacc' => !@is_dir($path_to_site) ? diag_msg_wrap(gTxt('path_to_site_inacc') . cs . $path_to_site) : '', 'site_trailing_slash' => rtrim($siteurl, '/') != $siteurl ? diag_msg_wrap(gTxt('site_trailing_slash') . cs . $path_to_site, 'warning') : '', 'index_inaccessible' => (!@is_file($path_to_site . "/index.php") or !@is_readable($path_to_site . "/index.php")) ? diag_msg_wrap("{$path_to_site}/index.php " . gTxt('is_inaccessible')) : '', 'dir_not_writable' => trim((!@is_writable($path_to_site . '/' . $img_dir) ? diag_msg_wrap(str_replace('{dirtype}', gTxt('img_dir'), gTxt('dir_not_writable')) . ": {$path_to_site}/{$img_dir}", 'warning') . n : '') . (!@is_writable($file_base_path) ? diag_msg_wrap(str_replace('{dirtype}', gTxt('file_base_path'), gTxt('dir_not_writable')) . ": {$file_base_path}", 'warning') . n : '') . (!@is_writable($tempdir) ? diag_msg_wrap(str_replace('{dirtype}', gTxt('tempdir'), gTxt('dir_not_writable')) . ": {$tempdir}", 'warning') . n : '')), 'cleanurl_only_apache' => ($permlink_mode != 'messy' and !$is_apache) ? diag_msg_wrap(gTxt('cleanurl_only_apache'), 'information') : '', 'htaccess_missing' => ($permlink_mode != 'messy' and !@is_readable($path_to_site . '/.htaccess')) ? diag_msg_wrap(gTxt('htaccess_missing')) : '', 'mod_rewrite_missing' => ($permlink_mode != 'messy' and is_callable('apache_get_modules') and !apache_module('mod_rewrite')) ? diag_msg_wrap(gTxt('mod_rewrite_missing')) : '', 'file_uploads_disabled' => !ini_get('file_uploads') ? diag_msg_wrap(gTxt('file_uploads_disabled'), 'information') : '', 'setup_still_exists' => @is_dir(txpath . DS . 'setup') ? diag_msg_wrap(txpath . DS . "setup" . DS . ' ' . gTxt('still_exists'), 'warning') : '', 'no_temp_dir' => empty($tempdir) ? diag_msg_wrap(gTxt('no_temp_dir'), 'warning') : '', 'warn_mail_unavailable' => is_disabled('mail') ? diag_msg_wrap(gTxt('warn_mail_unavailable'), 'warning') : '', 'warn_register_globals_or_update' => $is_register_globals && (version_compare(phpversion(), '4.4.0', '<=') or version_compare(phpversion(), '5.0.0', '>=') and version_compare(phpversion(), '5.0.5', '<=')) ? diag_msg_wrap(gTxt('warn_register_globals_or_update'), 'warning') : ''); if ($permlink_mode != 'messy') { $rs = safe_column("name", "txp_section", "1"); foreach ($rs as $name) { if ($name and @file_exists($path_to_site . '/' . $name)) { $fail['old_placeholder_exists'] = diag_msg_wrap(gTxt('old_placeholder') . ": {$path_to_site}/{$name}"); } } } $missing = array(); foreach ($files as $f) { $realpath = realpath(txpath . $f); if (is_readable($realpath)) { $found[] = $realpath; } else { $missing[] = txpath . $f; } } $files = $found; unset($found); if ($missing) { $fail['missing_files'] = diag_msg_wrap(gTxt('missing_files') . cs . n . t . join(', ' . n . t, $missing)); } foreach ($fail as $k => $v) { if (empty($v)) { unset($fail[$k]); } } # Find the highest revision number $file_revs = $file_md5 = array(); $rev = 0; foreach ($files as $f) { $content = @file_get_contents($f); if ($content !== FALSE) { if (preg_match('/^\\$' . 'LastChangedRevision: (\\d+) \\$/m', $content, $match)) { $file_revs[$f] = $match[1]; if ($match[1] > $rev) { $rev = $match[1]; } } $file_md5[$f] = md5(str_replace('$' . 'HeadURL: http:', '$' . 'HeadURL: https:', str_replace("\r\n", "\n", $content))); } } # Check revs & md5 against stable release, if possible $dev_files = $old_files = $modified_files = array(); if ($cs = @file(txpath . '/checksums.txt')) { foreach ($cs as $c) { if (preg_match('@^(\\S+): r?(\\S+) \\((.*)\\)$@', trim($c), $m)) { list(, $file, $r, $md5) = $m; $file = realpath(txpath . $file); if (!empty($file_revs[$file]) and $r and $file_revs[$file] < $r) { $old_files[] = $file; } elseif (!empty($file_revs[$file]) and $r and $file_revs[$file] > $r) { $dev_files[] = $file; } elseif (!empty($file_md5[$file]) and $file_md5[$file] != $md5) { $modified_files[] = $file; } } } } # files that haven't been updated if ($old_files) { $fail['old_files'] = diag_msg_wrap(gTxt('old_files') . cs . n . t . join(', ' . n . t, $old_files)); } # files that don't match their checksums if ($modified_files) { $fail['modified_files'] = diag_msg_wrap(gTxt('modified_files') . cs . n . t . join(', ' . n . t, $modified_files), 'warning'); } # running development code in live mode is not recommended if ($dev_files and $production_status == 'live') { $fail['dev_version_live'] = diag_msg_wrap(gTxt('dev_version_live') . cs . n . t . join(', ' . n . t, $dev_files), 'warning'); } # anything might break if arbitrary functions are disabled if (ini_get('disable_functions')) { $disabled_funcs = array_map('trim', explode(',', ini_get('disable_functions'))); # commonly disabled functions that we don't need $disabled_funcs = array_diff($disabled_funcs, array('imagefilltoborder', 'exec', 'system', 'dl', 'passthru', 'chown', 'shell_exec', 'popen', 'proc_open')); if ($disabled_funcs) { $fail['some_php_functions_disabled'] = diag_msg_wrap(gTxt('some_php_functions_disabled') . cs . join(', ', $disabled_funcs), 'warning'); } } # not sure about this one #if (strncmp(php_sapi_name(), 'cgi', 3) == 0 and ini_get('cgi.rfc2616_headers')) # $fail['cgi_header_config'] = gTxt('cgi_header_config'); $guess_site_url = $_SERVER['HTTP_HOST'] . preg_replace('#[/\\\\]$#', '', dirname(dirname($_SERVER['SCRIPT_NAME']))); if ($siteurl and strip_prefix($siteurl, 'www.') != strip_prefix($guess_site_url, 'www.')) { $fail['site_url_mismatch'] = diag_msg_wrap(gTxt('site_url_mismatch') . cs . $guess_site_url, 'warning'); } # test clean URL server vars if (hu) { if (ini_get('allow_url_fopen') and $permlink_mode != 'messy') { $s = md5(uniqid(rand(), true)); ini_set('default_socket_timeout', 10); $pretext_data = @file(hu . $s . '/?txpcleantest=1'); if ($pretext_data) { $pretext_req = trim(@$pretext_data[0]); if ($pretext_req != md5('/' . $s . '/?txpcleantest=1')) { $fail['clean_url_data_failed'] = diag_msg_wrap(gTxt('clean_url_data_failed') . cs . txpspecialchars($pretext_req), 'warning'); } } else { $fail['clean_url_test_failed'] = diag_msg_wrap(gTxt('clean_url_test_failed'), 'warning'); } } } if ($tables = list_txp_tables()) { $table_errors = check_tables($tables); if ($table_errors) { $fail['mysql_table_errors'] = diag_msg_wrap(gTxt('mysql_table_errors') . cs . n . t . join(', ' . n . t, $table_errors)); } } $active_plugins = array(); if ($rows = safe_rows('name, version, code_md5, md5(code) as md5', 'txp_plugin', 'status > 0')) { foreach ($rows as $row) { $n = $row['name'] . '-' . $row['version']; if (strtolower($row['md5']) != strtolower($row['code_md5'])) { $n .= 'm'; } $active_plugins[] = $n; } } $theme_manifest = $theme->manifest(); // check GD info if (function_exists('gd_info')) { $gd_info = gd_info(); $gd_support = array(); if ($gd_info['GIF Create Support']) { $gd_support[] = 'GIF'; } // Aside: In PHP 5.3, they chose to add a previously unemployed capital "E" to the array key. if (!empty($gd_info['JPEG Support']) || !empty($gd_info['JPG Support'])) { $gd_support[] = 'JPG'; } if ($gd_info['PNG Support']) { $gd_support[] = 'PNG'; } if ($gd_support) { $gd_support = join(', ', $gd_support); } else { $gd_support = gTxt('none'); } $gd = gTxt('gd_info', array('{version}' => $gd_info['GD Version'], '{supported}' => $gd_support)); } else { $gd = gTxt('gd_unavailable'); } if (realpath($prefs['tempdir']) == realpath($prefs['plugin_cache_dir'])) { $fail['tmp_plugin_paths_match'] = diag_msg_wrap(gTxt('tmp_plugin_paths_match')); } echo pagetop(gTxt('tab_diagnostics'), ''), '<h1 class="txp-heading">' . gTxt('tab_diagnostics') . '</h1>', '<div id="' . $event . '_container" class="txp-container">', '<div id="pre_flight_check">', hed(gTxt('preflight_check'), 2); if ($fail) { foreach ($fail as $help => $message) { echo graf(nl2br($message) . sp . popHelp($help)); } } else { echo graf(diag_msg_wrap(gTxt('all_checks_passed'), 'success')); } echo '</div>'; echo '<div id="diagnostics">', hed(gTxt('diagnostic_info'), 2); $fmt_date = '%Y-%m-%d %H:%M:%S'; $out = array('<p><textarea id="diagnostics-detail" cols="' . INPUT_LARGE . '" rows="' . INPUT_MEDIUM . '" readonly="readonly">', gTxt('txp_version') . cs . txp_version . ' (' . ($rev ? 'r' . $rev : 'unknown revision') . ')' . n, gTxt('last_update') . cs . gmstrftime($fmt_date, $dbupdatetime) . '/' . gmstrftime($fmt_date, @filemtime(txpath . '/update/_update.php')) . n, gTxt('document_root') . cs . @$_SERVER['DOCUMENT_ROOT'] . ($real_doc_root != @$_SERVER['DOCUMENT_ROOT'] ? ' (' . $real_doc_root . ')' : '') . n, '$path_to_site' . cs . $path_to_site . n, gTxt('txp_path') . cs . txpath . n, gTxt('permlink_mode') . cs . $permlink_mode . n, ini_get('open_basedir') ? 'open_basedir: ' . ini_get('open_basedir') . n : '', ini_get('upload_tmp_dir') ? 'upload_tmp_dir: ' . ini_get('upload_tmp_dir') . n : '', gTxt('tempdir') . cs . $tempdir . n, gTxt('web_domain') . cs . $siteurl . n, gTxt('php_version') . cs . phpversion() . n, $is_register_globals ? gTxt('register_globals') . cs . $is_register_globals . n : '', gTxt('gd_library') . cs . $gd . n, gTxt('server') . ' TZ: ' . (timezone::is_supported() ? @date_default_timezone_get() : (getenv('TZ') ? getenv('TZ') : '-')) . n, gTxt('server_time') . cs . strftime('%Y-%m-%d %H:%M:%S') . n, strip_tags(gTxt('is_dst')) . cs . $is_dst . n, strip_tags(gTxt('auto_dst')) . cs . $auto_dst . n, strip_tags(gTxt('gmtoffset')) . cs . $timezone_key . sp . "({$gmtoffset})" . n, 'MySQL' . cs . mysql_get_server_info() . n, gTxt('locale') . cs . $locale . n, isset($_SERVER['SERVER_SOFTWARE']) ? gTxt('server') . cs . $_SERVER['SERVER_SOFTWARE'] . n : '', is_callable('apache_get_version') ? gTxt('apache_version') . cs . @apache_get_version() . n : '', gTxt('php_sapi_mode') . cs . PHP_SAPI . n, gTxt('rfc2616_headers') . cs . ini_get('cgi.rfc2616_headers') . n, gTxt('os_version') . cs . php_uname('s') . ' ' . php_uname('r') . n, $active_plugins ? gTxt('active_plugins') . cs . join(', ', $active_plugins) . n : '', gTxt('theme_name') . cs . $theme_name . sp . $theme_manifest['version'] . n, $fail ? n . gTxt('preflight_check') . cs . n . ln . join("\n", doStripTags($fail)) . n . ln : '', is_readable($path_to_site . '/.htaccess') ? n . gTxt('htaccess_contents') . cs . n . ln . txpspecialchars(join('', file($path_to_site . '/.htaccess'))) . n . ln : ''); if ($step == 'high') { $mysql_client_encoding = is_callable('mysql_client_encoding') ? mysql_client_encoding() : '-'; $out[] = n . 'Charset (default/config)' . cs . $mysql_client_encoding . '/' . @$txpcfg['dbcharset'] . n; $result = safe_query("SHOW variables like 'character_se%'"); while ($row = mysql_fetch_row($result)) { $out[] = $row[0] . cs . $row[1] . n; if ($row[0] == 'character_set_connection') { $conn_char = $row[1]; } } $table_names = array(PFX . 'textpattern'); $result = safe_query("SHOW TABLES LIKE '" . PFX . "txp\\_%'"); while ($row = mysql_fetch_row($result)) { $table_names[] = $row[0]; } $table_msg = array(); foreach ($table_names as $table) { $ctr = safe_query("SHOW CREATE TABLE " . $table . ""); if (!$ctr) { unset($table_names[$table]); continue; } $ctcharset = preg_replace('#^CREATE TABLE.*SET=([^ ]+)[^)]*$#is', '\\1', mysql_result($ctr, 0, 'Create Table')); if (isset($conn_char) && !stristr($ctcharset, 'CREATE') && $conn_char != $ctcharset) { $table_msg[] = "{$table} is {$ctcharset}"; } $ctr = safe_query("CHECK TABLE " . $table); if (in_array(mysql_result($ctr, 0, 'Msg_type'), array('error', 'warning'))) { $table_msg[] = $table . cs . mysql_result($ctr, 0, 'Msg_Text'); } } if ($table_msg == array()) { $table_msg = count($table_names) < 17 ? array('-') : array('OK'); } $out[] = count($table_names) . ' Tables' . cs . implode(', ', $table_msg) . n; $cf = preg_grep('/^custom_\\d+/', getThings('describe `' . PFX . 'textpattern`')); $out[] = n . get_pref('max_custom_fields', 10) . sp . gTxt('custom') . cs . implode(', ', $cf) . sp . '(' . count($cf) . ')' . n; $extns = get_loaded_extensions(); $extv = array(); foreach ($extns as $e) { $extv[] = $e . (phpversion($e) ? '/' . phpversion($e) : ''); } $out[] = n . gTxt('php_extensions') . cs . join(', ', $extv) . n; if (is_callable('apache_get_modules')) { $out[] = n . gTxt('apache_modules') . cs . join(', ', apache_get_modules()) . n; } if (@is_array($pretext_data) and count($pretext_data) > 1) { $out[] = n . gTxt('pretext_data') . cs . txpspecialchars(join('', array_slice($pretext_data, 1, 20))) . n; } $out[] = n; foreach ($files as $f) { $checksum = isset($file_md5[$f]) ? $file_md5[$f] : gTxt('unknown'); $revision = isset($file_revs[$f]) ? 'r' . $file_revs[$f] : gTxt('unknown'); $out[] = "{$f}" . cs . n . t . $revision . ' (' . $checksum . ')' . n; } $out[] = n . ln; } $out[] = callback_event('diag_results', $step) . n; $out[] = '</textarea></p>'; $dets = array('low' => gTxt('low'), 'high' => gTxt('high')); $out[] = form(graf(eInput('diag') . n . '<label>' . gTxt('detail') . '</label>' . n . selectInput('step', $dets, $step, 0, 1))); echo join('', $out), '</div>', '</div>'; }
<h4><a href="?p=admin">Main Menu</a> / Updates</h4> </div> <!-- .content-header --> <div class="main-content"> <table width="100%"> <thead> <th><center>Update Info</center></th> </thead> </table> <br /> <table> <tr> <?php if (isset($_GET['update'])) { if ($_GET['update'] == 'db') { runDatabaseSql(); } } else { if (isset($_POST['action'])) { if ($_POST['action'] == 'update') { runUpdate(); } } else { checkUpdates(); } } ?> </tr> </table> </div> </div>