1<?php
2
3/**
4 * Information and debugging functions
5 *
6 * @license    GPL 2 (http://www.gnu.org/licenses/gpl.html)
7 * @author     Andreas Gohr <andi@splitbrain.org>
8 */
9
10use dokuwiki\Debug\DebugHelper;
11use dokuwiki\Extension\AuthPlugin;
12use dokuwiki\Extension\Event;
13use dokuwiki\HTTP\DokuHTTPClient;
14use dokuwiki\Logger;
15use dokuwiki\Utf8\PhpString;
16
17if (!defined('DOKU_MESSAGEURL')) {
18    if (in_array('ssl', stream_get_transports())) {
19        define('DOKU_MESSAGEURL', 'https://update.dokuwiki.org/check/');
20    } else {
21        define('DOKU_MESSAGEURL', 'http://update.dokuwiki.org/check/');
22    }
23}
24
25/**
26 * Check for new messages from upstream
27 *
28 * @author Andreas Gohr <andi@splitbrain.org>
29 */
30function checkUpdateMessages()
31{
32    global $conf;
33    global $INFO;
34    global $updateVersion;
35    if (!$conf['updatecheck']) return;
36    if ($conf['useacl'] && !$INFO['ismanager']) return;
37
38    $cf = getCacheName($updateVersion, '.updmsg');
39    $lm = @filemtime($cf);
40    $is_http = !str_starts_with(DOKU_MESSAGEURL, 'https');
41
42    // check if new messages needs to be fetched
43    if ($lm < time() - (60 * 60 * 24) || $lm < @filemtime(DOKU_INC . DOKU_SCRIPT)) {
44        @touch($cf);
45        Logger::debug(
46            sprintf(
47                'checkUpdateMessages(): downloading messages to %s%s',
48                $cf,
49                $is_http ? ' (without SSL)' : ' (with SSL)'
50            )
51        );
52        $http = new DokuHTTPClient();
53        $http->timeout = 12;
54        $resp = $http->get(DOKU_MESSAGEURL . $updateVersion);
55        if (is_string($resp) && ($resp == '' || str_ends_with(trim($resp), '%'))) {
56            // basic sanity check that this is either an empty string response (ie "no messages")
57            // or it looks like one of our messages, not WiFi login or other interposed response
58            io_saveFile($cf, $resp);
59        } else {
60            Logger::debug("checkUpdateMessages(): unexpected HTTP response received", $http->error);
61        }
62    } else {
63        Logger::debug("checkUpdateMessages(): messages up to date");
64    }
65
66    $data = io_readFile($cf);
67    // show messages through the usual message mechanism
68    $msgs = explode("\n%\n", $data);
69    foreach ($msgs as $msg) {
70        if ($msg) msg($msg, 2);
71    }
72}
73
74
75/**
76 * Return DokuWiki's version (split up in date and type)
77 *
78 * @author Andreas Gohr <andi@splitbrain.org>
79 */
80function getVersionData()
81{
82    $version = [];
83    //import version string
84    if (file_exists(DOKU_INC . 'VERSION')) {
85        //official release
86        $version['date'] = trim(io_readFile(DOKU_INC . 'VERSION'));
87        $version['type'] = 'Release';
88    } elseif (is_dir(DOKU_INC . '.git')) {
89        $version['type'] = 'Git';
90        $version['date'] = 'unknown';
91
92        // First try to get date and commit hash by calling Git
93        if (function_exists('shell_exec')) {
94            $commitInfo = shell_exec("git log -1 --pretty=format:'%h %cd' --date=short");
95            if ($commitInfo) {
96                [$version['sha'], $date] = explode(' ', $commitInfo);
97                $version['date'] = hsc($date);
98                return $version;
99            }
100        }
101
102        // we cannot use git on the shell -- let's do it manually!
103        if (file_exists(DOKU_INC . '.git/HEAD')) {
104            $headCommit = trim(file_get_contents(DOKU_INC . '.git/HEAD'));
105            if (strpos($headCommit, 'ref: ') === 0) {
106                // it is something like `ref: refs/heads/master`
107                $headCommit = substr($headCommit, 5);
108                $pathToHead = DOKU_INC . '.git/' . $headCommit;
109                if (file_exists($pathToHead)) {
110                    $headCommit = trim(file_get_contents($pathToHead));
111                } else {
112                    $packedRefs = file_get_contents(DOKU_INC . '.git/packed-refs');
113                    if (!preg_match("~([[:xdigit:]]+) $headCommit~", $packedRefs, $matches)) {
114                        # ref not found in pack file
115                        return $version;
116                    }
117                    $headCommit = $matches[1];
118                }
119            }
120            // At this point $headCommit is a SHA
121            $version['sha'] = $headCommit;
122
123            // Get commit date from Git object
124            $subDir = substr($headCommit, 0, 2);
125            $fileName = substr($headCommit, 2);
126            $gitCommitObject = DOKU_INC . ".git/objects/$subDir/$fileName";
127            if (file_exists($gitCommitObject) && function_exists('zlib_decode')) {
128                $commit = zlib_decode(file_get_contents($gitCommitObject));
129                $committerLine = explode("\n", $commit)[3];
130                $committerData = explode(' ', $committerLine);
131                end($committerData);
132                $ts = prev($committerData);
133                if ($ts && $date = date('Y-m-d', $ts)) {
134                    $version['date'] = $date;
135                }
136            }
137        }
138    } else {
139        global $updateVersion;
140        $version['date'] = 'update version ' . $updateVersion;
141        $version['type'] = 'snapshot?';
142    }
143    return $version;
144}
145
146/**
147 * Return DokuWiki's version
148 *
149 * This returns the version in the form "Type Date (SHA)". Where type is either
150 * "Release" or "Git" and date is the date of the release or the date of the
151 * last commit. SHA is the short SHA of the last commit - this is only added on
152 * git checkouts.
153 *
154 * If no version can be determined "snapshot? update version XX" is returned.
155 * Where XX represents the update version number set in doku.php.
156 *
157 * @return string The version string e.g. "Release 2023-04-04a"
158 * @author Anika Henke <anika@selfthinker.org>
159 */
160function getVersion()
161{
162    $version = getVersionData();
163    $sha = empty($version['sha']) ? '' : ' (' . $version['sha'] . ')';
164    return $version['type'] . ' ' . $version['date'] . $sha;
165}
166
167/**
168 * Get some data about the environment this wiki is running in
169 *
170 * @return array
171 */
172function getRuntimeVersions()
173{
174    $data = [];
175    $data['php'] = 'PHP ' . PHP_VERSION;
176
177    $osRelease = getOsRelease();
178    if (isset($osRelease['PRETTY_NAME'])) {
179        $data['dist'] = $osRelease['PRETTY_NAME'];
180    }
181
182    $data['os'] = php_uname('s') . ' ' . php_uname('r');
183    $data['sapi'] = PHP_SAPI;
184
185    if (getenv('KUBERNETES_SERVICE_HOST')) {
186        $data['container'] = 'Kubernetes';
187    } elseif (file_exists('/.dockerenv')) {
188        $data['container'] = 'Docker';
189    }
190
191    return $data;
192}
193
194/**
195 * Get informational data about the linux distribution this wiki is running on
196 *
197 * @see https://gist.github.com/natefoo/814c5bf936922dad97ff
198 * @return array an os-release array, might be empty
199 */
200function getOsRelease()
201{
202    $osRelease = [];
203    if (file_exists('/etc/os-release')) {
204        // pretty much any common Linux distribution has this
205        $osRelease = parse_ini_file('/etc/os-release');
206    } elseif (file_exists('/etc/synoinfo.conf') && file_exists('/etc/VERSION')) {
207        // Synology DSM has its own way
208        $synoInfo = parse_ini_file('/usr/lib/synoinfo.conf');
209        $synoVersion = parse_ini_file('/etc/VERSION');
210        $osRelease['NAME'] = 'Synology DSM';
211        $osRelease['ID'] = 'synology';
212        $osRelease['ID_LIKE'] = 'linux';
213        $osRelease['VERSION_ID'] = $synoVersion['productversion'];
214        $osRelease['VERSION'] = $synoVersion['productversion'];
215        $osRelease['SYNO_MODEL'] = $synoInfo['upnpmodelname'];
216        $osRelease['PRETTY_NAME'] = implode(' ', [$osRelease['NAME'], $osRelease['VERSION'], $osRelease['SYNO_MODEL']]);
217    }
218    return $osRelease;
219}
220
221/**
222 * Run a few sanity checks
223 *
224 * @author Andreas Gohr <andi@splitbrain.org>
225 */
226function check()
227{
228    global $conf;
229    global $INFO;
230    /* @var Input $INPUT */
231    global $INPUT;
232
233    if ($INFO['isadmin'] || $INFO['ismanager']) {
234        msg('DokuWiki version: ' . getVersion(), 1);
235        if (version_compare(phpversion(), '7.4.0', '<')) {
236            msg('Your PHP version is too old (' . phpversion() . ' vs. 7.4+ needed)', -1);
237        } else {
238            msg('PHP version ' . phpversion(), 1);
239        }
240    } elseif (version_compare(phpversion(), '7.4.0', '<')) {
241        msg('Your PHP version is too old', -1);
242    }
243
244    $mem = php_to_byte(ini_get('memory_limit'));
245    if ($mem) {
246        if ($mem === -1) {
247            msg('PHP memory is unlimited', 1);
248        } elseif ($mem < 16_777_216) {
249            msg('PHP is limited to less than 16MB RAM (' . filesize_h($mem) . ').
250            Increase memory_limit in php.ini', -1);
251        } elseif ($mem < 20_971_520) {
252            msg('PHP is limited to less than 20MB RAM (' . filesize_h($mem) . '),
253                you might encounter problems with bigger pages. Increase memory_limit in php.ini', -1);
254        } elseif ($mem < 33_554_432) {
255            msg('PHP is limited to less than 32MB RAM (' . filesize_h($mem) . '),
256                but that should be enough in most cases. If not, increase memory_limit in php.ini', 0);
257        } else {
258            msg('More than 32MB RAM (' . filesize_h($mem) . ') available.', 1);
259        }
260    }
261
262    if (is_writable($conf['changelog'])) {
263        msg('Changelog is writable', 1);
264    } elseif (file_exists($conf['changelog'])) {
265        msg('Changelog is not writable', -1);
266    }
267
268    if (isset($conf['changelog_old']) && file_exists($conf['changelog_old'])) {
269        msg('Old changelog exists', 0);
270    }
271
272    if (file_exists($conf['changelog'] . '_failed')) {
273        msg('Importing old changelog failed', -1);
274    } elseif (file_exists($conf['changelog'] . '_importing')) {
275        msg('Importing old changelog now.', 0);
276    } elseif (file_exists($conf['changelog'] . '_import_ok')) {
277        msg('Old changelog imported', 1);
278        if (!plugin_isdisabled('importoldchangelog')) {
279            msg('Importoldchangelog plugin not disabled after import', -1);
280        }
281    }
282
283    if (is_writable(DOKU_CONF)) {
284        msg('conf directory is writable', 1);
285    } else {
286        msg('conf directory is not writable', -1);
287    }
288
289    if ($conf['authtype'] == 'plain') {
290        global $config_cascade;
291        if (is_writable($config_cascade['plainauth.users']['default'])) {
292            msg('conf/users.auth.php is writable', 1);
293        } else {
294            msg('conf/users.auth.php is not writable', 0);
295        }
296    }
297
298    if (function_exists('mb_strpos')) {
299        if (defined('UTF8_NOMBSTRING')) {
300            msg('mb_string extension is available but will not be used', 0);
301        } else {
302            msg('mb_string extension is available and will be used', 1);
303            if (ini_get('mbstring.func_overload') != 0) {
304                msg('mb_string function overloading is enabled, this will cause problems and should be disabled', -1);
305            }
306        }
307    } else {
308        msg('mb_string extension not available - PHP only replacements will be used', 0);
309    }
310
311    if (!UTF8_PREGSUPPORT) {
312        msg('PHP is missing UTF-8 support in Perl-Compatible Regular Expressions (PCRE)', -1);
313    }
314    if (!UTF8_PROPERTYSUPPORT) {
315        msg('PHP is missing Unicode properties support in Perl-Compatible Regular Expressions (PCRE)', -1);
316    }
317
318    $loc = setlocale(LC_ALL, 0);
319    if (!$loc) {
320        msg('No valid locale is set for your PHP setup. You should fix this', -1);
321    } elseif (stripos($loc, 'utf') === false) {
322        msg('Your locale <code>' . hsc($loc) . '</code> seems not to be a UTF-8 locale,
323             you should fix this if you encounter problems.', 0);
324    } else {
325        msg('Valid locale ' . hsc($loc) . ' found.', 1);
326    }
327
328    if ($conf['allowdebug']) {
329        msg('Debugging support is enabled. If you don\'t need it you should set $conf[\'allowdebug\'] = 0', -1);
330    } else {
331        msg('Debugging support is disabled', 1);
332    }
333
334    if (!empty($INFO['userinfo']['name'])) {
335        msg(sprintf(
336            "You are currently logged in as %s (%s)",
337            $INPUT->server->str('REMOTE_USER'),
338            $INFO['userinfo']['name']
339        ), 0);
340        msg('You are part of the groups ' . implode(', ', $INFO['userinfo']['grps']), 0);
341    } else {
342        msg('You are currently not logged in', 0);
343    }
344
345    msg('Your current permission for this page is ' . $INFO['perm'], 0);
346
347    if (file_exists($INFO['filepath']) && is_writable($INFO['filepath'])) {
348        msg('The current page is writable by the webserver', 1);
349    } elseif (!file_exists($INFO['filepath']) && is_writable(dirname($INFO['filepath']))) {
350        msg('The current page can be created by the webserver', 1);
351    } else {
352        msg('The current page is not writable by the webserver', -1);
353    }
354
355    if ($INFO['writable']) {
356        msg('The current page is writable by you', 1);
357    } else {
358        msg('The current page is not writable by you', -1);
359    }
360
361    // Check for corrupted search index
362    $lengths = idx_listIndexLengths();
363    $index_corrupted = false;
364    foreach ($lengths as $length) {
365        if (count(idx_getIndex('w', $length)) !== count(idx_getIndex('i', $length))) {
366            $index_corrupted = true;
367            break;
368        }
369    }
370
371    foreach (idx_getIndex('metadata', '') as $index) {
372        if (count(idx_getIndex($index . '_w', '')) !== count(idx_getIndex($index . '_i', ''))) {
373            $index_corrupted = true;
374            break;
375        }
376    }
377
378    if ($index_corrupted) {
379        msg(
380            'The search index is corrupted. It might produce wrong results and most
381                probably needs to be rebuilt. See
382                <a href="https://www.dokuwiki.org/faq:searchindex">faq:searchindex</a>
383                for ways to rebuild the search index.',
384            -1
385        );
386    } elseif (!empty($lengths)) {
387        msg('The search index seems to be working', 1);
388    } else {
389        msg(
390            'The search index is empty. See
391                <a href="https://www.dokuwiki.org/faq:searchindex">faq:searchindex</a>
392                for help on how to fix the search index. If the default indexer
393                isn\'t used or the wiki is actually empty this is normal.'
394        );
395    }
396
397    // rough time check
398    $http = new DokuHTTPClient();
399    $http->max_redirect = 0;
400    $http->timeout = 3;
401    $http->sendRequest('https://www.dokuwiki.org', '', 'HEAD');
402    $now = time();
403    if (isset($http->resp_headers['date'])) {
404        $time = strtotime($http->resp_headers['date']);
405        $diff = $time - $now;
406
407        if (abs($diff) < 4) {
408            msg("Server time seems to be okay. Diff: {$diff}s", 1);
409        } else {
410            msg("Your server's clock seems to be out of sync!
411                 Consider configuring a sync with a NTP server.  Diff: {$diff}s");
412        }
413    }
414}
415
416/**
417 * Display a message to the user
418 *
419 * If HTTP headers were not sent yet the message is added
420 * to the global message array else it's printed directly
421 * using html_msgarea()
422 *
423 * Triggers INFOUTIL_MSG_SHOW
424 *
425 * @param string $message
426 * @param int $lvl -1 = error, 0 = info, 1 = success, 2 = notify
427 * @param string $line line number
428 * @param string $file file number
429 * @param int $allow who's allowed to see the message, see MSG_* constants
430 * @see html_msgarea()
431 */
432function msg($message, $lvl = 0, $line = '', $file = '', $allow = MSG_PUBLIC)
433{
434    global $MSG, $MSG_shown;
435    static $errors = [
436        -1 => 'error',
437        0 => 'info',
438        1 => 'success',
439        2 => 'notify',
440    ];
441
442    $msgdata = [
443        'msg' => $message,
444        'lvl' => $errors[$lvl],
445        'allow' => $allow,
446        'line' => $line,
447        'file' => $file,
448    ];
449
450    $evt = new Event('INFOUTIL_MSG_SHOW', $msgdata);
451    if ($evt->advise_before()) {
452        /* Show msg normally - event could suppress message show */
453        if ($msgdata['line'] || $msgdata['file']) {
454            $basename = PhpString::basename($msgdata['file']);
455            $msgdata['msg'] .= ' [' . $basename . ':' . $msgdata['line'] . ']';
456        }
457
458        if (!isset($MSG)) $MSG = [];
459        $MSG[] = $msgdata;
460        if (isset($MSG_shown) || headers_sent()) {
461            if (function_exists('html_msgarea')) {
462                html_msgarea();
463            } else {
464                echo "ERROR(" . $msgdata['lvl'] . ") " . $msgdata['msg'] . "\n";
465            }
466            unset($GLOBALS['MSG']);
467        }
468    }
469    $evt->advise_after();
470    unset($evt);
471}
472
473/**
474 * Determine whether the current user is allowed to view the message
475 * in the $msg data structure
476 *
477 * @param array $msg dokuwiki msg structure:
478 *              msg   => string, the message;
479 *              lvl   => int, level of the message (see msg() function);
480 *              allow => int, flag used to determine who is allowed to see the message, see MSG_* constants
481 * @return bool
482 */
483function info_msg_allowed($msg)
484{
485    global $INFO, $auth;
486
487    // is the message public? - everyone and anyone can see it
488    if (empty($msg['allow']) || ($msg['allow'] == MSG_PUBLIC)) return true;
489
490    // restricted msg, but no authentication
491    if (!$auth instanceof AuthPlugin) return false;
492
493    switch ($msg['allow']) {
494        case MSG_USERS_ONLY:
495            return !empty($INFO['userinfo']);
496
497        case MSG_MANAGERS_ONLY:
498            return $INFO['ismanager'];
499
500        case MSG_ADMINS_ONLY:
501            return $INFO['isadmin'];
502
503        default:
504            trigger_error(
505                'invalid msg allow restriction.  msg="' . $msg['msg'] . '" allow=' . $msg['allow'] . '"',
506                E_USER_WARNING
507            );
508            return $INFO['isadmin'];
509    }
510}
511
512/**
513 * print debug messages
514 *
515 * little function to print the content of a var
516 *
517 * @param string $msg
518 * @param bool $hidden
519 *
520 * @author Andreas Gohr <andi@splitbrain.org>
521 */
522function dbg($msg, $hidden = false)
523{
524    if ($hidden) {
525        echo "<!--\n";
526        print_r($msg);
527        echo "\n-->";
528    } else {
529        echo '<pre class="dbg">';
530        echo hsc(print_r($msg, true));
531        echo '</pre>';
532    }
533}
534
535/**
536 * Print info to debug log file
537 *
538 * @param string $msg
539 * @param string $header
540 *
541 * @author Andreas Gohr <andi@splitbrain.org>
542 * @deprecated 2020-08-13
543 */
544function dbglog($msg, $header = '')
545{
546    dbg_deprecated('\\dokuwiki\\Logger');
547
548    // was the msg as single line string? use it as header
549    if ($header === '' && is_string($msg) && strpos($msg, "\n") === false) {
550        $header = $msg;
551        $msg = '';
552    }
553
554    Logger::getInstance(Logger::LOG_DEBUG)->log(
555        $header,
556        $msg
557    );
558}
559
560/**
561 * Log accesses to deprecated fucntions to the debug log
562 *
563 * @param string $alternative The function or method that should be used instead
564 * @triggers INFO_DEPRECATION_LOG
565 */
566function dbg_deprecated($alternative = '')
567{
568    DebugHelper::dbgDeprecatedFunction($alternative, 2);
569}
570
571/**
572 * Print a reversed, prettyprinted backtrace
573 *
574 * @author Gary Owen <gary_owen@bigfoot.com>
575 */
576function dbg_backtrace()
577{
578    // Get backtrace
579    $backtrace = debug_backtrace();
580
581    // Unset call to debug_print_backtrace
582    array_shift($backtrace);
583
584    // Iterate backtrace
585    $calls = [];
586    $depth = count($backtrace) - 1;
587    foreach ($backtrace as $i => $call) {
588        if (isset($call['file'])) {
589            $location = $call['file'] . ':' . ($call['line'] ?? '0');
590        } else {
591            $location = '[anonymous]';
592        }
593        if (isset($call['class'])) {
594            $function = $call['class'] . $call['type'] . $call['function'];
595        } else {
596            $function = $call['function'];
597        }
598
599        $params = [];
600        if (isset($call['args'])) {
601            foreach ($call['args'] as $arg) {
602                if (is_object($arg)) {
603                    $params[] = '[Object ' . get_class($arg) . ']';
604                } elseif (is_array($arg)) {
605                    $params[] = '[Array]';
606                } elseif (is_null($arg)) {
607                    $params[] = '[NULL]';
608                } else {
609                    $params[] = '"' . $arg . '"';
610                }
611            }
612        }
613        $params = implode(', ', $params);
614
615        $calls[$depth - $i] = sprintf(
616            '%s(%s) called at %s',
617            $function,
618            str_replace("\n", '\n', $params),
619            $location
620        );
621    }
622    ksort($calls);
623
624    return implode("\n", $calls);
625}
626
627/**
628 * Remove all data from an array where the key seems to point to sensitive data
629 *
630 * This is used to remove passwords, mail addresses and similar data from the
631 * debug output
632 *
633 * @param array $data
634 *
635 * @author Andreas Gohr <andi@splitbrain.org>
636 */
637function debug_guard(&$data)
638{
639    foreach ($data as $key => $value) {
640        if (preg_match('/(notify|pass|auth|secret|ftp|userinfo|token|buid|mail|proxy)/i', $key)) {
641            $data[$key] = '***';
642            continue;
643        }
644        if (is_array($value)) debug_guard($data[$key]);
645    }
646}
647