Skip to content
Snippets Groups Projects
Commit b8b9c54f authored by catch's avatar catch
Browse files

Issue #3358514 by poker10, mcdruid, smustgrave: Make phpinfo on the admin... 

Issue #3358514 by poker10, mcdruid, smustgrave: Make phpinfo on the admin status report configurable

(cherry picked from commit d08fdb07)
parent 18ad02a4
No related branches found
No related tags found
30 merge requests!7564Revert "Issue #3364773 by roshnichordiya, Chris Matthews, thakurnishant_06,...,!5752Issue #3275828 by joachim, quietone, bradjones1, Berdir: document the reason...,!5688Issue #3087950 by Utkarsh_33, swatichouhan012, komalk, Sivaji_Ganesh_Jojodae,...,!5627Issue #3261805: Field not saved when change of 0 on string start,!5427Issue #3338518: send credentials in ajax if configured in CORS settings.,!5395Issue #3387916 by fjgarlin, Spokje: Each GitLab job exposes user email,!5217Issue #3386607 by alexpott: Improve spell checking in commit-code-check.sh,!5064Issue #3379522 by finnsky, Gauravvvv, kostyashupenko, smustgrave, Chi: Revert...,!5040SDC ComponentElement: Transform slots scalar values to #plain_text instead of throwing an exception,!4958Issue #3392147: Whitelist IP for a Ban module.,!4942Issue #3365945: Errors: The following table(s) do not have a primary key: forum_index,!4894Issue #3280279: Add API to allow sites to opt in to upload SVG images in CKEditor 5,!4857Issue #3336994: StringFormatter always displays links to entity even if the user in context does not have access,!4856Issue #3336994: StringFormatter always displays links to entity even if the user in context does not have access,!4788Issue #3272985: RSS Feed header reverts to text/html when cached,!4716Issue #3362929: Improve 400 responses for broken/invalid image style routes,!4553Draft: Issue #2980951: Permission to see own unpublished comments in comment thread,!4273Add UUID to sections,!4192Issue #3367204: [CKEditor5] Missing dependency on drupal.ajax,!4100Issue #3249600: Add support for PHP 8.1 Enums as allowed values for list_* data types,!4090Draft: Issue #3362924 by shwetaDevkate, Gauravvvv, frank8199,!3679Issue #115801: Allow password on registration without disabling e-mail verification,!3676Issue #3347497: Introduce a FetchModeTrait to allow emulating PDO fetch modes,!3106Issue #3017548: "Filtered HTML" text format does not support manual teaser break (<!--break-->),!3066Issue #3325175: Deprecate calling \Drupal\menu_link_content\Form\MenuLinkContentForm::_construct() with the $language_manager argument,!3004Issue #2463967: Use .user.ini file for PHP settings,!2851Issue #2264739: Allow multiple field widgets to not use tabledrag,!1484Exposed filters get values from URL when Ajax is on,!925Issue #2339235: Remove taxonomy hard dependency on node module,!872Draft: Issue #3221319: Race condition when creating menu links and editing content deletes menu links
Hide whitespace changes
Inline Side-by-side
core/assets/scaffold/files/default.settings.php
+ 17
0
View file @ b8b9c54f
......@@ -560,6 +560,23 @@
*/
# $settings['file_sa_core_2023_005_schemes'] = ['porcelain'];
/**
* Configuration for phpinfo() admin status report.
*
* Drupal's admin UI includes a report at admin/reports/status/php which shows
* the output of phpinfo(). The full output can contain sensitive information
* so by default Drupal removes some sections.
*
* This behaviour can be configured by setting this variable to a different
* value corresponding to the flags parameter of phpinfo().
*
* If you need to expose more information in the report - for example to debug a
* problem - consider doing so temporarily.
*
* @see https://www.php.net/manual/function.phpinfo.php
*/
# $settings['sa_core_2023_004_phpinfo_flags'] = ~ (INFO_VARIABLES | INFO_ENVIRONMENT);
/**
* Private file path:
*
......
core/modules/system/src/Controller/SystemInfoController.php
+ 3
1
View file @ b8b9c54f
......@@ -2,6 +2,7 @@
namespace Drupal\system\Controller;
use Drupal\Core\Site\Settings;
use Symfony\Component\DependencyInjection\ContainerInterface;
use Symfony\Component\HttpFoundation\Response;
use Drupal\Core\DependencyInjection\ContainerInjectionInterface;
......@@ -62,7 +63,8 @@ public function status() {
public function php() {
if (function_exists('phpinfo')) {
ob_start();
phpinfo(~ (INFO_VARIABLES | INFO_ENVIRONMENT));
$phpinfo_flags = Settings::get('sa_core_2023_004_phpinfo_flags', ~ (INFO_VARIABLES | INFO_ENVIRONMENT));
phpinfo($phpinfo_flags);
$output = ob_get_clean();
}
else {
......
core/modules/system/tests/src/Functional/System/StatusTest.php
+ 9
0
View file @ b8b9c54f
......@@ -93,6 +93,15 @@ public function testStatusPage() {
$this->drupalGet('admin/reports/status/php');
$this->assertSession()->statusCodeEquals(200);
$settings['settings']['sa_core_2023_004_phpinfo_flags'] = (object) [
'value' => INFO_ALL,
'required' => TRUE,
];
$this->writeSettings($settings);
$this->drupalGet('admin/reports/status/php');
$this->assertSession()->pageTextContains('PHP');
$this->assertSession()->pageTextContains('$_COOKIE');
// Check if cron error is displayed in errors section.
$cron_last_run = \Drupal::state()->get('system.cron_last');
\Drupal::state()->set('system.cron_last', 0);
......
sites/default/default.settings.php
+ 17
0
View file @ b8b9c54f
......@@ -560,6 +560,23 @@
*/
# $settings['file_sa_core_2023_005_schemes'] = ['porcelain'];
/**
* Configuration for phpinfo() admin status report.
*
* Drupal's admin UI includes a report at admin/reports/status/php which shows
* the output of phpinfo(). The full output can contain sensitive information
* so by default Drupal removes some sections.
*
* This behaviour can be configured by setting this variable to a different
* value corresponding to the flags parameter of phpinfo().
*
* If you need to expose more information in the report - for example to debug a
* problem - consider doing so temporarily.
*
* @see https://www.php.net/manual/function.phpinfo.php
*/
# $settings['sa_core_2023_004_phpinfo_flags'] = ~ (INFO_VARIABLES | INFO_ENVIRONMENT);
/**
* Private file path:
*
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment