1 <?php 2 3 /** 4 * Information and debugging functions 5 * 6 * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) 7 * @author Andreas Gohr <andi@splitbrain.org> 8 */ 9 10 use dokuwiki\Debug\DebugHelper; 11 use dokuwiki\Extension\AuthPlugin; 12 use dokuwiki\Extension\Event; 13 use dokuwiki\HTTP\DokuHTTPClient; 14 use dokuwiki\Logger; 15 use dokuwiki\Utf8\PhpString; 16 17 if (!defined('DOKU_MESSAGEURL')) { 18 if (in_array('ssl', stream_get_transports())) { 19 define('DOKU_MESSAGEURL', 'https://update.dokuwiki.org/check/'); 20 } else { 21 define('DOKU_MESSAGEURL', 'http://update.dokuwiki.org/check/'); 22 } 23 } 24 25 /** 26 * Check for new messages from upstream 27 * 28 * @author Andreas Gohr <andi@splitbrain.org> 29 */ 30 function checkUpdateMessages() 31 { 32 global $conf; 33 global $INFO; 34 global $updateVersion; 35 if (!$conf['updatecheck']) return; 36 if ($conf['useacl'] && !$INFO['ismanager']) return; 37 38 $cf = getCacheName($updateVersion, '.updmsg'); 39 $lm = @filemtime($cf); 40 $is_http = !str_starts_with(DOKU_MESSAGEURL, 'https'); 41 42 // check if new messages needs to be fetched 43 if ($lm < time() - (60 * 60 * 24) || $lm < @filemtime(DOKU_INC . DOKU_SCRIPT)) { 44 @touch($cf); 45 Logger::debug( 46 sprintf( 47 'checkUpdateMessages(): downloading messages to %s%s', 48 $cf, 49 $is_http ? ' (without SSL)' : ' (with SSL)' 50 ) 51 ); 52 $http = new DokuHTTPClient(); 53 $http->timeout = 12; 54 $resp = $http->get(DOKU_MESSAGEURL . $updateVersion); 55 if (is_string($resp) && ($resp == '' || str_ends_with(trim($resp), '%'))) { 56 // basic sanity check that this is either an empty string response (ie "no messages") 57 // or it looks like one of our messages, not WiFi login or other interposed response 58 io_saveFile($cf, $resp); 59 } else { 60 Logger::debug("checkUpdateMessages(): unexpected HTTP response received", $http->error); 61 } 62 } else { 63 Logger::debug("checkUpdateMessages(): messages up to date"); 64 } 65 66 $data = io_readFile($cf); 67 // show messages through the usual message mechanism 68 $msgs = explode("\n%\n", $data); 69 foreach ($msgs as $msg) { 70 if ($msg) msg($msg, 2); 71 } 72 } 73 74 75 /** 76 * Return DokuWiki's version (split up in date and type) 77 * 78 * @author Andreas Gohr <andi@splitbrain.org> 79 */ 80 function getVersionData() 81 { 82 $version = []; 83 //import version string 84 if (file_exists(DOKU_INC . 'VERSION')) { 85 //official release 86 $version['date'] = trim(io_readFile(DOKU_INC . 'VERSION')); 87 $version['type'] = 'Release'; 88 } elseif (is_dir(DOKU_INC . '.git')) { 89 $version['type'] = 'Git'; 90 $version['date'] = 'unknown'; 91 92 // First try to get date and commit hash by calling Git 93 if (function_exists('shell_exec')) { 94 $commitInfo = shell_exec("git log -1 --pretty=format:'%h %cd' --date=short"); 95 if ($commitInfo) { 96 [$version['sha'], $date] = explode(' ', $commitInfo); 97 $version['date'] = hsc($date); 98 return $version; 99 } 100 } 101 102 // we cannot use git on the shell -- let's do it manually! 103 if (file_exists(DOKU_INC . '.git/HEAD')) { 104 $headCommit = trim(file_get_contents(DOKU_INC . '.git/HEAD')); 105 if (strpos($headCommit, 'ref: ') === 0) { 106 // it is something like `ref: refs/heads/master` 107 $headCommit = substr($headCommit, 5); 108 $pathToHead = DOKU_INC . '.git/' . $headCommit; 109 if (file_exists($pathToHead)) { 110 $headCommit = trim(file_get_contents($pathToHead)); 111 } else { 112 $packedRefs = file_get_contents(DOKU_INC . '.git/packed-refs'); 113 if (!preg_match("~([[:xdigit:]]+) $headCommit~", $packedRefs, $matches)) { 114 # ref not found in pack file 115 return $version; 116 } 117 $headCommit = $matches[1]; 118 } 119 } 120 // At this point $headCommit is a SHA 121 $version['sha'] = $headCommit; 122 123 // Get commit date from Git object 124 $subDir = substr($headCommit, 0, 2); 125 $fileName = substr($headCommit, 2); 126 $gitCommitObject = DOKU_INC . ".git/objects/$subDir/$fileName"; 127 if (file_exists($gitCommitObject) && function_exists('zlib_decode')) { 128 $commit = zlib_decode(file_get_contents($gitCommitObject)); 129 $committerLine = explode("\n", $commit)[3]; 130 $committerData = explode(' ', $committerLine); 131 end($committerData); 132 $ts = prev($committerData); 133 if ($ts && $date = date('Y-m-d', $ts)) { 134 $version['date'] = $date; 135 } 136 } 137 } 138 } else { 139 global $updateVersion; 140 $version['date'] = 'update version ' . $updateVersion; 141 $version['type'] = 'snapshot?'; 142 } 143 return $version; 144 } 145 146 /** 147 * Return DokuWiki's version 148 * 149 * This returns the version in the form "Type Date (SHA)". Where type is either 150 * "Release" or "Git" and date is the date of the release or the date of the 151 * last commit. SHA is the short SHA of the last commit - this is only added on 152 * git checkouts. 153 * 154 * If no version can be determined "snapshot? update version XX" is returned. 155 * Where XX represents the update version number set in doku.php. 156 * 157 * @return string The version string e.g. "Release 2023-04-04a" 158 * @author Anika Henke <anika@selfthinker.org> 159 */ 160 function getVersion() 161 { 162 $version = getVersionData(); 163 $sha = empty($version['sha']) ? '' : ' (' . $version['sha'] . ')'; 164 return $version['type'] . ' ' . $version['date'] . $sha; 165 } 166 167 /** 168 * Get some data about the environment this wiki is running in 169 * 170 * @return array 171 */ 172 function getRuntimeVersions() 173 { 174 $data = []; 175 $data['php'] = 'PHP ' . PHP_VERSION; 176 177 $osRelease = getOsRelease(); 178 if (isset($osRelease['PRETTY_NAME'])) { 179 $data['dist'] = $osRelease['PRETTY_NAME']; 180 } 181 182 $data['os'] = php_uname('s') . ' ' . php_uname('r'); 183 $data['sapi'] = PHP_SAPI; 184 185 if (getenv('KUBERNETES_SERVICE_HOST')) { 186 $data['container'] = 'Kubernetes'; 187 } elseif (file_exists('/.dockerenv')) { 188 $data['container'] = 'Docker'; 189 } 190 191 return $data; 192 } 193 194 /** 195 * Get informational data about the linux distribution this wiki is running on 196 * 197 * @see https://gist.github.com/natefoo/814c5bf936922dad97ff 198 * @return array an os-release array, might be empty 199 */ 200 function getOsRelease() 201 { 202 $osRelease = []; 203 if (file_exists('/etc/os-release')) { 204 // pretty much any common Linux distribution has this 205 $osRelease = parse_ini_file('/etc/os-release'); 206 } elseif (file_exists('/etc/synoinfo.conf') && file_exists('/etc/VERSION')) { 207 // Synology DSM has its own way 208 $synoInfo = parse_ini_file('/usr/lib/synoinfo.conf'); 209 $synoVersion = parse_ini_file('/etc/VERSION'); 210 $osRelease['NAME'] = 'Synology DSM'; 211 $osRelease['ID'] = 'synology'; 212 $osRelease['ID_LIKE'] = 'linux'; 213 $osRelease['VERSION_ID'] = $synoVersion['productversion']; 214 $osRelease['VERSION'] = $synoVersion['productversion']; 215 $osRelease['SYNO_MODEL'] = $synoInfo['upnpmodelname']; 216 $osRelease['PRETTY_NAME'] = implode(' ', [$osRelease['NAME'], $osRelease['VERSION'], $osRelease['SYNO_MODEL']]); 217 } 218 return $osRelease; 219 } 220 221 /** 222 * Run a few sanity checks 223 * 224 * @author Andreas Gohr <andi@splitbrain.org> 225 */ 226 function check() 227 { 228 global $conf; 229 global $INFO; 230 /* @var Input $INPUT */ 231 global $INPUT; 232 233 if ($INFO['isadmin'] || $INFO['ismanager']) { 234 msg('DokuWiki version: ' . getVersion(), 1); 235 if (version_compare(phpversion(), '7.4.0', '<')) { 236 msg('Your PHP version is too old (' . phpversion() . ' vs. 7.4+ needed)', -1); 237 } else { 238 msg('PHP version ' . phpversion(), 1); 239 } 240 } elseif (version_compare(phpversion(), '7.4.0', '<')) { 241 msg('Your PHP version is too old', -1); 242 } 243 244 $mem = php_to_byte(ini_get('memory_limit')); 245 if ($mem) { 246 if ($mem === -1) { 247 msg('PHP memory is unlimited', 1); 248 } elseif ($mem < 16_777_216) { 249 msg('PHP is limited to less than 16MB RAM (' . filesize_h($mem) . '). 250 Increase memory_limit in php.ini', -1); 251 } elseif ($mem < 20_971_520) { 252 msg('PHP is limited to less than 20MB RAM (' . filesize_h($mem) . '), 253 you might encounter problems with bigger pages. Increase memory_limit in php.ini', -1); 254 } elseif ($mem < 33_554_432) { 255 msg('PHP is limited to less than 32MB RAM (' . filesize_h($mem) . '), 256 but that should be enough in most cases. If not, increase memory_limit in php.ini', 0); 257 } else { 258 msg('More than 32MB RAM (' . filesize_h($mem) . ') available.', 1); 259 } 260 } 261 262 if (is_writable($conf['changelog'])) { 263 msg('Changelog is writable', 1); 264 } elseif (file_exists($conf['changelog'])) { 265 msg('Changelog is not writable', -1); 266 } 267 268 if (isset($conf['changelog_old']) && file_exists($conf['changelog_old'])) { 269 msg('Old changelog exists', 0); 270 } 271 272 if (file_exists($conf['changelog'] . '_failed')) { 273 msg('Importing old changelog failed', -1); 274 } elseif (file_exists($conf['changelog'] . '_importing')) { 275 msg('Importing old changelog now.', 0); 276 } elseif (file_exists($conf['changelog'] . '_import_ok')) { 277 msg('Old changelog imported', 1); 278 if (!plugin_isdisabled('importoldchangelog')) { 279 msg('Importoldchangelog plugin not disabled after import', -1); 280 } 281 } 282 283 if (is_writable(DOKU_CONF)) { 284 msg('conf directory is writable', 1); 285 } else { 286 msg('conf directory is not writable', -1); 287 } 288 289 if ($conf['authtype'] == 'plain') { 290 global $config_cascade; 291 if (is_writable($config_cascade['plainauth.users']['default'])) { 292 msg('conf/users.auth.php is writable', 1); 293 } else { 294 msg('conf/users.auth.php is not writable', 0); 295 } 296 } 297 298 if (function_exists('mb_strpos')) { 299 if (defined('UTF8_NOMBSTRING')) { 300 msg('mb_string extension is available but will not be used', 0); 301 } else { 302 msg('mb_string extension is available and will be used', 1); 303 if (ini_get('mbstring.func_overload') != 0) { 304 msg('mb_string function overloading is enabled, this will cause problems and should be disabled', -1); 305 } 306 } 307 } else { 308 msg('mb_string extension not available - PHP only replacements will be used', 0); 309 } 310 311 if (!UTF8_PREGSUPPORT) { 312 msg('PHP is missing UTF-8 support in Perl-Compatible Regular Expressions (PCRE)', -1); 313 } 314 if (!UTF8_PROPERTYSUPPORT) { 315 msg('PHP is missing Unicode properties support in Perl-Compatible Regular Expressions (PCRE)', -1); 316 } 317 318 $loc = setlocale(LC_ALL, 0); 319 if (!$loc) { 320 msg('No valid locale is set for your PHP setup. You should fix this', -1); 321 } elseif (stripos($loc, 'utf') === false) { 322 msg('Your locale <code>' . hsc($loc) . '</code> seems not to be a UTF-8 locale, 323 you should fix this if you encounter problems.', 0); 324 } else { 325 msg('Valid locale ' . hsc($loc) . ' found.', 1); 326 } 327 328 if ($conf['allowdebug']) { 329 msg('Debugging support is enabled. If you don\'t need it you should set $conf[\'allowdebug\'] = 0', -1); 330 } else { 331 msg('Debugging support is disabled', 1); 332 } 333 334 if (!empty($INFO['userinfo']['name'])) { 335 msg(sprintf( 336 "You are currently logged in as %s (%s)", 337 $INPUT->server->str('REMOTE_USER'), 338 $INFO['userinfo']['name'] 339 ), 0); 340 msg('You are part of the groups ' . implode(', ', $INFO['userinfo']['grps']), 0); 341 } else { 342 msg('You are currently not logged in', 0); 343 } 344 345 msg('Your current permission for this page is ' . $INFO['perm'], 0); 346 347 if (file_exists($INFO['filepath']) && is_writable($INFO['filepath'])) { 348 msg('The current page is writable by the webserver', 1); 349 } elseif (!file_exists($INFO['filepath']) && is_writable(dirname($INFO['filepath']))) { 350 msg('The current page can be created by the webserver', 1); 351 } else { 352 msg('The current page is not writable by the webserver', -1); 353 } 354 355 if ($INFO['writable']) { 356 msg('The current page is writable by you', 1); 357 } else { 358 msg('The current page is not writable by you', -1); 359 } 360 361 // Check for corrupted search index 362 $lengths = idx_listIndexLengths(); 363 $index_corrupted = false; 364 foreach ($lengths as $length) { 365 if (count(idx_getIndex('w', $length)) !== count(idx_getIndex('i', $length))) { 366 $index_corrupted = true; 367 break; 368 } 369 } 370 371 foreach (idx_getIndex('metadata', '') as $index) { 372 if (count(idx_getIndex($index . '_w', '')) !== count(idx_getIndex($index . '_i', ''))) { 373 $index_corrupted = true; 374 break; 375 } 376 } 377 378 if ($index_corrupted) { 379 msg( 380 'The search index is corrupted. It might produce wrong results and most 381 probably needs to be rebuilt. See 382 <a href="https://www.dokuwiki.org/faq:searchindex">faq:searchindex</a> 383 for ways to rebuild the search index.', 384 -1 385 ); 386 } elseif (!empty($lengths)) { 387 msg('The search index seems to be working', 1); 388 } else { 389 msg( 390 'The search index is empty. See 391 <a href="https://www.dokuwiki.org/faq:searchindex">faq:searchindex</a> 392 for help on how to fix the search index. If the default indexer 393 isn\'t used or the wiki is actually empty this is normal.' 394 ); 395 } 396 397 // rough time check 398 $http = new DokuHTTPClient(); 399 $http->max_redirect = 0; 400 $http->timeout = 3; 401 $http->sendRequest('https://www.dokuwiki.org', '', 'HEAD'); 402 $now = time(); 403 if (isset($http->resp_headers['date'])) { 404 $time = strtotime($http->resp_headers['date']); 405 $diff = $time - $now; 406 407 if (abs($diff) < 4) { 408 msg("Server time seems to be okay. Diff: {$diff}s", 1); 409 } else { 410 msg("Your server's clock seems to be out of sync! 411 Consider configuring a sync with a NTP server. Diff: {$diff}s"); 412 } 413 } 414 } 415 416 /** 417 * Display a message to the user 418 * 419 * If HTTP headers were not sent yet the message is added 420 * to the global message array else it's printed directly 421 * using html_msgarea() 422 * 423 * Triggers INFOUTIL_MSG_SHOW 424 * 425 * @param string $message 426 * @param int $lvl -1 = error, 0 = info, 1 = success, 2 = notify 427 * @param string $line line number 428 * @param string $file file number 429 * @param int $allow who's allowed to see the message, see MSG_* constants 430 * @see html_msgarea() 431 */ 432 function msg($message, $lvl = 0, $line = '', $file = '', $allow = MSG_PUBLIC) 433 { 434 global $MSG, $MSG_shown; 435 static $errors = [ 436 -1 => 'error', 437 0 => 'info', 438 1 => 'success', 439 2 => 'notify', 440 ]; 441 442 $msgdata = [ 443 'msg' => $message, 444 'lvl' => $errors[$lvl], 445 'allow' => $allow, 446 'line' => $line, 447 'file' => $file, 448 ]; 449 450 $evt = new Event('INFOUTIL_MSG_SHOW', $msgdata); 451 if ($evt->advise_before()) { 452 /* Show msg normally - event could suppress message show */ 453 if ($msgdata['line'] || $msgdata['file']) { 454 $basename = PhpString::basename($msgdata['file']); 455 $msgdata['msg'] .= ' [' . $basename . ':' . $msgdata['line'] . ']'; 456 } 457 458 if (!isset($MSG)) $MSG = []; 459 $MSG[] = $msgdata; 460 if (isset($MSG_shown) || headers_sent()) { 461 if (function_exists('html_msgarea')) { 462 html_msgarea(); 463 } else { 464 echo "ERROR(" . $msgdata['lvl'] . ") " . $msgdata['msg'] . "\n"; 465 } 466 unset($GLOBALS['MSG']); 467 } 468 } 469 $evt->advise_after(); 470 unset($evt); 471 } 472 473 /** 474 * Determine whether the current user is allowed to view the message 475 * in the $msg data structure 476 * 477 * @param array $msg dokuwiki msg structure: 478 * msg => string, the message; 479 * lvl => int, level of the message (see msg() function); 480 * allow => int, flag used to determine who is allowed to see the message, see MSG_* constants 481 * @return bool 482 */ 483 function info_msg_allowed($msg) 484 { 485 global $INFO, $auth; 486 487 // is the message public? - everyone and anyone can see it 488 if (empty($msg['allow']) || ($msg['allow'] == MSG_PUBLIC)) return true; 489 490 // restricted msg, but no authentication 491 if (!$auth instanceof AuthPlugin) return false; 492 493 switch ($msg['allow']) { 494 case MSG_USERS_ONLY: 495 return !empty($INFO['userinfo']); 496 497 case MSG_MANAGERS_ONLY: 498 return $INFO['ismanager']; 499 500 case MSG_ADMINS_ONLY: 501 return $INFO['isadmin']; 502 503 default: 504 trigger_error( 505 'invalid msg allow restriction. msg="' . $msg['msg'] . '" allow=' . $msg['allow'] . '"', 506 E_USER_WARNING 507 ); 508 return $INFO['isadmin']; 509 } 510 } 511 512 /** 513 * print debug messages 514 * 515 * little function to print the content of a var 516 * 517 * @param string $msg 518 * @param bool $hidden 519 * 520 * @author Andreas Gohr <andi@splitbrain.org> 521 */ 522 function dbg($msg, $hidden = false) 523 { 524 if ($hidden) { 525 echo "<!--\n"; 526 print_r($msg); 527 echo "\n-->"; 528 } else { 529 echo '<pre class="dbg">'; 530 echo hsc(print_r($msg, true)); 531 echo '</pre>'; 532 } 533 } 534 535 /** 536 * Print info to debug log file 537 * 538 * @param string $msg 539 * @param string $header 540 * 541 * @author Andreas Gohr <andi@splitbrain.org> 542 * @deprecated 2020-08-13 543 */ 544 function dbglog($msg, $header = '') 545 { 546 dbg_deprecated('\\dokuwiki\\Logger'); 547 548 // was the msg as single line string? use it as header 549 if ($header === '' && is_string($msg) && strpos($msg, "\n") === false) { 550 $header = $msg; 551 $msg = ''; 552 } 553 554 Logger::getInstance(Logger::LOG_DEBUG)->log( 555 $header, 556 $msg 557 ); 558 } 559 560 /** 561 * Log accesses to deprecated fucntions to the debug log 562 * 563 * @param string $alternative The function or method that should be used instead 564 * @triggers INFO_DEPRECATION_LOG 565 */ 566 function dbg_deprecated($alternative = '') 567 { 568 DebugHelper::dbgDeprecatedFunction($alternative, 2); 569 } 570 571 /** 572 * Print a reversed, prettyprinted backtrace 573 * 574 * @author Gary Owen <gary_owen@bigfoot.com> 575 */ 576 function dbg_backtrace() 577 { 578 // Get backtrace 579 $backtrace = debug_backtrace(); 580 581 // Unset call to debug_print_backtrace 582 array_shift($backtrace); 583 584 // Iterate backtrace 585 $calls = []; 586 $depth = count($backtrace) - 1; 587 foreach ($backtrace as $i => $call) { 588 if (isset($call['file'])) { 589 $location = $call['file'] . ':' . ($call['line'] ?? '0'); 590 } else { 591 $location = '[anonymous]'; 592 } 593 if (isset($call['class'])) { 594 $function = $call['class'] . $call['type'] . $call['function']; 595 } else { 596 $function = $call['function']; 597 } 598 599 $params = []; 600 if (isset($call['args'])) { 601 foreach ($call['args'] as $arg) { 602 if (is_object($arg)) { 603 $params[] = '[Object ' . get_class($arg) . ']'; 604 } elseif (is_array($arg)) { 605 $params[] = '[Array]'; 606 } elseif (is_null($arg)) { 607 $params[] = '[NULL]'; 608 } else { 609 $params[] = '"' . $arg . '"'; 610 } 611 } 612 } 613 $params = implode(', ', $params); 614 615 $calls[$depth - $i] = sprintf( 616 '%s(%s) called at %s', 617 $function, 618 str_replace("\n", '\n', $params), 619 $location 620 ); 621 } 622 ksort($calls); 623 624 return implode("\n", $calls); 625 } 626 627 /** 628 * Remove all data from an array where the key seems to point to sensitive data 629 * 630 * This is used to remove passwords, mail addresses and similar data from the 631 * debug output 632 * 633 * @param array $data 634 * 635 * @author Andreas Gohr <andi@splitbrain.org> 636 */ 637 function debug_guard(&$data) 638 { 639 foreach ($data as $key => $value) { 640 if (preg_match('/(notify|pass|auth|secret|ftp|userinfo|token|buid|mail|proxy)/i', $key)) { 641 $data[$key] = '***'; 642 continue; 643 } 644 if (is_array($value)) debug_guard($data[$key]); 645 } 646 } 647