PostDebugPlugin.php 4.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152
  1. <?php
  2. /**
  3. * StatusNet - the distributed open-source microblogging tool
  4. * Copyright (C) 2010, StatusNet, Inc.
  5. *
  6. * Debugging helper plugin -- records detailed data on POSTs to log
  7. *
  8. * PHP version 5
  9. *
  10. * This program is free software: you can redistribute it and/or modify
  11. * it under the terms of the GNU Affero General Public License as published by
  12. * the Free Software Foundation, either version 3 of the License, or
  13. * (at your option) any later version.
  14. *
  15. * This program is distributed in the hope that it will be useful,
  16. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  17. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  18. * GNU Affero General Public License for more details.
  19. *
  20. * You should have received a copy of the GNU Affero General Public License
  21. * along with this program. If not, see <http://www.gnu.org/licenses/>.
  22. *
  23. * @category Sample
  24. * @package StatusNet
  25. * @author Brion Vibber <brionv@status.net>
  26. * @copyright 2010 StatusNet, Inc.
  27. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0
  28. * @link http://status.net/
  29. */
  30. if (!defined('STATUSNET')) {
  31. exit(1);
  32. }
  33. class PostDebugPlugin extends Plugin
  34. {
  35. const PLUGIN_VERSION = '2.0.0';
  36. /**
  37. * Set to a directory to dump individual items instead of
  38. * sending to the debug log
  39. */
  40. public $dir=false;
  41. public function onArgsInitialize(&$args)
  42. {
  43. if (isset($_SERVER['REQUEST_METHOD']) &&
  44. $_SERVER['REQUEST_METHOD'] == 'POST') {
  45. $this->doDebug();
  46. }
  47. }
  48. public function onPluginVersion(array &$versions): bool
  49. {
  50. $versions[] = array('name' => 'PostDebug',
  51. 'version' => self::PLUGIN_VERSION,
  52. 'author' => 'Brion Vibber',
  53. 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/PostDebug',
  54. 'rawdescription' =>
  55. // TRANS: Plugin description.
  56. _m('Debugging tool to record request details on POST.'));
  57. return true;
  58. }
  59. protected function doDebug()
  60. {
  61. $data = array('timestamp' => gmdate('r'),
  62. 'remote_addr' => @$_SERVER['REMOTE_ADDR'],
  63. 'url' => @$_SERVER['REQUEST_URI'],
  64. 'have_session' => common_have_session(),
  65. 'logged_in' => common_logged_in(),
  66. 'is_real_login' => common_is_real_login(),
  67. 'user' => common_logged_in() ? common_current_user()->nickname : null,
  68. 'headers' => $this->getHttpHeaders(),
  69. 'post_data' => $this->sanitizePostData($_POST));
  70. $this->saveDebug($data);
  71. }
  72. protected function saveDebug($data)
  73. {
  74. $output = var_export($data, true);
  75. if ($this->dir) {
  76. $file = $this->dir . DIRECTORY_SEPARATOR . $this->logFileName();
  77. file_put_contents($file, $output);
  78. } else {
  79. common_log(LOG_DEBUG, "PostDebug: $output");
  80. }
  81. }
  82. protected function logFileName()
  83. {
  84. $base = common_request_id();
  85. $base = preg_replace('/^(.+?) .*$/', '$1', $base);
  86. $base = str_replace(':', '-', $base);
  87. $base = rawurlencode($base);
  88. return $base;
  89. }
  90. protected function getHttpHeaders()
  91. {
  92. if (function_exists('getallheaders')) {
  93. $headers = getallheaders();
  94. } else {
  95. $headers = array();
  96. $prefix = 'HTTP_';
  97. $prefixLen = strlen($prefix);
  98. foreach ($_SERVER as $key => $val) {
  99. if (substr($key, 0, $prefixLen) == $prefix) {
  100. $header = $this->normalizeHeader(substr($key, $prefixLen));
  101. $headers[$header] = $val;
  102. }
  103. }
  104. }
  105. foreach ($headers as $header => $val) {
  106. if (strtolower($header) == 'cookie') {
  107. $headers[$header] = $this->sanitizeCookies($val);
  108. }
  109. }
  110. return $headers;
  111. }
  112. protected function normalizeHeader($key)
  113. {
  114. return implode('-',
  115. array_map('ucfirst',
  116. explode("_",
  117. strtolower($key))));
  118. }
  119. function sanitizeCookies($val)
  120. {
  121. $blacklist = array(session_name(), 'rememberme');
  122. foreach ($blacklist as $name) {
  123. $val = preg_replace("/(^|;\s*)({$name}=)(.*?)(;|$)/",
  124. "$1$2########$4",
  125. $val);
  126. }
  127. return $val;
  128. }
  129. function sanitizePostData($data)
  130. {
  131. $blacklist = array('password', 'confirm', 'token');
  132. foreach ($data as $key => $val) {
  133. if (in_array($key, $blacklist)) {
  134. $data[$key] = '########';
  135. }
  136. }
  137. return $data;
  138. }
  139. }