Skip to content
Snippets Groups Projects
Commit d08fdb07 authored by catch's avatar catch
Browse files

Issue #3358514 by poker10, mcdruid, smustgrave: Make phpinfo on the admin... 

Issue #3358514 by poker10, mcdruid, smustgrave: Make phpinfo on the admin status report configurable
parent d8f747b1
No related branches found
No related tags found
50 merge requests!54479.5.x SF update,!5014Issue #3071143: Table Render Array Example Is Incorrect,!4868Issue #1428520: Improve menu parent link selection,!4686Issue #3292350: file_validate_image_resolution does not update file size after resizing,!4594Applying patch for Views Global Text area field to allow extra HTML tags. As video, source and iframe tag is not rendering. Due to which Media embedded video and remote-video not rendering in Views Global Text area field.,!4289Issue #1344552 by marcingy, Niklas Fiekas, Ravi.J, aleevas, Eduardo Morales...,!4114Issue #2707291: Disable body-level scrolling when a dialog is open as a modal,!4022Update String overrides example in default.settings.php,!3878Removed unused condition head title for views,!38582585169-10.1.x,!3825Issue #2972573: randomMachineName() should conform to processMachineName() pattern,!3818Issue #2140179: $entity->original gets stale between updates,!3770Issue #3318112: Move "Block layout" from Structure to Appearance,!3742Issue #3328429: Create item list field formatter for displaying ordered and unordered lists,!3731Claro: role=button on status report items,!3668Resolve #3347842 "Deprecate the trusted",!3651Issue #3347736: Create new SDC component for Olivero (header-search),!3546refactored dialog.pcss file,!3531Issue #3336994: StringFormatter always displays links to entity even if the user in context does not have access,!3502Issue #3335308: Confusing behavior with FormState::setFormState and FormState::setMethod,!3452Issue #3332701: Refactor Claro's tablesort-indicator stylesheet,!3451Issue #2410579: Allows setting the current language programmatically.,!3355Issue #3209129: Scrolling problems when adding a block via layout builder,!3228Issue #2920678: Add config validation for the allowed characters of machine names,!3226Issue #2987537: Custom menu link entity type should not declare "bundle" entity key,!3154Fixes #2987987 - CSRF token validation broken on routes with optional parameters.,!3147Issue #3328457: Replace most substr($a, $i) where $i is negative with str_ends_with(),!3146Issue #3328456: Replace substr($a, 0, $i) with str_starts_with(),!3133core/modules/system/css/components/hidden.module.css,!31312878513-10.1.x,!3009Issue #3323252: Add @method PhpDoc for EntityStorageInterface descendants,!2812Issue #3312049: [Followup] Fix Drupal.Commenting.FunctionComment.MissingReturnType returns for NULL,!2614Issue #2981326: Replace non-test usages of \Drupal::logger() with IoC injection,!2378Issue #2875033: Optimize joins and table selection in SQL entity query implementation,!2334Issue #3228209: Add hasRole() method to AccountInterface,!2062Issue #3246454: Add weekly granularity to views date sort,!1591Issue #3199697: Add JSON:API Translation experimental module,!1255Issue #3238922: Refactor (if feasible) uses of the jQuery serialize function to use vanillaJS,!1105Issue #3025039: New non translatable field on translatable content throws error,!1073issue #3191727: Focus states on mobile second level navigation items fixed,!10223132456: Fix issue where views instances are emptied before an ajax request is complete,!877Issue #2708101: Default value for link text is not saved,!844Resolve #3036010 "Updaters",!673Issue #3214208: FinishResponseSubscriber could create duplicate headers,!617Issue #3043725: Provide a Entity Handler for user cancelation,!579Issue #2230909: Simple decimals fail to pass validation,!560Move callback classRemove outside of the loop,!555Issue #3202493,!485Sets the autocomplete attribute for username/password input field on login form.,!30Issue #3182188: Updates composer usage to point at ./vendor/bin/composer
Hide whitespace changes
Inline Side-by-side
core/assets/scaffold/files/default.settings.php
+ 17
0
View file @ d08fdb07
...@@ -560,6 +560,23 @@ ...@@ -560,6 +560,23 @@
*/ */
# $settings['file_sa_core_2023_005_schemes'] = ['porcelain']; # $settings['file_sa_core_2023_005_schemes'] = ['porcelain'];
/**
* Configuration for phpinfo() admin status report.
*
* Drupal's admin UI includes a report at admin/reports/status/php which shows
* the output of phpinfo(). The full output can contain sensitive information
* so by default Drupal removes some sections.
*
* This behaviour can be configured by setting this variable to a different
* value corresponding to the flags parameter of phpinfo().
*
* If you need to expose more information in the report - for example to debug a
* problem - consider doing so temporarily.
*
* @see https://www.php.net/manual/function.phpinfo.php
*/
# $settings['sa_core_2023_004_phpinfo_flags'] = ~ (INFO_VARIABLES | INFO_ENVIRONMENT);
/** /**
* Private file path: * Private file path:
* *
......
core/modules/system/src/Controller/SystemInfoController.php
+ 3
1
View file @ d08fdb07
...@@ -2,6 +2,7 @@ ...@@ -2,6 +2,7 @@
namespace Drupal\system\Controller; namespace Drupal\system\Controller;
use Drupal\Core\Site\Settings;
use Symfony\Component\DependencyInjection\ContainerInterface; use Symfony\Component\DependencyInjection\ContainerInterface;
use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpFoundation\Response;
use Drupal\Core\DependencyInjection\ContainerInjectionInterface; use Drupal\Core\DependencyInjection\ContainerInjectionInterface;
...@@ -62,7 +63,8 @@ public function status() { ...@@ -62,7 +63,8 @@ public function status() {
public function php() { public function php() {
if (function_exists('phpinfo')) { if (function_exists('phpinfo')) {
ob_start(); ob_start();
phpinfo(~ (INFO_VARIABLES | INFO_ENVIRONMENT)); $phpinfo_flags = Settings::get('sa_core_2023_004_phpinfo_flags', ~ (INFO_VARIABLES | INFO_ENVIRONMENT));
phpinfo($phpinfo_flags);
$output = ob_get_clean(); $output = ob_get_clean();
} }
else { else {
......
core/modules/system/tests/src/Functional/System/StatusTest.php
+ 9
0
View file @ d08fdb07
...@@ -93,6 +93,15 @@ public function testStatusPage() { ...@@ -93,6 +93,15 @@ public function testStatusPage() {
$this->drupalGet('admin/reports/status/php'); $this->drupalGet('admin/reports/status/php');
$this->assertSession()->statusCodeEquals(200); $this->assertSession()->statusCodeEquals(200);
$settings['settings']['sa_core_2023_004_phpinfo_flags'] = (object) [
'value' => INFO_ALL,
'required' => TRUE,
];
$this->writeSettings($settings);
$this->drupalGet('admin/reports/status/php');
$this->assertSession()->pageTextContains('PHP');
$this->assertSession()->pageTextContains('$_COOKIE');
// Check if cron error is displayed in errors section. // Check if cron error is displayed in errors section.
$cron_last_run = \Drupal::state()->get('system.cron_last'); $cron_last_run = \Drupal::state()->get('system.cron_last');
\Drupal::state()->set('system.cron_last', 0); \Drupal::state()->set('system.cron_last', 0);
......
sites/default/default.settings.php
+ 17
0
View file @ d08fdb07
...@@ -560,6 +560,23 @@ ...@@ -560,6 +560,23 @@
*/ */
# $settings['file_sa_core_2023_005_schemes'] = ['porcelain']; # $settings['file_sa_core_2023_005_schemes'] = ['porcelain'];
/**
* Configuration for phpinfo() admin status report.
*
* Drupal's admin UI includes a report at admin/reports/status/php which shows
* the output of phpinfo(). The full output can contain sensitive information
* so by default Drupal removes some sections.
*
* This behaviour can be configured by setting this variable to a different
* value corresponding to the flags parameter of phpinfo().
*
* If you need to expose more information in the report - for example to debug a
* problem - consider doing so temporarily.
*
* @see https://www.php.net/manual/function.phpinfo.php
*/
# $settings['sa_core_2023_004_phpinfo_flags'] = ~ (INFO_VARIABLES | INFO_ENVIRONMENT);
/** /**
* Private file path: * Private file path:
* *
......
  • catch @catch

    mentioned in commit b8b9c54f

     ·

    mentioned in commit b8b9c54f

    Toggle commit list
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment