update

6 years ago · 842927168e
parent fc394e6248
commit 842927168e
5 changed files with 143 additions and 93 deletions
--- a/plugins/php/conf/php56.ini
+++ b/plugins/php/conf/php56.ini
@ -8,8 +8,6 @@ zlib.output_compression = Off
 implicit_flush = Off
 unserialize_callback_func =
 serialize_precision = 17
 disable_functions =
 disable_classes =
 zend.enable_gc = On
 expose_php = On
 max_execution_time = 30
@ -39,7 +37,7 @@ enable_dl = Off
 file_uploads = On
-upload_tmp_dir = "MD:/bin/tmp/upload"
+upload_tmp_dir = "/tmp"
 upload_max_filesize = 2M
 max_file_uploads = 20
@ -47,6 +45,8 @@ allow_url_fopen = On
 allow_url_include = Off
 default_socket_timeout = 60
 disable_functions = phpinfo,exec,passthru,shell_exec,system,proc_open,popen,curl_exec,curl_multi_exec,parse_ini_file,show_source
 [CLI Server]
 cli_server.color = On
--- a/plugins/php/conf/php72.ini
+++ b/plugins/php/conf/php72.ini
@ -8,8 +8,6 @@ zlib.output_compression = Off
 implicit_flush = Off
 unserialize_callback_func =
 serialize_precision = 17
 disable_functions =
 disable_classes =
 zend.enable_gc = On
 expose_php = On
 max_execution_time = 30
@ -46,6 +44,8 @@ allow_url_fopen = On
 allow_url_include = Off
 default_socket_timeout = 60
 disable_functions = phpinfo,exec,passthru,shell_exec,system,proc_open,popen,curl_exec,curl_multi_exec,parse_ini_file,show_source
 [CLI Server]
 cli_server.color = On
--- a/plugins/php/index.html
+++ b/plugins/php/index.html
@ -3,12 +3,12 @@
 	<div class="bt-w-main">
 		<div class="bt-w-menu">
 			<p class="bgw" onclick="pluginService('php', $('.plugin_version').attr('version'));">服务</p>
-			<p onclick="redisConfig();">安装扩展</p>
+			<p onclick="phpLibConfig($('.plugin_version').attr('version'));">安装扩展</p>
 			<p onclick="phpSetConfig($('.plugin_version').attr('version'));">配置修改</p>
 			<p onclick="phpUploadLimitReq($('.plugin_version').attr('version'));">上传限制</p>
 			<p onclick="phpTimeLimitReq($('.plugin_version').attr('version'));">超时限制</p>
 			<p onclick="pluginConfig('php', $('.plugin_version').attr('version'));">配置文件</p>
-			<p onclick="redisStatus();">禁用函数</p>
+			<p onclick="disableFunc($('.plugin_version').attr('version'));">禁用函数</p>
 			<p onclick="getFpmConfig($('.plugin_version').attr('version'));">性能调整</p>
 			<p onclick="getFpmStatus($('.plugin_version').attr('version'));">负载状况</p>
 			<p onclick="pluginLogs('php',$('.plugin_version').attr('version'),'fpm_log');">FPM日志</p>
--- a/plugins/php/index.py
+++ b/plugins/php/index.py
@ -393,7 +393,7 @@ def setFpmConfig(version):
    conf = re.sub(rep, "\npm = " + pm + "\n", conf)
    public.writeFile(file, conf)
-    # public.phpReload(version)
+    reload(version)
    public.writeLog("TYPE_PHP", 'PHP_CHILDREN', (version, max_children,
                                                 start_servers, min_spare_servers, max_spare_servers))
    return public.returnJson(True, '设置成功')
@ -413,7 +413,6 @@ def checkFpmStatusFile(version):
 def getFpmStatus(version):
    checkFpmStatusFile(version)
    result = public.httpGet(
        'http://127.0.0.1/phpfpm_status_' + version + '?json')
    tmp = json.loads(result)
@ -421,6 +420,61 @@ def getFpmStatus(version):
    tmp['start time'] = time.strftime('%Y-%m-%d %H:%M:%S', fTime)
    return public.getJson(tmp)
 def getDisableFunc(version):
    filename = public.getServerDir() + '/php/' + version + '/etc/php.ini'
    if not os.path.exists(filename):
        return public.returnJson(False, '指定PHP版本不存在!')
    phpini = public.readFile(filename)
    data = {}
    rep = "disable_functions\s*=\s{0,1}(.*)\n"
    tmp = re.search(rep, phpini).groups()
    data['disable_functions'] = tmp[0]
    return public.getJson(data)
 def setDisableFunc(version):
    filename = public.getServerDir() + '/php/' + version + '/etc/php.ini'
    if not os.path.exists(filename):
        return public.returnJson(False, '指定PHP版本不存在!')
    args = getArgs()
    disable_functions = args['disable_functions']
    phpini = public.readFile(filename)
    rep = "disable_functions\s*=\s*.*\n"
    phpini = re.sub(rep, 'disable_functions = ' +
                    disable_functions + "\n", phpini)
    public.writeLog('TYPE_PHP', 'PHP_DISABLE_FUNCTION',
                    (version, disable_functions))
    public.writeFile(filename, phpini)
    reload(version)
    return public.returnJson(True, '设置成功!')
 def getLibConf(version):
    fname = public.getServerDir() + '/php/' + version + '/etc/php.ini'
    if not os.path.exists(filename):
        return public.returnJson(False, '指定PHP版本不存在!')
    data = {}
    rep = "disable_functions\s*=\s{0,1}(.*)\n"
    tmp = re.search(rep, phpini).groups()
    data['disable_functions'] = tmp[0]
    rep = "upload_max_filesize\s*=\s*([0-9]+)(M|m|K|k)"
    tmp = re.search(rep, phpini).groups()
    data['max'] = tmp[0]
    rep = ur"\n;*\s*cgi\.fix_pathinfo\s*=\s*([0-9]+)\s*\n"
    tmp = re.search(rep, phpini).groups()
    if tmp[0] == '0':
        data['pathinfo'] = False
    else:
        data['pathinfo'] = True
    return public.getJson(data)
 if __name__ == "__main__":
    if len(sys.argv) < 3:
@ -462,5 +516,11 @@ if __name__ == "__main__":
        print setFpmConfig(version)
    elif func == 'get_fpm_status':
        print getFpmStatus(version)
    elif func == 'get_disable_func':
        print getDisableFunc(version)
    elif func == 'set_disable_func':
        print setDisableFunc(version)
    elif func == 'get_lib_conf':
        print getLibConf(version)
    else:
        print "fail"
--- a/plugins/php/js/php.js
+++ b/plugins/php/js/php.js
@ -292,6 +292,78 @@ function getFpmStatus(version){
    });
 }
 //禁用函数
 function disableFunc(version) {
    phpPost('get_disable_func', version,'',function(data){
        var rdata = $.parseJSON(data.data);
        var disable_functions = rdata.disable_functions.split(',');
        var dbody = ''
        for (var i = 0; i < disable_functions.length; i++) {
            if (disable_functions[i] == '') continue;
            dbody += "<tr><td>" + disable_functions[i] + "</td><td><a style='float:right;' href=\"javascript:setDisableFunc('" + version + "','" + disable_functions[i] + "','" + rdata.disable_functions + "');\">删除</a></td></tr>";
        }
        var con = "<div class='dirBinding'>" +
            "<input class='bt-input-text mr5' type='text' placeholder='添加要被禁止的函数名,如: exec' id='disable_function_val' style='height: 28px; border-radius: 3px;width: 410px;' />" +
            "<button class='btn btn-success btn-sm' onclick=\"setDisableFunc('" + version + "',1,'" + rdata.disable_functions + "')\">添加</button>" +
            "</div>" +
            "<div class='divtable mtb15' style='height:350px;overflow:auto'><table class='table table-hover' width='100%' style='margin-bottom:0'>" +
            "<thead><tr><th>名称</th><th width='100' class='text-right'>操作</th></tr></thead>" +
            "<tbody id='blacktable'>" + dbody + "</tbody>" +
            "</table></div>";
        con += '\
        <ul class="help-info-text">\
            <li>在此处可以禁用指定函数的调用,以增强环境安全性!</li>\
            <li>强烈建议禁用如exec,system等危险函数!</li>\
        </ul>';
        $(".soft-man-con").html(con);
    });
 }
 //设置禁用函数
 function setDisableFunc(version, act, fs) {
    var fsArr = fs.split(',');
    if (act == 1) {
        var functions = $("#disable_function_val").val();
        for (var i = 0; i < fsArr.length; i++) {
            if (functions == fsArr[i]) {
                layer.msg(lan.soft.fun_msg, { icon: 5 });
                return;
            }
        }
        fs += ',' + functions;
        msg = '添加成功';
    } else {
        fs = '';
        for (var i = 0; i < fsArr.length; i++) {
            if (act == fsArr[i]) continue;
            fs += fsArr[i] + ','
        }
        msg = '删除成功';
        fs = fs.substr(0, fs.length - 1);
    }
    var data = {
        'version':version,
        'disable_functions':fs,
    };
    phpPost('set_disable_func', version,data,function(data){
        var rdata = $.parseJSON(data.data);
        showMsg(rdata.status ? msg : rdata.msg, function(){
            disableFunc(version);
        } ,{ icon: rdata.status ? 1 : 2 });        
    });
 }
 function phpLibConfig(version){
 }
 //设置PATHINFO
 function setPathInfo(version, type) {
    var loadT = layer.msg(lan.public.the, { icon: 16, time: 0, shade: [0.3, '#000'] });
@ -408,73 +480,13 @@ function UninstallPHPLib(version, name, title, pathinfo) {
        });
    });
 }
 //禁用函数
 function disFun(version) {
    $.get('/ajax?action=GetPHPConfig&version=' + version, function(rdata) {
        var disable_functions = rdata.disable_functions.split(',');
        var dbody = ''
        for (var i = 0; i < disable_functions.length; i++) {
            if (disable_functions[i] == '') continue;
            dbody += "<tr><td>" + disable_functions[i] + "</td><td><a style='float:right;' href=\"javascript:disable_functions('" + version + "','" + disable_functions[i] + "','" + rdata.disable_functions + "');\">" + lan.public.del + "</a></td></tr>";
        }
        var con = "<div class='dirBinding'>" +
            "<input class='bt-input-text mr5' type='text' placeholder='" + lan.soft.fun_ps1 + "' id='disable_function_val' style='height: 28px; border-radius: 3px;width: 410px;' />" +
            "<button class='btn btn-success btn-sm' onclick=\"disable_functions('" + version + "',1,'" + rdata.disable_functions + "')\">" + lan.public.add + "</button>" +
            "</div>" +
            "<div class='divtable mtb15' style='height:350px;overflow:auto'><table class='table table-hover' width='100%' style='margin-bottom:0'>" +
            "<thead><tr><th>" + lan.soft.php_ext_name + "</th><th width='100' class='text-right'>" + lan.public.action + "</th></tr></thead>" +
            "<tbody id='blacktable'>" + dbody + "</tbody>" +
            "</table></div>";
        con += '\
 		<ul class="help-info-text">\
 			<li>' + lan.soft.fun_ps2 + '</li>\
 			<li>' + lan.soft.fun_ps3 + '</li>\
 		</ul>';
        $(".soft-man-con").html(con);
    });
 }
 //设置禁用函数
 function disable_functions(version, act, fs) {
    var fsArr = fs.split(',');
    if (act == 1) {
        var functions = $("#disable_function_val").val();
        for (var i = 0; i < fsArr.length; i++) {
            if (functions == fsArr[i]) {
                layer.msg(lan.soft.fun_msg, { icon: 5 });
                return;
            }
        }
        fs += ',' + functions;
        msg = lan.public.add_success;
    } else {
        fs = '';
        for (var i = 0; i < fsArr.length; i++) {
            if (act == fsArr[i]) continue;
            fs += fsArr[i] + ','
        }
        msg = lan.public.del_success;
        fs = fs.substr(0, fs.length - 1);
    }
    var data = 'version=' + version + '&disable_functions=' + fs;
    var loadT = layer.msg(lan.public.the, { icon: 16, time: 0, shade: [0.3, '#000'] });
    $.post('/config?action=setPHPDisable', data, function(rdata) {
        layer.close(loadT);
        layer.msg(rdata.status ? msg : rdata.msg, { icon: rdata.status ? 1 : 2 });
        disFun(version);
    });
 }
 //phpinfo
 function BtPhpinfo(version) {
    var con = '<button class="btn btn-default btn-sm" onclick="GetPHPInfo(\'' + version + '\')">' + lan.soft.phpinfo + '</button>';
    $(".soft-man-con").html(con);
 }
 //获取PHPInfo
 function GetPHPInfo(version) {
    var loadT = layer.msg(lan.soft.get, { icon: 16, time: 0, shade: [0.3, '#000'] });
@ -489,26 +501,4 @@ function GetPHPInfo(version) {
            content: rdata.replace('a:link {color: #009; text-decoration: none; background-color: #fff;}', '').replace('a:link {color: #000099; text-decoration: none; background-color: #ffffff;}', '')
        });
    });
-}
+}
 // function GetPHPStatus(a) {
 //     if(a == "52") {
 //         layer.msg(lan.bt.php_status_err, {
 //             icon: 2
 //         });
 //         return
 //     }
 //     $.post("/ajax?action=GetPHPStatus", "version=" + a, function(b) {
 //         layer.open({
 //             type: 1,
 //             area: "400",
 //             title: lan.bt.php_status_title,
 //             closeBtn: 2,
 //             shift: 5,
 //             shadeClose: true,
 //             content: "<div style='margin:15px;'><table class='table table-hover table-bordered'><tr><th>"+lan.bt.php_pool+"</th><td>" + b.pool + "</td></tr><tr><th>"+lan.bt.php_manager+"</th><td>" + ((b["process manager"] == "dynamic") ? lan.bt.dynamic : lan.bt.static) + "</td></tr><tr><th>"+lan.bt.php_start+"</th><td>" + b["start time"] + "</td></tr>                      <tr><th>"+lan.bt.php_accepted+"</th><td>" + b["accepted conn"] + "</td></tr>                        <tr><th>"+lan.bt.php_queue+"</th><td>" + b["listen queue"] + "</td></tr>                        <tr><th>"+lan.bt.php_max_queue+"</th><td>" + b["max listen queue"] + "</td></tr>                        <tr><th>"+lan.bt.php_len_queue+"</th><td>" + b["listen queue len"] + "</td></tr>                        <tr><th>"+lan.bt.php_idle+"</th><td>" + b["idle processes"] + "</td></tr>                       <tr><th>"+lan.bt.php_active+"</th><td>" + b["active processes"] + "</td></tr>                       <tr><th>"+lan.bt.php_total+"</th><td>" + b["total processes"] + "</td></tr>                     <tr><th>"+lan.bt.php_max_active+"</th><td>" + b["max active processes"] + "</td></tr>                       <tr><th>"+lan.bt.php_max_children+"</th><td>" + b["max children reached"] + "</td></tr>                     <tr><th>"+lan.bt.php_slow+"</th><td>" + b["slow requests"] + "</td></tr>                     </table></div>"
 //         })
 //     })
 // }