PostDebugPlugin.php 4.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150
  1. <?php
  2. /**
  3. * StatusNet - the distributed open-source microblogging tool
  4. * Copyright (C) 2010, StatusNet, Inc.
  5. *
  6. * Debugging helper plugin -- records detailed data on POSTs to log
  7. *
  8. * PHP version 5
  9. *
  10. * This program is free software: you can redistribute it and/or modify
  11. * it under the terms of the GNU Affero General Public License as published by
  12. * the Free Software Foundation, either version 3 of the License, or
  13. * (at your option) any later version.
  14. *
  15. * This program is distributed in the hope that it will be useful,
  16. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  17. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  18. * GNU Affero General Public License for more details.
  19. *
  20. * You should have received a copy of the GNU Affero General Public License
  21. * along with this program. If not, see <http://www.gnu.org/licenses/>.
  22. *
  23. * @category Sample
  24. * @package StatusNet
  25. * @author Brion Vibber <brionv@status.net>
  26. * @copyright 2010 StatusNet, Inc.
  27. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0
  28. * @link http://status.net/
  29. */
  30. if (!defined('STATUSNET')) {
  31. exit(1);
  32. }
  33. class PostDebugPlugin extends Plugin
  34. {
  35. /**
  36. * Set to a directory to dump individual items instead of
  37. * sending to the debug log
  38. */
  39. public $dir=false;
  40. public function onArgsInitialize(&$args)
  41. {
  42. if (isset($_SERVER['REQUEST_METHOD']) &&
  43. $_SERVER['REQUEST_METHOD'] == 'POST') {
  44. $this->doDebug();
  45. }
  46. }
  47. public function onPluginVersion(array &$versions)
  48. {
  49. $versions[] = array('name' => 'PostDebug',
  50. 'version' => GNUSOCIAL_VERSION,
  51. 'author' => 'Brion Vibber',
  52. 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/PostDebug',
  53. 'rawdescription' =>
  54. // TRANS: Plugin description.
  55. _m('Debugging tool to record request details on POST.'));
  56. return true;
  57. }
  58. protected function doDebug()
  59. {
  60. $data = array('timestamp' => gmdate('r'),
  61. 'remote_addr' => @$_SERVER['REMOTE_ADDR'],
  62. 'url' => @$_SERVER['REQUEST_URI'],
  63. 'have_session' => common_have_session(),
  64. 'logged_in' => common_logged_in(),
  65. 'is_real_login' => common_is_real_login(),
  66. 'user' => common_logged_in() ? common_current_user()->nickname : null,
  67. 'headers' => $this->getHttpHeaders(),
  68. 'post_data' => $this->sanitizePostData($_POST));
  69. $this->saveDebug($data);
  70. }
  71. protected function saveDebug($data)
  72. {
  73. $output = var_export($data, true);
  74. if ($this->dir) {
  75. $file = $this->dir . DIRECTORY_SEPARATOR . $this->logFileName();
  76. file_put_contents($file, $output);
  77. } else {
  78. common_log(LOG_DEBUG, "PostDebug: $output");
  79. }
  80. }
  81. protected function logFileName()
  82. {
  83. $base = common_request_id();
  84. $base = preg_replace('/^(.+?) .*$/', '$1', $base);
  85. $base = str_replace(':', '-', $base);
  86. $base = rawurlencode($base);
  87. return $base;
  88. }
  89. protected function getHttpHeaders()
  90. {
  91. if (function_exists('getallheaders')) {
  92. $headers = getallheaders();
  93. } else {
  94. $headers = array();
  95. $prefix = 'HTTP_';
  96. $prefixLen = strlen($prefix);
  97. foreach ($_SERVER as $key => $val) {
  98. if (substr($key, 0, $prefixLen) == $prefix) {
  99. $header = $this->normalizeHeader(substr($key, $prefixLen));
  100. $headers[$header] = $val;
  101. }
  102. }
  103. }
  104. foreach ($headers as $header => $val) {
  105. if (strtolower($header) == 'cookie') {
  106. $headers[$header] = $this->sanitizeCookies($val);
  107. }
  108. }
  109. return $headers;
  110. }
  111. protected function normalizeHeader($key)
  112. {
  113. return implode('-',
  114. array_map('ucfirst',
  115. explode("_",
  116. strtolower($key))));
  117. }
  118. function sanitizeCookies($val)
  119. {
  120. $blacklist = array(session_name(), 'rememberme');
  121. foreach ($blacklist as $name) {
  122. $val = preg_replace("/(^|;\s*)({$name}=)(.*?)(;|$)/",
  123. "$1$2########$4",
  124. $val);
  125. }
  126. return $val;
  127. }
  128. function sanitizePostData($data)
  129. {
  130. $blacklist = array('password', 'confirm', 'token');
  131. foreach ($data as $key => $val) {
  132. if (in_array($key, $blacklist)) {
  133. $data[$key] = '########';
  134. }
  135. }
  136. return $data;
  137. }
  138. }