diff --git a/protected/docs/INSTALL.txt b/protected/docs/INSTALL.txt new file mode 100644 index 0000000..52cda59 --- /dev/null +++ b/protected/docs/INSTALL.txt @@ -0,0 +1,2 @@ +See file: +/var/www/mygoals/protected/docs/etc/nginx/sites-enable.txt diff --git a/protected/docs/etc/nginx/Chrome.sh b/protected/docs/etc/nginx/Chrome.sh new file mode 100755 index 0000000..d673e97 --- /dev/null +++ b/protected/docs/etc/nginx/Chrome.sh @@ -0,0 +1 @@ +certutil -d sql:$HOME/.pki/nssdb -A -t "P,," -n "localhost" -i localhost.crt diff --git a/protected/docs/etc/nginx/fastcgi_params b/protected/docs/etc/nginx/fastcgi_params new file mode 100644 index 0000000..69c4387 --- /dev/null +++ b/protected/docs/etc/nginx/fastcgi_params @@ -0,0 +1,26 @@ + +fastcgi_param QUERY_STRING $query_string; +fastcgi_param REQUEST_METHOD $request_method; +fastcgi_param CONTENT_TYPE $content_type; +fastcgi_param CONTENT_LENGTH $content_length; + +fastcgi_param SCRIPT_NAME $fastcgi_script_name; +fastcgi_param REQUEST_URI $request_uri; +fastcgi_param DOCUMENT_URI $document_uri; +fastcgi_param DOCUMENT_ROOT $document_root; +fastcgi_param SERVER_PROTOCOL $server_protocol; +fastcgi_param REQUEST_SCHEME $scheme; +fastcgi_param HTTPS $https if_not_empty; + +fastcgi_param GATEWAY_INTERFACE CGI/1.1; +fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; + +fastcgi_param REMOTE_ADDR $remote_addr; +fastcgi_param REMOTE_PORT $remote_port; +fastcgi_param REMOTE_USER $remote_user; +fastcgi_param SERVER_ADDR $server_addr; +fastcgi_param SERVER_PORT $server_port; +fastcgi_param SERVER_NAME $server_name; + +# PHP only, required if PHP was built with --enable-force-cgi-redirect +fastcgi_param REDIRECT_STATUS 200; diff --git a/protected/docs/etc/nginx/localhost.conf b/protected/docs/etc/nginx/localhost.conf new file mode 100644 index 0000000..e449682 --- /dev/null +++ b/protected/docs/etc/nginx/localhost.conf @@ -0,0 +1,49 @@ +[req] +default_bits = 2048 +default_keyfile = localhost.key +distinguished_name = req_distinguished_name +req_extensions = req_ext +x509_extensions = v3_ca + +[req_distinguished_name] +countryName = Country Name (2 letter code) +countryName_default = US +stateOrProvinceName = State or Province Name (full name) +stateOrProvinceName_default = OK +localityName = Locality Name (eg, city) +localityName_default = Here +organizationName = Organization Name (eg, company) +organizationName_default = localhost +organizationalUnitName = organizationalunit +organizationalUnitName_default = Development +commonName = Website Domain +commonName_default = *.home.local +commonName_max = 64 + +[req_ext] +subjectAltName = @alt_names + +[v3_ca] +subjectAltName = @alt_names +basicConstraints = critical, CA:false +keyUsage = digitalSignature, keyEncipherment +extendedKeyUsage = serverAuth + +[alt_names] +DNS.1 = *.home.local +DNS.2 = home.local +DNS.3 = localhost +IP.1 = 127.0.0.1 +IP.2 = 127.0.0.2 +IP.3 = 127.0.0.3 +IP.4 = 127.0.0.4 +IP.5 = 127.0.0.5 +IP.6 = 127.0.0.6 +IP.7 = 127.0.0.7 +IP.8 = 127.0.0.8 +IP.9 = 127.0.0.9 +IP.10 = 127.0.0.10 +IP.11 = 127.0.0.11 +IP.12 = 127.0.0.12 +IP.13 = 127.0.0.13 + diff --git a/protected/docs/etc/nginx/make_localhost_CERTs.sh b/protected/docs/etc/nginx/make_localhost_CERTs.sh new file mode 100755 index 0000000..b9c5d0a --- /dev/null +++ b/protected/docs/etc/nginx/make_localhost_CERTs.sh @@ -0,0 +1,5 @@ +#!/bin/bash +openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout localhost.key -out localhost.crt -config localhost.conf +cp localhost.crt /etc/ssl/certs/localhost.crt +cp localhost.key /etc/ssl/private/localhost.key +openssl dhparam -out /etc/ssl/certs/dhparam.pem 4096 diff --git a/protected/docs/etc/nginx/nginx.conf b/protected/docs/etc/nginx/nginx.conf new file mode 100644 index 0000000..3860af5 --- /dev/null +++ b/protected/docs/etc/nginx/nginx.conf @@ -0,0 +1,88 @@ +user www-data; +worker_processes auto; +pid /run/nginx.pid; +worker_rlimit_nofile 65535; +include /etc/nginx/modules-enabled/*.conf; + +events { +# worker_connections 768; + worker_connections 65535; + multi_accept on; +} + +http { + charset utf-8; + ## + # Basic Settings + ## + sendfile on; + tcp_nopush on; + tcp_nodelay on; + types_hash_max_size 2048; + server_tokens off; + + # Limits + limit_req_log_level warn; + limit_req_zone $binary_remote_addr zone=login:10m rate=10r/m; + + + ## Start: Size Limits & Buffer Overflows ## + #client_body_buffer_size 1K; + #client_header_buffer_size 1k; + #client_max_body_size 1k; + #large_client_header_buffers 2 1k; + ## END: Size Limits & Buffer Overflows ## + + ## Start: Timeouts ## + client_body_timeout 10; + client_header_timeout 10; + keepalive_timeout 5 5; + send_timeout 10; + ## End: Timeouts ## + + # server_names_hash_bucket_size 64; + # server_name_in_redirect off; + + include /etc/nginx/mime.types; + default_type application/octet-stream; + + ## + # SSL Settings + ## + + ssl_session_timeout 1d; + ssl_session_cache shared:SSL:10m; + ssl_session_tickets off; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; + +# ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE + ssl_prefer_server_ciphers on; + + ## + # Logging Settings + ## + + access_log off; + error_log /dev/null; + + ## + # Gzip Settings + ## + + # gzip on; + + # gzip_vary on; + # gzip_proxied any; + # gzip_comp_level 6; + # gzip_buffers 16 8k; + # gzip_http_version 1.1; + # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; + + ## + # Virtual Host Configs + ## + + include /etc/nginx/conf.d/*.conf; + include /etc/nginx/sites-enabled/*; +} diff --git a/protected/docs/etc/nginx/sites-available/goals b/protected/docs/etc/nginx/sites-available/goals new file mode 100644 index 0000000..f4da902 --- /dev/null +++ b/protected/docs/etc/nginx/sites-available/goals @@ -0,0 +1,41 @@ +map $http_accept_language $lang { + default en; + ~de de; +#... +} + +server { + listen 80; + server_name goals.dev.local; + return 301 https://$host$request_uri; +} +server { + listen 443 ssl http2; + include snippets/self-signed.conf; + include snippets/ssl-params.conf; + + index main.page; + + error_log /var/log/nginx/goals.log warn; + access_log /var/log/nginx/access.log combined buffer=512k flush=1m; + + server_name goals.dev.local; + + set $base /var/www/mygoals; + root $base/public; + + include snippets/error-page.conf; + include snippets/scripts404.conf; + include snippets/general.conf; + + location / { + try_files $uri /main.page/$is_args$args; + } + + location /main.page { + fastcgi_pass php-fpm85; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + +} diff --git a/protected/docs/etc/nginx/sites-enable.txt b/protected/docs/etc/nginx/sites-enable.txt new file mode 100644 index 0000000..8757718 --- /dev/null +++ b/protected/docs/etc/nginx/sites-enable.txt @@ -0,0 +1,37 @@ +# Install nginx... + +# Backup the etc/nginx folder to another folder... +$ sudo cp -r /etc/nginx/ /etc/nginx_Backups/ + +# Install PHP 8.5... and then Back it up... +$ sudo cp -r /etc/php/8.5/ /etc/php/85_Backups/ + +# Now, Copy the docs folder into the System paths... +$ sudo cp -r /var/www/mygoals/protected/docs/var/www/errors/ /var/www/errors/ +$ sudo cp /var/www/mygoals/protected/docs/etc/php/8.5/php.ini /etc/php/8.5/ +$ sudo cp /var/www/mygoals/protected/docs/etc/php/8.5/fpm/pool.d/www.conf /etc/php/8.5/pool.d/ +$ sudo cp -r /var/www/mygoals/protected/docs/etc/nginx/ /etc/nginx/ + +# Fix PERMS... +$ sudo chown -R $USER:www-data /var/www/errors +$ sudo chown -R root:root /etc/php/ +$ sudo chown -R root:root /etc/nginx/ + +# Setup goals site +$ sudo ln -s /etc/nginx/sites-available/goals /etc/nginx/sites-enabled/ + +$ cd /etc/nginx + +# If on a developers computer NOT Cloud or LIVE, then make local CERTS +$ ./make_localhost_CERTs.sh + +# Test nginx Config files for Errors first: +$ nginx -t + +$ sudo service nginx status +# start or restart +$ sudo service nginx start + +$ sudo service php8.5-fpm status +# start or restart +$ sudo service php8.5-fpm start \ No newline at end of file diff --git a/protected/docs/etc/nginx/snippets/error-page.conf b/protected/docs/etc/nginx/snippets/error-page.conf new file mode 100644 index 0000000..9e0ea22 --- /dev/null +++ b/protected/docs/etc/nginx/snippets/error-page.conf @@ -0,0 +1,14 @@ + error_page 404 /errors/html/$lang/404.html; + error_page 403 /errors/html/$lang/forbidden.html; + error_page 500 502 503 504 /errors/html/$lang/50x.html; + location /errors/ { + alias /var/www/errors/; + allow all; + internal; # Only Intrenal Errors can use this + } + location ~ ^/error_images/.*\.(jpg|jpeg|png|gif)$ { + root /var/www/errors/; + expires 30d; # Cache the image for 30 days + autoindex off; +# access_log /var/log/nginx/404_errors_access.log; + } diff --git a/protected/docs/etc/nginx/snippets/general.conf b/protected/docs/etc/nginx/snippets/general.conf new file mode 100644 index 0000000..0e6115d --- /dev/null +++ b/protected/docs/etc/nginx/snippets/general.conf @@ -0,0 +1,27 @@ +# favicon.ico +location = /favicon.ico { + log_not_found off; +} + +# robots.txt +location = /robots.txt { + log_not_found off; +} + +# assets, media +location ~* \.(?:css(\.map)?|js(\.map)?|jpe?g|png|gif|ico|cur|heic|webp|tiff?|mp3|m4a|aac|ogg|midi?|wav|mp4|mov|webm|mpe?g|avi|ogv|flv|wmv)$ { + expires 7d; +} + +# svg, fonts +location ~* \.(?:svgz?|ttf|ttc|otf|eot|woff2?)$ { + add_header Access-Control-Allow-Origin "*"; + expires 7d; +} + +# gzip +gzip on; +gzip_vary on; +gzip_proxied any; +gzip_comp_level 6; +gzip_types text/plain text/css text/xml application/json application/javascript application/rss+xml application/atom+xml image/svg+xml; diff --git a/protected/docs/etc/nginx/snippets/scripts404.conf b/protected/docs/etc/nginx/snippets/scripts404.conf new file mode 100644 index 0000000..e5054a9 --- /dev/null +++ b/protected/docs/etc/nginx/snippets/scripts404.conf @@ -0,0 +1,3 @@ + location ~ \.(asp|aspx|axd|asx|asmx|ashx|cfm|cs|kt|flash|yaws|swf|xhtml|htm|jhtml|java|jsp|wss|do|action|perl|pl|php|php5|php7|php8|php9|phtml|php3|php4|python|py|ruby|rb|rhtml|ssi|shtml|ts|c|cpp|cgi|dll|so)$ { + return 404; + } diff --git a/protected/docs/etc/nginx/snippets/self-signed.conf b/protected/docs/etc/nginx/snippets/self-signed.conf new file mode 100644 index 0000000..bba8c7f --- /dev/null +++ b/protected/docs/etc/nginx/snippets/self-signed.conf @@ -0,0 +1,4 @@ +ssl_certificate /etc/ssl/certs/localhost.crt; +#/etc/ssl/certs/nginx-selfsigned.crt; +ssl_certificate_key /etc/ssl/private/localhost.key; +#/etc/ssl/private/nginx-selfsigned.key; diff --git a/protected/docs/etc/nginx/snippets/ssl-params.conf b/protected/docs/etc/nginx/snippets/ssl-params.conf new file mode 100644 index 0000000..1dcf7fb --- /dev/null +++ b/protected/docs/etc/nginx/snippets/ssl-params.conf @@ -0,0 +1,24 @@ +# from https://cipherli.st/ +# and https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html +# https://ssl-config.mozilla.org & https://observatory.mozilla.org +# https://securityheaders.com +# TLSv1.2 +ssl_protocols TLSv1.3; # Requires nginx >= 1.13.0 else use TLSv1.2 +ssl_prefer_server_ciphers off; +#ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384; +#ssl_ecdh_curve secp384r1; # Requires nginx >= 1.1.0 +ssl_session_cache shared:SSL:10m; +ssl_session_tickets off; +ssl_stapling off; # Turn on Prod systems +ssl_stapling_verify off; +resolver 127.0.0.1 valid=300s; +resolver_timeout 5s; +# Disable preloading HSTS for now. You can use the commented out header line that includes +# the "preload" directive if you understand the implications. +#add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"; +#add_header Strict-Transport-Security "max-age=63072000; includeSubdomains" always; + +ssl_dhparam /etc/ssl/certs/dhparam.pem; + +# IMPORTANT: disable HSTS in dev (or explicitly clear it) +add_header Strict-Transport-Security "max-age=0" always; diff --git a/protected/docs/etc/php/8.5/fpm/pool.d/www.conf b/protected/docs/etc/php/8.5/fpm/pool.d/www.conf new file mode 100644 index 0000000..a98d43b --- /dev/null +++ b/protected/docs/etc/php/8.5/fpm/pool.d/www.conf @@ -0,0 +1,491 @@ +; Start a new pool named 'www'. +; the variable $pool can be used in any directive and will be replaced by the +; pool name ('www' here) +[www] + +; Per pool prefix +; It only applies on the following directives: +; - 'access.log' +; - 'slowlog' +; - 'listen' (unixsocket) +; - 'chroot' +; - 'chdir' +; - 'php_values' +; - 'php_admin_values' +; When not set, the global prefix (or /usr) applies instead. +; Note: This directive can also be relative to the global prefix. +; Default Value: none +;prefix = /path/to/pools/$pool + +; Unix user/group of the child processes. This can be used only if the master +; process running user is root. It is set after the child process is created. +; The user and group can be specified either by their name or by their numeric +; IDs. +; Note: If the user is root, the executable needs to be started with +; --allow-to-run-as-root option to work. +; Default Values: The user is set to master process running user by default. +; If the group is not set, the user's group is used. +user = www-data +group = www-data + +; The address on which to accept FastCGI requests. +; Valid syntaxes are: +; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on +; a specific port; +; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on +; a specific port; +; 'port' - to listen on a TCP socket to all addresses +; (IPv6 and IPv4-mapped) on a specific port; +; '/path/to/unix/socket' - to listen on a unix socket. +; Note: This value is mandatory. +listen = /run/php/php8.5-fpm.sock + +; Set listen(2) backlog. +; Default Value: 511 (-1 on Linux, FreeBSD and OpenBSD) +;listen.backlog = 511 + +; Set permissions for unix socket, if one is used. In Linux, read/write +; permissions must be set in order to allow connections from a web server. Many +; BSD-derived systems allow connections regardless of permissions. The owner +; and group can be specified either by name or by their numeric IDs. +; Default Values: Owner is set to the master process running user. If the group +; is not set, the owner's group is used. Mode is set to 0660. +listen.owner = www-data +listen.group = www-data +;listen.mode = 0660 + +; When POSIX Access Control Lists are supported you can set them using +; these options, value is a comma separated list of user/group names. +; When set, listen.owner and listen.group are ignored +;listen.acl_users = +;listen.acl_groups = + +; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect. +; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original +; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address +; must be separated by a comma. If this value is left blank, connections will be +; accepted from any ip address. +; Default Value: any +;listen.allowed_clients = 127.0.0.1 + +; Set the associated the route table (FIB). FreeBSD only +; Default Value: -1 +;listen.setfib = 1 + +; Specify the nice(2) priority to apply to the pool processes (only if set) +; The value can vary from -19 (highest priority) to 20 (lower priority) +; Note: - It will only work if the FPM master process is launched as root +; - The pool processes will inherit the master process priority +; unless it specified otherwise +; Default Value: no set +; process.priority = -19 + +; Set the process dumpable flag (PR_SET_DUMPABLE prctl for Linux or +; PROC_TRACE_CTL procctl for FreeBSD) even if the process user +; or group is different than the master process user. It allows to create process +; core dump and ptrace the process for the pool user. +; Default Value: no +; process.dumpable = yes + +; Choose how the process manager will control the number of child processes. +; Possible Values: +; static - a fixed number (pm.max_children) of child processes; +; dynamic - the number of child processes are set dynamically based on the +; following directives. With this process management, there will be +; always at least 1 children. +; pm.max_children - the maximum number of children that can +; be alive at the same time. +; pm.start_servers - the number of children created on startup. +; pm.min_spare_servers - the minimum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is less than this +; number then some children will be created. +; pm.max_spare_servers - the maximum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is greater than this +; number then some children will be killed. +; pm.max_spawn_rate - the maximum number of rate to spawn child +; processes at once. +; ondemand - no children are created at startup. Children will be forked when +; new requests will connect. The following parameter are used: +; pm.max_children - the maximum number of children that +; can be alive at the same time. +; pm.process_idle_timeout - The number of seconds after which +; an idle process will be killed. +; Note: This value is mandatory. +pm = dynamic + +; The number of child processes to be created when pm is set to 'static' and the +; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. +; This value sets the limit on the number of simultaneous requests that will be +; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. +; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP +; CGI. The below defaults are based on a server without much resources. Don't +; forget to tweak pm.* to fit your needs. +; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' +; Note: This value is mandatory. +pm.max_children = 5 + +; The number of child processes created on startup. +; Note: Used only when pm is set to 'dynamic' +; Default Value: (min_spare_servers + max_spare_servers) / 2 +pm.start_servers = 2 + +; The desired minimum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.min_spare_servers = 1 + +; The desired maximum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.max_spare_servers = 3 + +; The number of rate to spawn child processes at once. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +; Default Value: 32 +;pm.max_spawn_rate = 32 + +; The number of seconds after which an idle process will be killed. +; Note: Used only when pm is set to 'ondemand' +; Default Value: 10s +;pm.process_idle_timeout = 10s; + +; The number of requests each child process should execute before respawning. +; This can be useful to work around memory leaks in 3rd party libraries. For +; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. +; Default Value: 0 +;pm.max_requests = 500 + +; The URI to view the FPM status page. If this value is not set, no URI will be +; recognized as a status page. It shows the following information: +; pool - the name of the pool; +; process manager - static, dynamic or ondemand; +; start time - the date and time FPM has started; +; start since - number of seconds since FPM has started; +; accepted conn - the number of request accepted by the pool; +; listen queue - the number of request in the queue of pending +; connections (see backlog in listen(2)); +; max listen queue - the maximum number of requests in the queue +; of pending connections since FPM has started; +; listen queue len - the size of the socket queue of pending connections; +; idle processes - the number of idle processes; +; active processes - the number of active processes; +; total processes - the number of idle + active processes; +; max active processes - the maximum number of active processes since FPM +; has started; +; max children reached - number of times, the process limit has been reached, +; when pm tries to start more children (works only for +; pm 'dynamic' and 'ondemand'); +; Value are updated in real time. +; Example output: +; pool: www +; process manager: static +; start time: 01/Jul/2011:17:53:49 +0200 +; start since: 62636 +; accepted conn: 190460 +; listen queue: 0 +; max listen queue: 1 +; listen queue len: 42 +; idle processes: 4 +; active processes: 11 +; total processes: 15 +; max active processes: 12 +; max children reached: 0 +; +; By default the status page output is formatted as text/plain. Passing either +; 'html', 'xml' or 'json' in the query string will return the corresponding +; output syntax. Example: +; http://www.foo.bar/status +; http://www.foo.bar/status?json +; http://www.foo.bar/status?html +; http://www.foo.bar/status?xml +; +; By default the status page only outputs short status. Passing 'full' in the +; query string will also return status for each pool process. +; Example: +; http://www.foo.bar/status?full +; http://www.foo.bar/status?json&full +; http://www.foo.bar/status?html&full +; http://www.foo.bar/status?xml&full +; The Full status returns for each process: +; pid - the PID of the process; +; state - the state of the process (Idle, Running, ...); +; start time - the date and time the process has started; +; start since - the number of seconds since the process has started; +; requests - the number of requests the process has served; +; request duration - the duration in µs of the requests; +; request method - the request method (GET, POST, ...); +; request URI - the request URI with the query string; +; content length - the content length of the request (only with POST); +; user - the user (PHP_AUTH_USER) (or '-' if not set); +; script - the main script called (or '-' if not set); +; last request cpu - the %cpu the last request consumed +; it's always 0 if the process is not in Idle state +; because CPU calculation is done when the request +; processing has terminated; +; last request memory - the max amount of memory the last request consumed +; it's always 0 if the process is not in Idle state +; because memory calculation is done when the request +; processing has terminated; +; If the process is in Idle state, then information is related to the +; last request the process has served. Otherwise information is related to +; the current request being served. +; Example output: +; ************************ +; pid: 31330 +; state: Running +; start time: 01/Jul/2011:17:53:49 +0200 +; start since: 63087 +; requests: 12808 +; request duration: 1250261 +; request method: GET +; request URI: /test_mem.php?N=10000 +; content length: 0 +; user: - +; script: /home/fat/web/docs/php/test_mem.php +; last request cpu: 0.00 +; last request memory: 0 +; +; Note: There is a real-time FPM status monitoring sample web page available +; It's available in: /usr/share/php/8.5/fpm/status.html +; +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;pm.status_path = /status + +; The address on which to accept FastCGI status request. This creates a new +; invisible pool that can handle requests independently. This is useful +; if the main pool is busy with long running requests because it is still possible +; to get the status before finishing the long running requests. +; +; Valid syntaxes are: +; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on +; a specific port; +; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on +; a specific port; +; 'port' - to listen on a TCP socket to all addresses +; (IPv6 and IPv4-mapped) on a specific port; +; '/path/to/unix/socket' - to listen on a unix socket. +; Default Value: value of the listen option +;pm.status_listen = 127.0.0.1:9001 + +; The ping URI to call the monitoring page of FPM. If this value is not set, no +; URI will be recognized as a ping page. This could be used to test from outside +; that FPM is alive and responding, or to +; - create a graph of FPM availability (rrd or such); +; - remove a server from a group if it is not responding (load balancing); +; - trigger alerts for the operating team (24/7). +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;ping.path = /ping + +; This directive may be used to customize the response of a ping request. The +; response is formatted as text/plain with a 200 response code. +; Default Value: pong +;ping.response = pong + +; The access log file +; Default: not set +;access.log = log/$pool.access.log + +; The access log format. +; The following syntax is allowed +; %%: the '%' character +; %C: %CPU used by the request +; it can accept the following format: +; - %{user}C for user CPU only +; - %{system}C for system CPU only +; - %{total}C for user + system CPU (default) +; %d: time taken to serve the request +; it can accept the following format: +; - %{seconds}d (default) +; - %{milliseconds}d +; - %{milli}d +; - %{microseconds}d +; - %{micro}d +; %e: an environment variable (same as $_ENV or $_SERVER) +; it must be associated with embraces to specify the name of the env +; variable. Some examples: +; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e +; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e +; %f: script filename +; %l: content-length of the request (for POST request only) +; %m: request method +; %M: peak of memory allocated by PHP +; it can accept the following format: +; - %{bytes}M (default) +; - %{kilobytes}M +; - %{kilo}M +; - %{megabytes}M +; - %{mega}M +; %n: pool name +; %o: output header +; it must be associated with embraces to specify the name of the header: +; - %{Content-Type}o +; - %{X-Powered-By}o +; - %{Transfert-Encoding}o +; - .... +; %p: PID of the child that serviced the request +; %P: PID of the parent of the child that serviced the request +; %q: the query string +; %Q: the '?' character if query string exists +; %r: the request URI (without the query string, see %q and %Q) +; %R: remote IP address +; %s: status (response code) +; %t: server time the request was received +; it can accept a strftime(3) format: +; %d/%b/%Y:%H:%M:%S %z (default) +; The strftime(3) format must be encapsulated in a %{}t tag +; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t +; %T: time the log has been written (the request has finished) +; it can accept a strftime(3) format: +; %d/%b/%Y:%H:%M:%S %z (default) +; The strftime(3) format must be encapsulated in a %{}t tag +; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t +; %u: basic auth user if specified in Authorization header +; +; Default: "%R - %u %t \"%m %r\" %s" +;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{milli}d %{kilo}M %C%%" + +; A list of request_uri values which should be filtered from the access log. +; +; As a security precaution, this setting will be ignored if: +; - the request method is not GET or HEAD; or +; - there is a request body; or +; - there are query parameters; or +; - the response code is outwith the successful range of 200 to 299 +; +; Note: The paths are matched against the output of the access.format tag "%r". +; On common configurations, this may look more like SCRIPT_NAME than the +; expected pre-rewrite URI. +; +; Default Value: not set +;access.suppress_path[] = /ping +;access.suppress_path[] = /health_check.php + +; The log file for slow requests +; Default Value: not set +; Note: slowlog is mandatory if request_slowlog_timeout is set +;slowlog = log/$pool.log.slow + +; The timeout for serving a single request after which a PHP backtrace will be +; dumped to the 'slowlog' file. A value of '0s' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_slowlog_timeout = 0 + +; Depth of slow log stack trace. +; Default Value: 20 +;request_slowlog_trace_depth = 20 + +; The timeout for serving a single request after which the worker process will +; be killed. This option should be used when the 'max_execution_time' ini option +; does not stop script execution for some reason. A value of '0' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_terminate_timeout = 0 + +; The timeout set by 'request_terminate_timeout' ini option is not engaged after +; application calls 'fastcgi_finish_request' or when application has finished and +; shutdown functions are being called (registered via register_shutdown_function). +; This option will enable timeout limit to be applied unconditionally +; even in such cases. +; Default Value: no +;request_terminate_timeout_track_finished = no + +; Set open file descriptor rlimit. +; Default Value: system defined value +;rlimit_files = 1024 + +; Set max core size rlimit. +; Possible Values: 'unlimited' or an integer greater or equal to 0 +; Default Value: system defined value +;rlimit_core = 0 + +; Chroot to this directory at the start. This value must be defined as an +; absolute path. When this value is not set, chroot is not used. +; Note: you can prefix with '$prefix' to chroot to the pool prefix or one +; of its subdirectories. If the pool prefix is not set, the global prefix +; will be used instead. +; Note: chrooting is a great security feature and should be used whenever +; possible. However, all PHP paths will be relative to the chroot +; (error_log, sessions.save_path, ...). +; Default Value: not set +;chroot = + +; Chdir to this directory at the start. +; Note: relative path can be used. +; Default Value: current directory or / when chroot +;chdir = /var/www + +; Redirect worker stdout and stderr into main error log. If not set, stdout and +; stderr will be redirected to /dev/null according to FastCGI specs. +; Note: on highloaded environment, this can cause some delay in the page +; process time (several ms). +; Default Value: no +;catch_workers_output = yes + +; Decorate worker output with prefix and suffix containing information about +; the child that writes to the log and if stdout or stderr is used as well as +; log level and time. This options is used only if catch_workers_output is yes. +; Settings to "no" will output data as written to the stdout or stderr. +; Default value: yes +;decorate_workers_output = no + +; Clear environment in FPM workers +; Prevents arbitrary environment variables from reaching FPM worker processes +; by clearing the environment in workers before env vars specified in this +; pool configuration are added. +; Setting to "no" will make all environment variables available to PHP code +; via getenv(), $_ENV and $_SERVER. +; Default Value: yes +;clear_env = no + +; Limits the extensions of the main script FPM will allow to parse. This can +; prevent configuration mistakes on the web server side. You should only limit +; FPM to .php extensions to prevent malicious users to use other extensions to +; execute php code. +; Note: set an empty value to allow all extensions. +; Default Value: .php +;security.limit_extensions = .php .php3 .php4 .php5 .php7 + +security.limit_extensions = .page .php + +; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from +; the current environment. +; Default Value: clean env +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /tmp +;env[TMPDIR] = /tmp +;env[TEMP] = /tmp + +; Additional php.ini defines, specific to this pool of workers. These settings +; overwrite the values previously defined in the php.ini. The directives are the +; same as the PHP SAPI: +; php_value/php_flag - you can set classic ini defines which can +; be overwritten from PHP call 'ini_set'. +; php_admin_value/php_admin_flag - these directives won't be overwritten by +; PHP call 'ini_set' +; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. + +; Defining 'extension' will load the corresponding shared extension from +; extension_dir. Defining 'disable_functions' will not overwrite previously +; defined php.ini values, but will append the new value instead. + +; Note: path INI options can be relative and will be expanded with the prefix +; (pool, global or /usr) + +; Default Value: nothing is defined by default except the values in php.ini and +; specified at startup with the -d argument +;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com +;php_flag[display_errors] = off +;php_admin_value[error_log] = /var/log/fpm-php.www.log +;php_admin_flag[log_errors] = on +;php_admin_value[memory_limit] = 32M diff --git a/protected/docs/etc/php/8.5/php.ini b/protected/docs/etc/php/8.5/php.ini new file mode 100644 index 0000000..35fb6d6 --- /dev/null +++ b/protected/docs/etc/php/8.5/php.ini @@ -0,0 +1,1565 @@ +[PHP] +open_basedir = /var/www:/var/lib/php/sessions:/usr/share/php/IOcornerstone:/dev/shm:/tmp/tank +disable_functions = phpinfo,apache_child_terminate,apache_get_modules,apache_get_version,apache_getenv,apache_note,apache_setenv,define_syslog_variables,disk_free_space,diskfreespace,dl,dlopen,escapeshellarg,eval,exec,fp,fput,fsockopen,ftp_connect,ftp_exec,ftp_get,ftp_login,ftp_nb_fput,ftp_put,ftp_raw,ftp_rawlist,highlight_file,ini_alter,ini_get_all,ini_restore,inject_code,leak,mysql_pconnect,openlog,passthru,pcntl_exec,phpAds_XmlRpc,phpAds_remoteInfo,phpAds_xmlrpcDecode,phpAds_xmlrpcEncode,php_uname,popen,posix_getpwuid,posix_kill,posix_mkfifo,posix_setpgid,posix_setsid,posix_setuid,posix_uname,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,set_time_limit,shell_exec,show_source,syslog,system,tmpfile,virtual,xmlrpc_entity_decode +disable_classes = ZipArchive,SplFileObject,DirectoryIterator,Socket,Stream +expose_php = Off +; See the PHP docs for more specific information. +; https://php.net/configuration.file +; https://php.net/ini.sections + +; Enable the PHP scripting language engine under Apache. +; https://php.net/engine +engine = On +short_open_tag = Off + +; The number of significant digits displayed in floating point numbers. +; https://php.net/precision +precision = 14 + +; Output buffering is a mechanism for controlling how much output data +; (excluding headers and cookies) PHP should keep internally before pushing that +; data to the client. If your application's output exceeds this setting, PHP +; will send that data in chunks of roughly the size you specify. +; Turning on this setting and managing its maximum buffer size can yield some +; interesting side-effects depending on your application and web server. +; You may be able to send headers and cookies after you've already sent output +; through print or echo. You also may see performance benefits if your server is +; emitting less packets due to buffered output versus PHP streaming the output +; as it gets it. On production servers, 4096 bytes is a good setting for performance +; reasons. +; Note: Output buffering can also be controlled via Output Buffering Control +; functions. +; Possible Values: +; On = Enabled and buffer is unlimited. (Use with caution) +; Off = Disabled +; Integer = Enables the buffer and sets its maximum size in bytes. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 +; https://php.net/output-buffering +output_buffering = 4096 + +; Transparent output compression using the zlib library +; Valid values for this option are 'off', 'on', or a specific buffer size +; to be used for compression (default is 4KB) +; Note: Resulting chunk size may vary due to nature of compression. PHP +; outputs chunks that are few hundreds bytes each as a result of +; compression. If you prefer a larger chunk size for better +; performance, enable output_buffering in addition. +; Note: You need to use zlib.output_handler instead of the standard +; output_handler, or otherwise the output will be corrupted. +; https://php.net/zlib.output-compression +zlib.output_compression = Off + +; Implicit flush tells PHP to tell the output layer to flush itself +; automatically after every output block. This is equivalent to calling the +; PHP function flush() after each and every call to print() or echo() and each +; and every HTML block. Turning this option on has serious performance +; implications and is generally recommended for debugging purposes only. +; https://php.net/implicit-flush +; Note: This directive is hardcoded to On for the CLI SAPI +implicit_flush = Off + +unserialize_callback_func = + +; The unserialize_max_depth specifies the default depth limit for unserialized +; structures. Setting the depth limit too high may result in stack overflows +; during unserialization. The unserialize_max_depth ini setting can be +; overridden by the max_depth option on individual unserialize() calls. +; A value of 0 disables the depth limit. +;unserialize_max_depth = 4096 + +; When floats & doubles are serialized, store serialize_precision significant +; digits after the floating point. The default value ensures that when floats +; are decoded with unserialize, the data will remain the same. +; The value is also used for json_encode when encoding double values. +; If -1 is used, then dtoa mode 0 is used which automatically select the best +; precision. +serialize_precision = -1 + +; Enables or disables the circular reference collector. +; https://php.net/zend.enable-gc +zend.enable_gc = On + +; If enabled, scripts may be written in encodings that are incompatible with +; the scanner. CP936, Big5, CP949 and Shift_JIS are the examples of such +; encodings. To use this feature, mbstring extension must be enabled. +;zend.multibyte = Off + +; Allows to set the default encoding for the scripts. This value will be used +; unless "declare(encoding=...)" directive appears at the top of the script. +; Only affects if zend.multibyte is set. +;zend.script_encoding = + +; Allows to include or exclude arguments from stack traces generated for exceptions. +; In production, it is recommended to turn this setting on to prohibit the output +; of sensitive information in stack traces +; Default Value: Off +; Development Value: Off +; Production Value: On +zend.exception_ignore_args = On + +; Allows setting the maximum string length in an argument of a stringified stack trace +; to a value between 0 and 1000000. +; This has no effect when zend.exception_ignore_args is enabled. +; Default Value: 15 +; Development Value: 15 +; Production Value: 0 +; In production, it is recommended to set this to 0 to reduce the output +; of sensitive information in stack traces. +zend.exception_string_param_max_len = 0 + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +; https://php.net/expose-php +expose_php = Off + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +; Maximum execution time of each script, in seconds +; https://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 30 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; https://php.net/max-input-time +max_input_time = 60 + +; Maximum input variable nesting level +; https://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; How many GET/POST/COOKIE input variables may be accepted +;max_input_vars = 1000 + +; How many multipart body parts (combined input variable and file uploads) may +; be accepted. +; Default Value: -1 (Sum of max_input_vars and max_file_uploads) +;max_multipart_body_parts = 1500 + +; Maximum amount of memory a script may consume +; https://php.net/memory-limit +memory_limit = 128M +max_memory_limit = -1 + +; Development Value: E_ALL +; Production Value: E_ALL & ~E_DEPRECATED +; https://php.net/error-reporting +error_reporting = E_ALL & ~E_DEPRECATED + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; For production environments, we recommend logging errors rather than +; sending them to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; https://php.net/display-errors +display_errors = Off + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. We strongly recommend you set this to 'off' +; for production servers to avoid leaking configuration details. +; Default Value: On +; Development Value: On +; Production Value: Off +; https://php.net/display-startup-errors +display_startup_errors = Off + +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; https://php.net/log-errors +log_errors = On + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +; https://php.net/ignore-repeated-errors +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +; https://php.net/ignore-repeated-source +ignore_repeated_source = Off + +; This setting is off by default. +;report_zend_debug = 0 + +; Turn off normal error reporting and emit XML-RPC error XML +; https://php.net/xmlrpc-errors +;xmlrpc_errors = 0 + +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; When PHP displays or logs an error, it has the capability of formatting the +; error message as HTML for easier reading. This directive controls whether +; the error message is formatted as HTML or not. +; Note: This directive is hardcoded to Off for the CLI SAPI +; https://php.net/html-errors +;html_errors = On + +; If html_errors is set to On *and* docref_root is not empty, then PHP +; produces clickable error messages that direct to a page describing the error +; or function causing the error in detail. +; You can download a copy of the PHP manual from https://php.net/docs +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. PHP's default behavior is to leave these settings empty, in which +; case no links to documentation are generated. +; Note: Never use this feature for production boxes. +; https://php.net/docref-root +; Examples +;docref_root = "/phpmanual/" + +; https://php.net/docref-ext +;docref_ext = .html + +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; https://php.net/error-prepend-string +; Example: +;error_prepend_string = "" + +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; https://php.net/error-append-string +; Example: +;error_append_string = "" + +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; https://php.net/error-log +; Example: +;error_log = php_errors.log +; Log errors to syslog (Event Log on Windows). +;error_log = syslog + +; The syslog ident is a string which is prepended to every message logged +; to syslog. Only used when error_log is set to syslog. +;syslog.ident = php + +; The syslog facility is used to specify what type of program is logging +; the message. Only used when error_log is set to syslog. +;syslog.facility = user + +; Set this to disable filtering control characters (the default). +; Some loggers only accept NVT-ASCII, others accept anything that's not +; control characters. If your logger accepts everything, then no filtering +; is needed at all. +; Allowed values are: +; ascii (all printable ASCII characters and NL) +; no-ctrl (all characters except control characters) +; all (all characters) +; raw (like "all", but messages are not split at newlines) +; https://php.net/syslog.filter +;syslog.filter = ascii + +;windows.show_crt_warning +; Default value: 0 +; Development value: 0 +; Production value: 0 + +; This directive controls whether PHP will output the backtrace of fatal errors. +; Default Value: On +; Development Value: On +; Production Value: On +;fatal_error_backtraces = On + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +; The separator used in PHP generated URLs to separate arguments. +; PHP's default setting is "&". +; https://php.net/arg-separator.output +; Example: +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; PHP's default setting is "&". +; NOTE: Every character in this directive is considered as separator! +; https://php.net/arg-separator.input +; Example: +;arg_separator.input = ";&" + +; This directive determines which super global arrays are registered when PHP +; starts up. G,P,C,E & S are abbreviations for the following respective super +; globals: GET, POST, COOKIE, ENV and SERVER. There is a performance penalty +; paid for the registration of these arrays and because ENV is not as commonly +; used as the others, ENV is not recommended on productions servers. You +; can still get access to the environment variables through getenv() should you +; need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; https://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P & C) should be +; registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive +; are specified in the same manner as the variables_order directive, +; EXCEPT one. Leaving this value empty will cause PHP to use the value set +; in the variables_order directive. It does not mean it will leave the super +; globals array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; https://php.net/request-order +request_order = "GP" + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For security reasons, this feature should be disabled +; for non-CLI SAPIs. +; Note: This directive is ignored for the CLI SAPI +; This directive is deprecated. +; https://php.net/register-argc-argv +;register_argc_argv = Off + +; When enabled, the ENV, REQUEST and SERVER variables are created when they're +; first used (Just In Time) instead of when the script starts. If these +; variables are not used within a script, having this directive on will result +; in a performance gain. The PHP directive register_argc_argv must be disabled +; for this directive to have any effect. +; https://php.net/auto-globals-jit +auto_globals_jit = On + +; Whether PHP will read the POST data. +; This option is enabled by default. +; Most likely, you won't want to disable this option globally. It causes $_POST +; and $_FILES to always be empty; the only way you will be able to read the +; POST data will be through the php://input stream wrapper. This can be useful +; to proxy requests or to process the POST data in a memory efficient fashion. +; https://php.net/enable-post-data-reading +;enable_post_data_reading = Off + +; Maximum size of POST data that PHP will accept. +; Its value may be 0 to disable the limit. It is ignored if POST data reading +; is disabled through enable_post_data_reading. +; https://php.net/post-max-size +post_max_size = 8M + +; Automatically add files before PHP document. +; https://php.net/auto-prepend-file +auto_prepend_file = + +; Automatically add files after PHP document. +; https://php.net/auto-append-file +auto_append_file = + +; By default, PHP will output a media type using the Content-Type header. To +; disable this, simply set it to be empty. +; +; PHP's built-in default media type is set to text/html. +; https://php.net/default-mimetype +default_mimetype = "text/html" + +; PHP's default character set is set to UTF-8. +; https://php.net/default-charset +default_charset = "UTF-8" + +; PHP internal character encoding is set to empty. +; If empty, default_charset is used. +; https://php.net/internal-encoding +;internal_encoding = + +; PHP input character encoding is set to empty. +; If empty, default_charset is used. +; https://php.net/input-encoding +;input_encoding = + +; PHP output character encoding is set to empty. +; If empty, default_charset is used. +; See also output_buffer. +; https://php.net/output-encoding +;output_encoding = + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +;include_path = ".:/usr/share/php" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; https://php.net/include-path + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +; https://php.net/doc-root +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +; https://php.net/user-dir +user_dir = + +; Directory in which the loadable extensions (modules) reside. +; https://php.net/extension-dir +;extension_dir = "./" +; On windows: +;extension_dir = "ext" + +; Directory where the temporary files should be placed. +; Defaults to the system default (see sys_get_temp_dir) +;sys_temp_dir = "/tmp" + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +; https://php.net/enable-dl +enable_dl = Off + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; https://php.net/cgi.force-redirect +;cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; https://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; https://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 + +; if cgi.discard_path is enabled, the PHP CGI binary can safely be placed outside +; of the web tree and people will not be able to circumvent .htaccess security. +;cgi.discard_path=1 + +; FastCGI under IIS supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; https://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1 + +; Prevent decoding of SCRIPT_FILENAME when using Apache ProxyPass or +; ProxyPassMatch. This should be used if script file paths are not stored +; in an encoded format on the file system. +; Default is 1. +;fastcgi.script_path_encoded = 0 + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If set to 0, PHP sends Status: header that +; is supported by Apache. When this option is set to 1, PHP will send +; RFC2616 compliant header. +; Default is zero. +; https://php.net/cgi.rfc2616-headers +;cgi.rfc2616_headers = 0 + +; cgi.check_shebang_line controls whether CGI PHP checks for line starting with #! +; (shebang) at the top of the running script. This line might be needed if the +; script support running both as stand-alone script and via PHP CGI<. PHP in CGI +; mode skips this line and ignores its content if this directive is turned on. +; https://php.net/cgi.check-shebang-line +;cgi.check_shebang_line=1 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +; https://php.net/file-uploads +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +; https://php.net/upload-tmp-dir +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +; https://php.net/upload-max-filesize +upload_max_filesize = 2M + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +; https://php.net/allow-url-fopen +allow_url_fopen = On + +; Whether to allow include/require to open URLs (like https:// or ftp://) as files. +; https://php.net/allow-url-include +allow_url_include = Off + +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; https://php.net/from +;from="john@doe.com" + +; Define the User-Agent string. PHP's default setting for this is empty. +; https://php.net/user-agent +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +; https://php.net/default-socket-timeout +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; https://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; + +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename +; +; For example: +; +; extension=mysqli +; +; When the extension library to load is not located in the default extension +; directory, You may specify an absolute path to the library file: +; +; extension=/path/to/extension/mysqli.so +; +; Note : The syntax used in previous PHP versions ('extension=.so' and +; 'extension='php_.dll') is supported for legacy reasons and may be +; deprecated in a future PHP major version. So, when it is possible, please +; move to the new ('extension=) syntax. +; +; Notes for Windows environments : +; +; - Many DLL files are located in the ext/ +; extension folders as well as the separate PECL DLL download. +; Be sure to appropriately set the extension_dir directive. +; +;extension=bz2 +;extension=curl +;extension=exif +;extension=ffi +;extension=ftp +;extension=fileinfo +;extension=gd +;extension=gettext +;extension=gmp +;extension=intl +;extension=ldap +;extension=mbstring +;extension=mysqli +;extension=odbc +;extension=openssl +;extension=pdo_firebird +;extension=pdo_mysql +;extension=pdo_odbc +;extension=pdo_pgsql +;extension=pdo_sqlite +;extension=pgsql +;extension=shmop + +; The MIBS data available in the PHP distribution must be installed. +; See https://www.php.net/manual/en/snmp.installation.php +;extension=snmp + +;extension=soap +;extension=sockets +;extension=sodium +;extension=sqlite3 +;extension=tidy +;extension=xsl +;extension=zip + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[CLI Server] +; Whether the CLI web server uses ANSI color coding in its terminal output. +cli_server.color = On + +[Date] +; Defines the default timezone used by the date functions +; https://php.net/date.timezone +;date.timezone = + +; https://php.net/date.default-latitude +;date.default_latitude = 31.7667 + +; https://php.net/date.default-longitude +;date.default_longitude = 35.2333 + +; https://php.net/date.sunrise-zenith +;date.sunrise_zenith = 90.833333 + +; https://php.net/date.sunset-zenith +;date.sunset_zenith = 90.833333 + +[filter] +; https://php.net/filter.default +;filter.default = unsafe_raw + +; https://php.net/filter.default-flags +;filter.default_flags = + +[iconv] +; Use of this INI entry is deprecated, use global input_encoding instead. +; If empty, default_charset or input_encoding or iconv.input_encoding is used. +; The precedence is: default_charset < input_encoding < iconv.input_encoding +;iconv.input_encoding = + +; Use of this INI entry is deprecated, use global internal_encoding instead. +; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. +; The precedence is: default_charset < internal_encoding < iconv.internal_encoding +;iconv.internal_encoding = + +; Use of this INI entry is deprecated, use global output_encoding instead. +; If empty, default_charset or output_encoding or iconv.output_encoding is used. +; The precedence is: default_charset < output_encoding < iconv.output_encoding +; To use an output encoding conversion, iconv's output handler must be set +; otherwise output encoding conversion cannot be performed. +;iconv.output_encoding = + +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +; This directive is deprecated. +;intl.error_level = E_WARNING +; If enabled this directive indicates that when an error occurs within an +; intl function a IntlException should be thrown. +; Default is Off, which means errors need to be handled manually. +;intl.use_exceptions = On + +[sqlite3] +; Directory pointing to SQLite3 extensions +; https://php.net/sqlite3.extension-dir +;sqlite3.extension_dir = + +; SQLite defensive mode flag (only available from SQLite 3.26+) +; When the defensive flag is enabled, language features that allow ordinary +; SQL to deliberately corrupt the database file are disabled. This forbids +; writing directly to the schema, shadow tables (eg. FTS data tables), or +; the sqlite_dbpage virtual table. +; https://www.sqlite.org/c3ref/c_dbconfig_defensive.html +; (for older SQLite versions, this flag has no use) +;sqlite3.defensive = 1 + +[Pcre] +; PCRE library backtracking limit. +; https://php.net/pcre.backtrack-limit +;pcre.backtrack_limit=100000 + +; PCRE library recursion limit. +; Please note that if you set this value to a high number you may consume all +; the available process stack and eventually crash PHP (due to reaching the +; stack size limit imposed by the Operating System). +; https://php.net/pcre.recursion-limit +;pcre.recursion_limit=100000 + +; Enables or disables JIT compilation of patterns. This requires the PCRE +; library to be compiled with JIT support. +;pcre.jit=1 + +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; https://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +[Pdo_mysql] +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +pdo_mysql.default_socket= + +[Phar] +; https://php.net/phar.readonly +;phar.readonly = On + +; https://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +[mail function] +; For Win32 only. +; https://php.net/smtp +SMTP = localhost +; https://php.net/smtp-port +smtp_port = 25 + +; For Win32 only. +; https://php.net/sendmail-from +;sendmail_from = me@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +; https://php.net/sendmail-path +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(). +;mail.force_extra_parameters = + +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = Off + +; Use mixed LF and CRLF line separators to keep compatibility with some +; RFC 2822 non conformant MTA. +mail.mixed_lf_and_crlf = Off + +; Control line ending mode for mail messages and headers. +; Possible values: "crlf" (default), "lf", "mixed", "os" +; - crlf: Use CRLF line endings +; - lf: Use LF line endings only (converts CRLF in message to LF) +; - mixed: Same as mail.mixed_lf_and_crlf = On +; - os: Use CRLF on Windows, LF on other systems +mail.cr_lf_mode = crlf + +; The path to a log file that will log all mail() calls. Log entries include +; the full path of the script, line number, To address and headers. +;mail.log = +; Log mail to syslog (Event Log on Windows). +;mail.log = syslog + +[ODBC] +; https://php.net/odbc.default-db +;odbc.default_db = Not yet implemented + +; https://php.net/odbc.default-user +;odbc.default_user = Not yet implemented + +; https://php.net/odbc.default-pw +;odbc.default_pw = Not yet implemented + +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +; Allow or prevent persistent links. +; https://php.net/odbc.allow-persistent +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +; https://php.net/odbc.check-persistent +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; https://php.net/odbc.max-persistent +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; https://php.net/odbc.max-links +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +; https://php.net/odbc.defaultlrl +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of odbc.defaultlrl and odbc.defaultbinmode +; https://php.net/odbc.defaultbinmode +odbc.defaultbinmode = 1 + +[MySQLi] + +; Maximum number of persistent links. -1 means no limit. +; https://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; https://php.net/mysqli.allow_local_infile +;mysqli.allow_local_infile = On + +; It allows the user to specify a folder where files that can be sent via LOAD DATA +; LOCAL can exist. It is ignored if mysqli.allow_local_infile is enabled. +;mysqli.local_infile_directory = + +; Allow or prevent persistent links. +; https://php.net/mysqli.allow-persistent +mysqli.allow_persistent = On + +; Maximum number of links. -1 means no limit. +; https://php.net/mysqli.max-links +mysqli.max_links = -1 + +; Default port number for mysqli_connect(). +; https://php.net/mysqli.default-port +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; https://php.net/mysqli.default-socket +mysqli.default_socket = + +; Default host for mysqli_connect(). +; https://php.net/mysqli.default-host +mysqli.default_host = + +; Default user for mysqli_connect(). +; https://php.net/mysqli.default-user +mysqli.default_user = + +; Default password for mysqli_connect(). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; https://php.net/mysqli.default-pw +mysqli.default_pw = + +; If this option is enabled, closing a persistent connection will rollback +; any pending transactions of this connection, before it is put back +; into the persistent connection pool. +;mysqli.rollback_on_cached_plink = Off + +[mysqlnd] +; Enable / Disable collection of general statistics by mysqlnd which can be +; used to tune and monitor MySQL operations. +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statistics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; Default Value: Off +; Development Value: On +; Production Value: Off +mysqlnd.collect_memory_statistics = Off + +; Records communication from all extensions using mysqlnd to the specified log +; file. +; https://php.net/mysqlnd.debug +;mysqlnd.debug = + +; Defines which queries will be logged. +;mysqlnd.log_mask = 0 + +; Default size of the mysqlnd memory pool, which is used by result sets. +;mysqlnd.mempool_default_size = 16000 + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +;mysqlnd.net_read_buffer_size = 32768 + +; Timeout for network requests in seconds. +;mysqlnd.net_read_timeout = 31536000 + +; SHA-256 Authentication Plugin related. File with the MySQL server public RSA +; key. +;mysqlnd.sha256_server_public_key = + +[PostgreSQL] +; Allow or prevent persistent links. +; https://php.net/pgsql.allow-persistent +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +; https://php.net/pgsql.auto-reset-persistent +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +; https://php.net/pgsql.max-persistent +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +; https://php.net/pgsql.max-links +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +; https://php.net/pgsql.ignore-notice +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +; https://php.net/pgsql.log-notice +pgsql.log_notice = 0 + +[bcmath] +; Number of decimal digits for all bcmath functions. +; https://php.net/bcmath.scale +bcmath.scale = 0 + +[browscap] +; https://php.net/browscap +;browscap = extra/browscap.ini + +[Session] +; Handler used to store/retrieve data. +; https://php.net/session.save-handler +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; The path can be defined as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if +; your OS has problems with many files in one directory, and is +; a more efficient layout for servers that handle many sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +; https://php.net/session.save-path +;session.save_path = "/var/lib/php/sessions" + +; Whether to use strict session mode. +; Strict session mode does not accept an uninitialized session ID, and +; regenerates the session ID if the browser sends an uninitialized session ID. +; Strict mode protects applications from session fixation via a session adoption +; vulnerability. It is disabled by default for maximum compatibility, but +; enabling it is encouraged. +; https://wiki.php.net/rfc/strict_sessions +session.use_strict_mode = 0 + +; Whether to use cookies. +; https://php.net/session.use-cookies +session.use_cookies = 1 + +; https://php.net/session.cookie-secure +;session.cookie_secure = + +; https://php.net/session.cookie-partitioned +;session.cookie_partitioned = 0 + +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combating +; session hijacking when not specifying and managing your own session id. It is +; not the be-all and end-all of session hijacking defense, but it's a good start. +; https://php.net/session.use-only-cookies +session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +; https://php.net/session.name +session.name = PHPSESSID + +; Initialize session on request startup. +; https://php.net/session.auto-start +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +; https://php.net/session.cookie-lifetime +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +; https://php.net/session.cookie-path +session.cookie_path = / + +; The domain for which the cookie is valid. +; https://php.net/session.cookie-domain +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it +; inaccessible to browser scripting languages such as JavaScript. +; https://php.net/session.cookie-httponly +session.cookie_httponly = + +; Add SameSite attribute to cookie to help mitigate Cross-Site Request Forgery (CSRF/XSRF) +; Current valid values are "Strict", "Lax" or "None". When using "None", +; make sure to include the quotes, as `none` is interpreted like `false` in ini files. +; https://tools.ietf.org/html/draft-west-first-party-cookies-07 +session.cookie_samesite = + +; Handler used to serialize data. php is the standard serializer of PHP. +; https://php.net/session.serialize-handler +session.serialize_handler = php + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using gc_probability/gc_divisor, +; e.g. 1/100 means there is a 1% chance that the GC process starts on each request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; https://php.net/session.gc-probability +; Debian Default Value: 0 +; This is disabled in the Debian packages due to the strict permissions +; on /var/lib/php. Instead, GC is performed through /etc/cron.d/php, +; which uses the session.gc_maxlifetime setting. Please, check +; /usr/share/doc/php8.2-common/README.Debian.gz for further reference. +session.gc_probability = 0 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using gc_probability/gc_divisor, +; e.g. 1/100 means there is a 1% chance that the GC process starts on each request. +; For high volume production servers, using a value of 1000 is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; https://php.net/session.gc-divisor +session.gc_divisor = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +; https://php.net/session.gc-maxlifetime +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script is the equivalent of setting +; session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; find /path/to/sessions -cmin +24 -type f | xargs rm + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +; https://php.net/session.referer-check +session.referer_check = + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +; https://php.net/session.cache-limiter +session.cache_limiter = nocache + +; Document expires after n minutes. +; https://php.net/session.cache-expire +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users' security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publicly accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +; https://php.net/session.use-trans-sid +session.use_trans_sid = 0 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +;
is special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. tag's action attribute URL will not be modified +; unless it is specified. +; Note that all valid entries require a "=", even if no value follows. +; Default Value: "a=href,area=href,frame=src,form=" +; Development Value: "a=href,area=href,frame=src,form=" +; Production Value: "a=href,area=href,frame=src,form=" +; https://php.net/url-rewriter.tags +session.trans_sid_tags = "a=href,area=href,frame=src,form=" + +; URL rewriter does not rewrite absolute URLs by default. +; To enable rewrites for absolute paths, target hosts must be specified +; at RUNTIME. i.e. use ini_set() +; tags is special. PHP will check action attribute's URL regardless +; of session.trans_sid_tags setting. +; If no host is defined, HTTP_HOST will be used for allowed host. +; Example value: php.net,www.php.net,wiki.php.net +; Use "," for multiple hosts. No spaces are allowed. +; Default Value: "" +; Development Value: "" +; Production Value: "" +;session.trans_sid_hosts="" + +; Enable upload progress tracking in $_SESSION +; Default Value: On +; Development Value: On +; Production Value: On +; https://php.net/session.upload-progress.enabled +;session.upload_progress.enabled = On + +; Cleanup the progress information as soon as all POST data has been read +; (i.e. upload completed). +; Default Value: On +; Development Value: On +; Production Value: On +; https://php.net/session.upload-progress.cleanup +;session.upload_progress.cleanup = On + +; A prefix used for the upload progress key in $_SESSION +; Default Value: "upload_progress_" +; Development Value: "upload_progress_" +; Production Value: "upload_progress_" +; https://php.net/session.upload-progress.prefix +;session.upload_progress.prefix = "upload_progress_" + +; The index name (concatenated with the prefix) in $_SESSION +; containing the upload progress information +; Default Value: "PHP_SESSION_UPLOAD_PROGRESS" +; Development Value: "PHP_SESSION_UPLOAD_PROGRESS" +; Production Value: "PHP_SESSION_UPLOAD_PROGRESS" +; https://php.net/session.upload-progress.name +;session.upload_progress.name = "PHP_SESSION_UPLOAD_PROGRESS" + +; How frequently the upload progress should be updated. +; Given either in percentages (per-file), or in bytes +; Default Value: "1%" +; Development Value: "1%" +; Production Value: "1%" +; https://php.net/session.upload-progress.freq +;session.upload_progress.freq = "1%" + +; The minimum delay between updates, in seconds +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; https://php.net/session.upload-progress.min-freq +;session.upload_progress.min_freq = "1" + +; Only write session data when session data is changed. Enabled by default. +; https://php.net/session.lazy-write +;session.lazy_write = On + +[Assertion] +; Switch whether to compile assertions at all (to have no overhead at run-time) +; -1: Do not compile at all +; 0: Jump over assertion at run-time +; 1: Execute assertions +; Changing from or to a negative value is only possible in php.ini! +; (For turning assertions on and off at run-time, toggle zend.assertions between the values 1 and 0) +; Default Value: 1 +; Development Value: 1 +; Production Value: -1 +; https://php.net/zend.assertions +zend.assertions = -1 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +; https://php.net/com.typelib-file +;com.typelib_file = + +; allow Distributed-COM calls +; https://php.net/com.allow-dcom +;com.allow_dcom = true + +; autoregister constants of a component's typelib on com_load() +; https://php.net/com.autoregister-typelib +;com.autoregister_typelib = true + +; register constants casesensitive +; https://php.net/com.autoregister-casesensitive +;com.autoregister_casesensitive = false + +; show warnings on duplicate constant registrations +; https://php.net/com.autoregister-verbose +;com.autoregister_verbose = true + +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +; The version of the .NET framework to use. The value of the setting are the first three parts +; of the framework's version number, separated by dots, and prefixed with "v", e.g. "v4.0.30319". +;com.dotnet_version= + +[mbstring] +; language for internal character representation. +; This affects mb_send_mail() and mbstring.detect_order. +; https://php.net/mbstring.language +;mbstring.language = Japanese + +; Use of this INI entry is deprecated, use global internal_encoding instead. +; internal/script encoding. +; Some encoding cannot work as internal encoding. (e.g. SJIS, BIG5, ISO-2022-*) +; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. +; The precedence is: default_charset < internal_encoding < iconv.internal_encoding +;mbstring.internal_encoding = + +; Use of this INI entry is deprecated, use global input_encoding instead. +; http input encoding. +; mbstring.encoding_translation = On is needed to use this setting. +; If empty, default_charset or input_encoding or mbstring.input is used. +; The precedence is: default_charset < input_encoding < mbstring.http_input +; https://php.net/mbstring.http-input +;mbstring.http_input = + +; Use of this INI entry is deprecated, use global output_encoding instead. +; http output encoding. +; mb_output_handler must be registered as output buffer to function. +; If empty, default_charset or output_encoding or mbstring.http_output is used. +; The precedence is: default_charset < output_encoding < mbstring.http_output +; To use an output encoding conversion, mbstring's output handler must be set +; otherwise output encoding conversion cannot be performed. +; https://php.net/mbstring.http-output +;mbstring.http_output = + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +; https://php.net/mbstring.encoding-translation +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; "auto" detect order is changed according to mbstring.language +; https://php.net/mbstring.detect-order +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +; https://php.net/mbstring.substitute-character +;mbstring.substitute_character = none + +; Enable strict encoding detection. +;mbstring.strict_detection = Off + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetypes=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetypes= + +; This directive specifies maximum stack depth for mbstring regular expressions. It is similar +; to the pcre.recursion_limit for PCRE. +;mbstring.regex_stack_limit=100000 + +; This directive specifies maximum retry count for mbstring regular expressions. It is similar +; to the pcre.backtrack_limit for PCRE. +;mbstring.regex_retry_limit=1000000 + +[gd] +; Tell the jpeg decode to ignore warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +; https://php.net/gd.jpeg-ignore-warning +;gd.jpeg_ignore_warning = 1 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting must not be empty. +; https://php.net/exif.encode-unicode +;exif.encode_unicode = ISO-8859-15 + +; https://php.net/exif.decode-unicode-motorola +;exif.decode_unicode_motorola = UCS-2BE + +; https://php.net/exif.decode-unicode-intel +;exif.decode_unicode_intel = UCS-2LE + +; https://php.net/exif.encode-jis +;exif.encode_jis = + +; https://php.net/exif.decode-jis-motorola +;exif.decode_jis_motorola = JIS + +; https://php.net/exif.decode-jis-intel +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +; https://php.net/tidy.default-config +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +; https://php.net/tidy.clean-output +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +; https://php.net/soap.wsdl-cache-enabled +soap.wsdl_cache_enabled=1 + +; Sets the directory name where SOAP extension will put cache files. +; https://php.net/soap.wsdl-cache-dir +soap.wsdl_cache_dir="/tmp" + +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +; https://php.net/soap.wsdl-cache-ttl +soap.wsdl_cache_ttl=86400 + +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[dba] +;dba.default_handler= + +[opcache] +; Determines if Zend OPCache is enabled +;opcache.enable=1 + +; Determines if Zend OPCache is enabled for the CLI version of PHP +;opcache.enable_cli=0 + +; The OPcache shared memory storage size. +;opcache.memory_consumption=128 + +; The amount of memory for interned strings in Mbytes. +;opcache.interned_strings_buffer=8 + +; The maximum number of keys (scripts) in the OPcache hash table. +; Only numbers between 200 and 1000000 are allowed. +;opcache.max_accelerated_files=10000 + +; The maximum percentage of "wasted" memory until a restart is scheduled. +;opcache.max_wasted_percentage=5 + +; When this directive is enabled, the OPcache appends the current working +; directory to the script key, thus eliminating possible collisions between +; files with the same name (basename). Disabling the directive improves +; performance, but may break existing applications. +;opcache.use_cwd=1 + +; When disabled, you must reset the OPcache manually or restart the +; webserver for changes to the filesystem to take effect. +;opcache.validate_timestamps=1 + +; How often (in seconds) to check file timestamps for changes to the shared +; memory storage allocation. ("1" means validate once per second, but only +; once per request. "0" means always validate) +;opcache.revalidate_freq=2 + +; Enables or disables file search in include_path optimization +;opcache.revalidate_path=0 + +; If disabled, all PHPDoc comments are dropped from the code to reduce the +; size of the optimized code. +;opcache.save_comments=1 + +; If enabled, compilation warnings (including notices and deprecations) will +; be recorded and replayed each time a file is included. Otherwise, compilation +; warnings will only be emitted when the file is first cached. +;opcache.record_warnings=0 + +; Allow file existence override (file_exists, etc.) performance feature. +;opcache.enable_file_override=0 + +; A bitmask, where each bit enables or disables the appropriate OPcache +; passes +;opcache.optimization_level=0x7FFFBFFF + +;opcache.dups_fix=0 + +; The location of the OPcache blacklist file (wildcards allowed). +; Each OPcache blacklist file is a text file that holds the names of files +; that should not be accelerated. The file format is to add each filename +; to a new line. The filename may be a full path or just a file prefix +; (i.e., /var/www/x blacklists all the files and directories in /var/www +; that start with 'x'). Line starting with a ; are ignored (comments). +;opcache.blacklist_filename= + +; Allows exclusion of large files from being cached. By default all files +; are cached. +;opcache.max_file_size=0 + +; How long to wait (in seconds) for a scheduled restart to begin if the cache +; is not being accessed. +;opcache.force_restart_timeout=180 + +; OPcache error_log file name. Empty string assumes "stderr". +;opcache.error_log= + +; All OPcache errors go to the Web server log. +; By default, only fatal errors (level 0) or errors (level 1) are logged. +; You can also enable warnings (level 2), info messages (level 3) or +; debug messages (level 4). +;opcache.log_verbosity_level=1 + +; Preferred Shared Memory back-end. Leave empty and let the system decide. +;opcache.preferred_memory_model= + +; Protect the shared memory from unexpected writing during script execution. +; Useful for internal debugging only. +;opcache.protect_memory=0 + +; Allows calling OPcache API functions only from PHP scripts which path is +; started from specified string. The default "" means no restriction +;opcache.restrict_api= + +; Mapping base of shared memory segments (for Windows only). All the PHP +; processes have to map shared memory into the same address space. This +; directive allows to manually fix the "Unable to reattach to base address" +; errors. +;opcache.mmap_base= + +; Facilitates multiple OPcache instances per user (for Windows only). All PHP +; processes with the same cache ID and user share an OPcache instance. +;opcache.cache_id= + +; Enables and sets the second level cache directory. +; It should improve performance when SHM memory is full, at server restart or +; SHM reset. The default "" disables file based caching. +;opcache.file_cache= + +; Enables or disables read-only mode for the second level cache directory. +; It should improve performance for read-only containers, +; when the cache is pre-warmed and packaged alongside the application. +; Best used with `opcache.validate_timestamps=0`, `opcache.enable_file_override=1` +; and `opcache.file_cache_consistency_checks=0`. +; Note: A cache generated with a different build of PHP, a different file path, +; or different settings (including which extensions are loaded), may be ignored. +;opcache.file_cache_read_only=0 + +; Enables or disables opcode caching in shared memory. +;opcache.file_cache_only=0 + +; Enables or disables checksum validation when script loaded from file cache. +;opcache.file_cache_consistency_checks=1 + +; Implies opcache.file_cache_only=1 for a certain process that failed to +; reattach to the shared memory (for Windows only). Explicitly enabled file +; cache is required. +;opcache.file_cache_fallback=1 + +; Enables or disables copying of PHP code (text segment) into HUGE PAGES. +; Under certain circumstances (if only a single global PHP process is +; started from which all others fork), this can increase performance +; by a tiny amount because TLB misses are reduced. On the other hand, this +; delays PHP startup, increases memory usage and degrades performance +; under memory pressure - use with care. +; Requires appropriate OS configuration. +;opcache.huge_code_pages=0 + +; Validate cached file permissions. +;opcache.validate_permission=0 + +; Prevent name collisions in chroot'ed environment. +;opcache.validate_root=0 + +; If specified, it produces opcode dumps for debugging different stages of +; optimizations. +;opcache.opt_debug_level=0 + +; Specifies a PHP script that is going to be compiled and executed at server +; start-up. +; https://php.net/opcache.preload +;opcache.preload= + +; Preloading code as root is not allowed for security reasons. This directive +; facilitates to let the preloading to be run as another user. +; https://php.net/opcache.preload_user +;opcache.preload_user= + +; Prevents caching files that are less than this number of seconds old. It +; protects from caching of incompletely updated files. In case all file updates +; on your site are atomic, you may increase performance by setting it to "0". +;opcache.file_update_protection=2 + +; Absolute path used to store shared lockfiles (for *nix only). +;opcache.lockfile_path=/tmp + +[curl] +; A default value for the CURLOPT_CAINFO option. This is required to be an +; absolute path. +;curl.cainfo = + +[openssl] +; The location of a Certificate Authority (CA) file on the local filesystem +; to use when verifying the identity of SSL/TLS peers. Most users should +; not specify a value for this directive as PHP will attempt to use the +; OS-managed cert stores in its absence. If specified, this value may still +; be overridden on a per-stream basis via the "cafile" SSL stream context +; option. +;openssl.cafile= + +; If openssl.cafile is not specified or if the CA file is not found, the +; directory pointed to by openssl.capath is searched for a suitable +; certificate. This value must be a correctly hashed certificate directory. +; Most users should not specify a value for this directive as PHP will +; attempt to use the OS-managed cert stores in its absence. If specified, +; this value may still be overridden on a per-stream basis via the "capath" +; SSL stream context option. +;openssl.capath= + +; The libctx is an OpenSSL library context. OpenSSL defines a default library +; context, but PHP OpenSSL also defines its own library context to avoid +; interference with other libraries using OpenSSL and to provide an independent +; context for each thread in ZTS. Possible values: +; "custom" - use a custom library context (default) +; "default" - use the default OpenSSL library context +;openssl.libctx=custom + +[ffi] +; FFI API restriction. Possible values: +; "preload" - enabled in CLI scripts and preloaded files (default) +; "false" - always disabled +; "true" - always enabled +;ffi.enable=preload + +; List of headers files to preload, wildcard patterns allowed. +;ffi.preload= diff --git a/protected/docs/var/www/errors/error_images/404page.jpg b/protected/docs/var/www/errors/error_images/404page.jpg new file mode 100644 index 0000000..4d7fbe8 Binary files /dev/null and b/protected/docs/var/www/errors/error_images/404page.jpg differ diff --git a/protected/docs/var/www/errors/html/en/404.html b/protected/docs/var/www/errors/html/en/404.html new file mode 100644 index 0000000..5307d75 --- /dev/null +++ b/protected/docs/var/www/errors/html/en/404.html @@ -0,0 +1,30 @@ + + + + + + + 404 Page not found! + + + +
+ 404 Error Page not found. +

404 Page not found!

+

Our apologies for the temporary inconvenience.

+
+ + diff --git a/protected/docs/var/www/errors/html/en/50x.html b/protected/docs/var/www/errors/html/en/50x.html new file mode 100644 index 0000000..e28b285 --- /dev/null +++ b/protected/docs/var/www/errors/html/en/50x.html @@ -0,0 +1 @@ +50x Server Error...Sorry, we had a processing error on our end. diff --git a/protected/docs/var/www/errors/html/en/forbidden.html b/protected/docs/var/www/errors/html/en/forbidden.html new file mode 100644 index 0000000..4d49f2f --- /dev/null +++ b/protected/docs/var/www/errors/html/en/forbidden.html @@ -0,0 +1 @@ +Dude, get out.... diff --git a/protected/sql/initGoals.sql b/protected/sql/initGoals.sql index 2213bea..5e70c9e 100644 --- a/protected/sql/initGoals.sql +++ b/protected/sql/initGoals.sql @@ -40,7 +40,8 @@ CREATE TABLE goals ( title VARCHAR(255) NOT NULL, description TEXT, approved TINYINT UNSIGNED DEFAULT 0, - youtube TINYINT UNSIGNED DEFAULT 0 + youtube TINYINT UNSIGNED DEFAULT 0, + created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP ); CREATE TABLE tags ( diff --git a/protected/src/Classes/BaseController.php b/protected/src/Classes/BaseController.php index e11af09..29efef8 100644 --- a/protected/src/Classes/BaseController.php +++ b/protected/src/Classes/BaseController.php @@ -14,16 +14,18 @@ use Psr\Http\Message\ServerRequestInterface; use Psr\Http\Message\ResponseInterface; use IOcornerstone\Framework\{ HtmlDocument, - View + View, + SaferOutput, }; class BaseController { public string $pageOutput = ''; // To keep views working...without Dynamic Variable Error! public static $params; // To keep Routes working... - private $http; + public $http; public $view; public $html; + public $outputHTML; protected string $footer = ""; protected string $authors = ""; @@ -33,6 +35,7 @@ class BaseController $this->http = new HttpFactory(); $this->view = new View(); $this->html = new HtmlDocument(); + $this->outputHTML = SaferOutput::class; // If the child controller has an init() method, call it automatically if (method_exists($this, 'init')) { diff --git a/protected/src/Classes/Logic/HomeSearch.php b/protected/src/Classes/Logic/HomeSearch.php index b4c4b7d..28dd143 100644 --- a/protected/src/Classes/Logic/HomeSearch.php +++ b/protected/src/Classes/Logic/HomeSearch.php @@ -17,10 +17,10 @@ namespace Project\Classes\Logic; class HomeSearch { - public static function Tags(): array + public static function Tags(object $request): array { - $a['search'] = $_GET['search'] ?? false; - $a['tag'] = $_GET['tag'] ?? false; + $a['search'] = $request->getVar()->get('search', false); + $a['tag'] = $request->getVar()->get('tag', false); if (empty($a['search'])) { $a['search'] = false; @@ -33,9 +33,9 @@ class HomeSearch return $a; } - public static function MyUUID(): array + public static function MyUUID(object $request): array { - $a['MyUUID'] = $_GET['g'] ?? false; + $a['MyUUID'] = $request->getVar()->get('g', false); return $a; } diff --git a/protected/src/Classes/Models/HomeFetchModel.php b/protected/src/Classes/Models/HomeFetchModel.php index 9e3ef63..9ae0bd4 100644 --- a/protected/src/Classes/Models/HomeFetchModel.php +++ b/protected/src/Classes/Models/HomeFetchModel.php @@ -17,9 +17,10 @@ namespace Project\Classes\Models; */ class HomeFetchModel { - + public function __construct(private \PDO $pdo) { + } public function GetGoals(array $a) @@ -48,35 +49,58 @@ LEFT JOIN tags t ON gt.tag_id=t.id"; } $sql .= " ORDER BY g.created_at DESC"; - $stmt = $this->pdo->prepare($sql); - $stmt->execute($params); - return $stmt->fetchAll(\PDO::FETCH_ASSOC); + try { + $stmt = $this->pdo->prepare($sql); + $stmt->execute($params); + return $stmt->fetchAll(\PDO::FETCH_ASSOC); + } catch (\PDOException $e) { + echo $e->getMessage(); + } + return []; } - + public function GetTags(array $g) { - $pdo = \IOcornerstone\Framework\Configure::get('db'); - - $tags=$pdo->prepare("SELECT name FROM tags t JOIN goal_tags gt ON t.id=gt.tag_id WHERE gt.goal_id=?"); - return $tags->execute([$g['id']]); + try { + $tags = $this->pdo->prepare("SELECT name FROM tags t JOIN goal_tags gt ON t.id=gt.tag_id WHERE gt.goal_id=?"); + return $tags->execute([$g['id']]); + } catch (\PDOException $e) { + echo $e->getMessage(); + } + return []; } - + public function GetGoal(array $a) { - $stmt= $this->pdo->prepare("SELECT id,title,description FROM goals WHERE uuid=? AND approved=1"); - $stmt->execute([$a['MyUUID']]); - return $stmt->fetch(\PDO::FETCH_ASSOC); + try { + $stmt = $this->pdo->prepare("SELECT id,title,description FROM goals WHERE uuid=? AND approved=1"); + $stmt->execute([$a['MyUUID']]); + return $stmt->fetch(\PDO::FETCH_ASSOC); + } catch (\PDOException $e) { + echo $e->getMessage(); + } + return []; } - + public function GetVotes(array $a) { - $stmt= $this->pdo->prepare("SELECT id,content,votes FROM advice WHERE goal_id=? AND approved=1 ORDER BY votes DESC"); - return $stmt->execute([$a['id']]); + try { + $stmt = $this->pdo->prepare("SELECT id,content,votes FROM advice WHERE goal_id=? AND approved=1 ORDER BY votes DESC"); + return $stmt->execute([$a['id']]); + } catch (\PDOException $e) { + echo $e->getMessage(); + } + return []; } - + public function GetComments(array $a) { - $comments=$this->pdo->prepare("SELECT content FROM advice_comments WHERE advice_id=? AND approved=1"); - return $comments->execute([$a['id']]); + try { + $comments = $this->pdo->prepare("SELECT content FROM advice_comments WHERE advice_id=? AND approved=1"); + return $comments->execute([$a['id']]); + } catch (\PDOException $e) { + echo $e->getMessage(); + } + return []; } } diff --git a/protected/src/Classes/Models/HomeLoginModel.php b/protected/src/Classes/Models/HomeLoginModel.php index cf32d91..49b06f0 100644 --- a/protected/src/Classes/Models/HomeLoginModel.php +++ b/protected/src/Classes/Models/HomeLoginModel.php @@ -42,7 +42,7 @@ class HomeLoginModel $name = $email_row['first_name'] ?? ""; $_SESSION['first_name'] = $name; - return $user_row['pwd']; + return $user_row['pwd'] ?? ""; } catch (\PDOException $e) { echo $e->getMessage(); } diff --git a/protected/src/Configs/on_ErrorCodes.php b/protected/src/Configs/on_ErrorCodes.php new file mode 100644 index 0000000..b0aa0bd --- /dev/null +++ b/protected/src/Configs/on_ErrorCodes.php @@ -0,0 +1,43 @@ + "Error Code# " . $codeNumber->value, + false => "[".$codeNumber->name . "]; Code# " . $codeNumber->value . PHP_EOL . "Error Message: " . $err->getMessage(), + default => "UnKnown Error", + }; + + if ($throwMe) { + Throw new \Exception( + "[" . $codeNumber->name . "]; " . $err->getMessage(), + $codeNumber->value + ); + } + + return $returnMessage; + } +} diff --git a/protected/src/Configs/on_HtmlPurifier.php b/protected/src/Configs/on_HtmlPurifier.php new file mode 100644 index 0000000..d5bb734 --- /dev/null +++ b/protected/src/Configs/on_HtmlPurifier.php @@ -0,0 +1,16 @@ + false +]); \ No newline at end of file diff --git a/protected/src/Configs/on_IOcornerstone.php b/protected/src/Configs/on_IOcornerstone.php index 8c3ad4b..cf3c98b 100644 --- a/protected/src/Configs/on_IOcornerstone.php +++ b/protected/src/Configs/on_IOcornerstone.php @@ -27,7 +27,7 @@ use IOcornerstone\Framework\{ * * When in Doubt, just make live false, below here!!! */ -// SiteHelper::setLocalSiteDomains('pc1'); +SiteHelper::setLocalSiteDomains('goals.dev.local'); // SiteHelper::setAllowedPrivateIPs(['192.168.32.2', '192.168.32.3']); // SiteHelper::setAllowedPublicIPs('12.x.x.x'); diff --git a/protected/src/Configs/on_Security b/protected/src/Configs/on_Security new file mode 100644 index 0000000..2dca813 --- /dev/null +++ b/protected/src/Configs/on_Security @@ -0,0 +1,17 @@ + 172800, // 2 Days Login + 'max_token_age' => 7200, // 2 Hours + 'token_life' => 7300, +]); \ No newline at end of file diff --git a/protected/src/Controllers/App/HomeController.php b/protected/src/Controllers/App/HomeController.php index 32594ad..0323bf0 100644 --- a/protected/src/Controllers/App/HomeController.php +++ b/protected/src/Controllers/App/HomeController.php @@ -35,8 +35,8 @@ class HomeController extends BaseController public function Index(): ResponseInterface { Security::initSessions(); - - $this->html->setActiveCrumb("Main Page"); + + $this->html->setActiveCrumb("Home Page"); $this->html->addCss("css/index.css"); $this->html->addToJavascript("function filterTag(tag){ \r\n window.location='?tag='+encodeURIComponent(tag); \r\n }"); @@ -50,13 +50,13 @@ class HomeController extends BaseController $this->view->setView("App/Home/Index"); $this->view->set("Model", $model); - $inputs = HomeSearch::Tags(); + $inputs = HomeSearch::Tags($this->request); $goals = $model->GetGoals($inputs); $this->view->set("Goals", $goals); IndexAuthContainer::Logins($this); - $uid = HomeSearch::MyUUID(); + $uid = HomeSearch::MyUUID($this->request); $this->view->set("Uid", $uid); $bb = new BbCodeParser(); @@ -70,11 +70,11 @@ class HomeController extends BaseController public function Register(): ResponseInterface { $this->html->setActiveCrumb("Registion"); - $this->html->setBreadcrumbs(['/App/Home/Index.html'=>"Main Page"]); + $this->html->setBreadcrumbs(['/App/Home/Index.html'=>"Home Page"]); $this->html->addCss("css/registration.css"); $this->html->addJS("js/registration.js"); - $this->html->setTitleAndHeader("Register"); + $this->html->setTitleAndHeader("Register"); $this->view->set('html', $this->html); $this->view->setPhpTemplate('main'); @@ -89,7 +89,7 @@ class HomeController extends BaseController public function Login(): ResponseInterface { $this->html->setActiveCrumb("LogIn"); - $this->html->setBreadcrumbs(['/App/Home/Index.html'=>"Main Page"]); + $this->html->setBreadcrumbs(['/App/Home/Index.html'=>"Home Page"]); Security::initSessions(); @@ -110,7 +110,7 @@ class HomeController extends BaseController public function Logout(): ResponseInterface { $this->html->setActiveCrumb("LogOut"); - $this->html->setBreadcrumbs(['/App/Home/Index.html'=>"Main Page"]); + $this->html->setBreadcrumbs(['/App/Home/Index.html'=>"Home Page"]); $this->html->setTitleAndHeader("Logged Out"); @@ -118,11 +118,11 @@ class HomeController extends BaseController $_SESSION = []; unset($_SESSION); - session_destroy(); $this->view->set('html', $this->html); $this->view->setPhpTemplate('main'); + $this->view->setView("App/Home/Logout"); $myView = $this->view->fetch($this); return $this->returnResponse($myView); diff --git a/protected/src/Services/on_App.php b/protected/src/LoadServices/on_App.php similarity index 100% rename from protected/src/Services/on_App.php rename to protected/src/LoadServices/on_App.php diff --git a/protected/src/Services/on_CORs.php b/protected/src/LoadServices/on_CORs.php similarity index 100% rename from protected/src/Services/on_CORs.php rename to protected/src/LoadServices/on_CORs.php diff --git a/protected/src/Services/on_Db.php b/protected/src/LoadServices/on_Db.php similarity index 80% rename from protected/src/Services/on_Db.php rename to protected/src/LoadServices/on_Db.php index 5bfc4a5..372ea2a 100644 --- a/protected/src/Services/on_Db.php +++ b/protected/src/LoadServices/on_Db.php @@ -12,6 +12,7 @@ namespace IOcornerstone; use IOcornerstone\Framework\Configure; use IOcornerstone\Framework\Common; +use IOcornerstone\ErrorCodes; class Database { @@ -31,10 +32,12 @@ class Database $pdo = new \PDO($dsn, $this->user, $this->password, [\PDO::ATTR_ERRMODE => \PDO::ERRMODE_EXCEPTION]); } catch (\PDOException $e) { - die('DB Connection failed'); + echo ErrorCodes::getErrorCodeFor(ErrorCodes::DB_Connection_Error, $e, throwMe: true); + } + + if (isset($pdo)) { + Configure::set('db', $pdo); } - - Configure::set('db', $pdo); Common::wipe($_ENV['DB_PASSWORD']); Common::wipe($this->password); diff --git a/protected/src/Services/on_Debugger.php b/protected/src/LoadServices/on_Debugger.php similarity index 100% rename from protected/src/Services/on_Debugger.php rename to protected/src/LoadServices/on_Debugger.php diff --git a/protected/src/LoadServices/on_HtmlFilter.php b/protected/src/LoadServices/on_HtmlFilter.php new file mode 100644 index 0000000..cf15b81 --- /dev/null +++ b/protected/src/LoadServices/on_HtmlFilter.php @@ -0,0 +1,20 @@ +register('html_filter', function() { + + $use_file_cache = Config::get('html_purifier', "enable_file_caching") ?? false; + return new IOcornerstone\Framework\Services\HtmlFilter( + $use_file_cache + ); +}); \ No newline at end of file diff --git a/protected/src/Services/on_Logger.php b/protected/src/LoadServices/on_Logger.php similarity index 100% rename from protected/src/Services/on_Logger.php rename to protected/src/LoadServices/on_Logger.php diff --git a/protected/src/Services/on_Repository.php b/protected/src/LoadServices/on_Repository.php similarity index 89% rename from protected/src/Services/on_Repository.php rename to protected/src/LoadServices/on_Repository.php index d44e2af..2f316f7 100644 --- a/protected/src/Services/on_Repository.php +++ b/protected/src/LoadServices/on_Repository.php @@ -6,6 +6,8 @@ declare(strict_types=1); * @author Robert Strutts * @copyright (c) 2026, Robert Strutts * @license MIT + * + * Used for Database Connections... */ namespace IOcornerstone; diff --git a/protected/src/Services/on_Session_Encryption.php b/protected/src/LoadServices/on_Session_Encryption.php similarity index 100% rename from protected/src/Services/on_Session_Encryption.php rename to protected/src/LoadServices/on_Session_Encryption.php diff --git a/protected/src/Services/on_Sessions.php b/protected/src/LoadServices/on_Sessions.php similarity index 100% rename from protected/src/Services/on_Sessions.php rename to protected/src/LoadServices/on_Sessions.php diff --git a/protected/src/Services/on_zDB.php b/protected/src/LoadServices/on_zDB.php similarity index 100% rename from protected/src/Services/on_zDB.php rename to protected/src/LoadServices/on_zDB.php diff --git a/protected/src/Views/Common/App/Home/Index.php b/protected/src/Views/Common/App/Home/Index.php index d87a4aa..a6a844a 100644 --- a/protected/src/Views/Common/App/Home/Index.php +++ b/protected/src/Views/Common/App/Home/Index.php @@ -24,9 +24,10 @@ function end_of_the_line(): void

All Goals

+
- +outputHTML::get($g['title']) ?> GetTags($g); @@ -48,15 +49,15 @@ if ($goal === false) { end_of_the_line(); } else { ?>
-

-

parse(nl2br(htmlspecialchars($goal['description']))) ?>

+

outputHTML::get($goal['title']) ?>

+

parse(nl2br($local->outputHTML::get($goal['description']))) ?>

GetVotes($goal); foreach($stmt as $a): ?>
-

parse(htmlspecialchars($a['content'])) ?>

+

parse($local->outputHTML::get($a['content'])) ?>

👍
@@ -66,7 +67,7 @@ foreach($stmt as $a): ?> GetComments($a); foreach($comments as $c): ?> -
parse(htmlspecialchars($c['content'])) ?>
+
parse($local->outputHTML::get($c['content'])) ?>
diff --git a/protected/src/Views/Common/App/Home/Logout.php b/protected/src/Views/Common/App/Home/Logout.php new file mode 100644 index 0000000..5035b0a --- /dev/null +++ b/protected/src/Views/Common/App/Home/Logout.php @@ -0,0 +1,15 @@ + + +

getHeader(); ?>

+ +

Thanks, for using the StickingToGoals.com site. I hope you enjoyed your stay...

\ No newline at end of file diff --git a/protected/src/composer.json b/protected/src/composer.json index f597eef..e6d71ee 100644 --- a/protected/src/composer.json +++ b/protected/src/composer.json @@ -12,6 +12,7 @@ } }, "require": { - "vlucas/phpdotenv": "^5.6" + "vlucas/phpdotenv": "^5.6", + "ezyang/htmlpurifier": "^4.19" } } diff --git a/protected/src/composer.lock b/protected/src/composer.lock index 76e4970..cda9243 100644 --- a/protected/src/composer.lock +++ b/protected/src/composer.lock @@ -4,8 +4,69 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "1f06c8427699f747776f24f4389f751e", + "content-hash": "20810c164fd612d2733ce60863e76b0f", "packages": [ + { + "name": "ezyang/htmlpurifier", + "version": "v4.19.0", + "source": { + "type": "git", + "url": "https://github.com/ezyang/htmlpurifier.git", + "reference": "b287d2a16aceffbf6e0295559b39662612b77fcf" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/ezyang/htmlpurifier/zipball/b287d2a16aceffbf6e0295559b39662612b77fcf", + "reference": "b287d2a16aceffbf6e0295559b39662612b77fcf", + "shasum": "" + }, + "require": { + "php": "~5.6.0 || ~7.0.0 || ~7.1.0 || ~7.2.0 || ~7.3.0 || ~7.4.0 || ~8.0.0 || ~8.1.0 || ~8.2.0 || ~8.3.0 || ~8.4.0 || ~8.5.0" + }, + "require-dev": { + "cerdic/css-tidy": "^1.7 || ^2.0", + "simpletest/simpletest": "dev-master" + }, + "suggest": { + "cerdic/css-tidy": "If you want to use the filter 'Filter.ExtractStyleBlocks'.", + "ext-bcmath": "Used for unit conversion and imagecrash protection", + "ext-iconv": "Converts text to and from non-UTF-8 encodings", + "ext-tidy": "Used for pretty-printing HTML" + }, + "type": "library", + "autoload": { + "files": [ + "library/HTMLPurifier.composer.php" + ], + "psr-0": { + "HTMLPurifier": "library/" + }, + "exclude-from-classmap": [ + "/library/HTMLPurifier/Language/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "LGPL-2.1-or-later" + ], + "authors": [ + { + "name": "Edward Z. Yang", + "email": "admin@htmlpurifier.org", + "homepage": "http://ezyang.com" + } + ], + "description": "Standards compliant HTML filter written in PHP", + "homepage": "http://htmlpurifier.org/", + "keywords": [ + "html" + ], + "support": { + "issues": "https://github.com/ezyang/htmlpurifier/issues", + "source": "https://github.com/ezyang/htmlpurifier/tree/v4.19.0" + }, + "time": "2025-10-17T16:34:55+00:00" + }, { "name": "graham-campbell/result-type", "version": "v1.1.4", diff --git a/public/assets/css/breadcrumbs.css b/public/assets/css/breadcrumbs.css index 825aad8..934119a 100644 --- a/public/assets/css/breadcrumbs.css +++ b/public/assets/css/breadcrumbs.css @@ -1,6 +1,6 @@ /* Style the list */ ul.breadcrumb { - padding: 10px 16px; + padding: 6px 8px; list-style: none; background-color: #eee; } @@ -28,4 +28,11 @@ ul.breadcrumb li a { ul.breadcrumb li a:hover { color: #01447e; text-decoration: underline; +} + +.homecrumb { + color: black; + width: 14px; + height: 14px; + padding-right: 5px; } \ No newline at end of file diff --git a/public/assets/css/index.css b/public/assets/css/index.css index f165325..bb2f040 100644 --- a/public/assets/css/index.css +++ b/public/assets/css/index.css @@ -53,6 +53,7 @@ input,textarea{ } .auth-container { + float: right; display: flex; gap: 20px; } \ No newline at end of file diff --git a/public/assets/images/404page.jpg b/public/assets/images/404page.jpg new file mode 100644 index 0000000..4d7fbe8 Binary files /dev/null and b/public/assets/images/404page.jpg differ diff --git a/public/index.php b/public/main.page similarity index 100% rename from public/index.php rename to public/main.page