A better phpinfo

Published on June 23, 2009 in Web development. 0 Comments Tags: , , .

The phpinfo() command comes in very useful when you want to check details about your PHP install and server setup. However, there is a lot of output and you won’t need it all. Not everyone knows that you can pass parameters to the function to narrow the scope of the information displayed.

I came up with this simple method to view the results of using these parameters and make it easy to switch between them.

< ?php

	$options = array('CONFIGURATION', 'ENVIRONMENT', 'MODULES', 'VARIABLES', 'GENERAL', 'CREDITS', 'LICENSE', 'ALL');
	$display = (empty($_GET['display']) || !in_array(strtoupper($_GET['display']), $options)) ? 'ALL' : strtoupper($_GET['display']);

	$navigation = array();

	foreach($options as $key=>$value) {
		$navigation[] = ($value != $display) ? '<a href="' . $_SERVER['SCRIPT_NAME'] . '?display=' . $value . '">' . $value . '</a>' : '<strong>' . $value . '</strong>';
	}

	ob_start();

	switch($display) {
		case 'CONFIGURATION':
			phpinfo(INFO_CONFIGURATION);
			break;

		case 'ENVIRONMENT':
			phpinfo(INFO_ENVIRONMENT);
			break;

		case 'MODULES':
			phpinfo(INFO_MODULES);
			break;

		case 'VARIABLES':
			phpinfo(INFO_VARIABLES);
			break;

		case 'GENERAL':
			phpinfo(INFO_GENERAL);
			break;

		case 'CREDITS':
			phpinfo(INFO_CREDITS);
			break;

		case 'LICENSE':
			phpinfo(INFO_LICENSE);
			break;

		case 'ALL': default:
			phpinfo();
			break;
	}

	$content = ob_get_clean();

	if (('CREDITS' === $display) &amp; preg_match('/<h1><a href="([^"]+?)">PHP Credits< \/a>< \/h1>/', $content, $matches) & !empty($matches)) {
		$content = file_get_contents('http://' . $_SERVER['HTTP_HOST'] . $matches[1]);
	}

	echo str_replace('<body>', '</body><body><div class="center options"><p>' . implode(' | ', $navigation) . '</p></div>', $content);

?>

It’s also worth pointing out that the information exposed by this function can be useful to people who want to locate any weaknesses in your system so I would recommend restricting access to this file with a password, by an IP address range or only uploading the file to your webserver temporarily and removing it as soon as you’re finished with it.

0 Response to “A better phpinfo”

Feed for this Entry Trackback Address
  • No Comments

Leave a Reply