WordPress.org

Forums

Phpinfo plugin for anyone who is interested (8 posts)

  1. SeanM
    Member
    Posted 10 years ago #

    First off I am very new to wprdpress and I am not a php coder. I wanted a way to view my phpinfo from the admin area so I threw this together. Simple, but not very elegant, but it works. I am sure there are better ways to do it, and I invite any feedback you may have.

    Why did I do a plugin as obosed to just having a phpinfo.php file out there, well because there are some security issues with doing so.

    Anyway here it is.

    <?php
    /*
    Plugin Name: PHPInfo
    Plugin URI:
    Description: Displays PHPInfo via the admin area.
    Version: v1.0
    Author: SCuM
    Author URI:
    */

    /*
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; either version 2 of the License, or
    (at your option) any later version.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program; if not, write to the Free Software
    Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
    */

    function phpinfoFromAdmin() {
    add_options_page('PHPInfo', 'PHPInfo', 9, basename(__FILE__), 'showPHPInfo');
    }

    add_action('admin_menu', 'phpinfoFromAdmin');

    function showPHPInfo()
    {
    // Get PHPINFO and parse info out
    ob_start();
    phpinfo();
    $phpinfo .= ob_get_contents();
    $phpinfo = preg_replace("#^.*<body>#is", "", $phpinfo);
    $phpinfo = preg_replace("#</body>.*$#is", "", $phpinfo);
    ob_end_clean();

    // Define PHPINFO Style
    $phpinfo_style = "
    <style type=\"text/css\">
    .wrap pre {margin: 0px; font-family: monospace;}
    .wrap table {border-collapse: collapse;}
    .wrap .center {text-align: center;}
    .wrap .center table { margin-left: auto; margin-right: auto; text-align: left;}
    .wrap .center th { text-align: center !important; }
    .wrap td, .wrap th { border: 1px solid #000000; vertical-align: baseline;}
    .wrap .p {text-align: left;}
    .wrap .e {background-color: #ccccff; font-weight: bold; color: #000000;}
    .wrap .h {background-color: #9999cc; font-weight: bold; color: #000000;}
    .wrap .v {background-color: #cccccc; color: #000000;}
    .wrap i {color: #666666; background-color: #cccccc;}
    .wrap img {float: right; border: 0px;}
    .wrap hr {width: 600px; background-color: #cccccc; border: 0px; height: 1px; color: #000000;}
    </style>";

    // Echo it to the screen
    echo $phpinfo_style . "<div class=\"wrap\">" . $phpinfo . "</div>";
    }
    ?>

  2. SeanM
    Member
    Posted 10 years ago #

    Oh sorry, for those who don't know how to install it...which would have been me before tonight. Just save the code to a file called phpinfo.php and put it in your plugins directory. Then go into the admin area and activate it. Then under Options you should see PHPInfo.

  3. churchtown
    Member
    Posted 10 years ago #

    SeanM----
    How sure are you that the information revealed by PHPinfo is available *ONLY* to admin?
    ----best wishes, Robert

  4. SeanM
    Member
    Posted 10 years ago #

    Not very. LOL. Like I said, I am very very new to wordpress. And this plugin is a hack job. I know enough PHP to be dangerous to myself and those around me. Which is one of the reasons I posted it here. I am fairly sure that it is only viewable in the admina area though. Sorry, I wish I could give you big comforting words, but I am still trying to figure out what I am doing.

  5. SeanM
    Member
    Posted 10 years ago #

    I should rephrase that. I did not post it because I am dangerous but I posted it because I might be and I was hoping someone could tell me if I was and if so how to clean it up or if someone wanted to spruce it up.

  6. SeanM
    Member
    Posted 10 years ago #

    OK I found userlevels...
    If you change this line:


    add_options_page('PHPInfo', 'PHPInfo', 9, basename(__FILE__), 'showPHPInfo');

    to this, then I think only the admin can as it says only admin has userleve 10


    add_options_page('PHPInfo', 'PHPInfo', 10, basename(__FILE__), 'showPHPInfo');

  7. churchtown
    Member
    Posted 10 years ago #

    SeanM----
    Now we're both being slightly misunderstood;~) I 'should' be the only user on any of my sites. I want to know if the existence of your information-divulging file is, in ANY fashion, likely to become available remotely. I already have bots at the door (right now) attempting to batter down the defenses with the current injection email exploit vulnerability of WP and/or its plugins [using the http_post process].
    ----best wishes, Robert

  8. SeanM
    Member
    Posted 10 years ago #

    To the best of my knowledge no. Althought I am not an expert and this was my first attempt to write something that I needed. If you use it then great, let me know how you like it, if you don't feel comfortable using it then don't. I have been using it every since I posted it with out any problems.

    And sorry for the long delay, I have not had much time lately to play with wordpress, I am still using the default theme if that tells you anything. And I would still like any input on how I could improve this, as given my lack of time as of late, I am still new to all of this.

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags