diff --git a/src/aphront/console/plugin/DarkConsoleServicesPlugin.php b/src/aphront/console/plugin/DarkConsoleServicesPlugin.php
index 0cd69e578c..757c1e7049 100644
--- a/src/aphront/console/plugin/DarkConsoleServicesPlugin.php
+++ b/src/aphront/console/plugin/DarkConsoleServicesPlugin.php
@@ -1,275 +1,278 @@
getServiceCallLog();
foreach ($log as $key => $entry) {
$config = idx($entry, 'config', array());
unset($log[$key]['config']);
if (empty($_REQUEST['__analyze__'])) {
$log[$key]['explain'] = array(
'sev' => 7,
'size' => null,
'reason' => 'Disabled',
);
// Query analysis is disabled for this request, so don't do any of it.
continue;
}
if ($entry['type'] != 'query') {
continue;
}
// For each SELECT query, go issue an EXPLAIN on it so we can flag stuff
// causing table scans, etc.
if (preg_match('/^\s*SELECT\b/i', $entry['query'])) {
$conn = PhabricatorEnv::newObjectFromConfig(
'mysql.implementation',
array($entry['config']));
try {
$explain = queryfx_all(
$conn,
'EXPLAIN %Q',
$entry['query']);
$badness = 0;
$size = 1;
$reason = null;
foreach ($explain as $table) {
$size *= (int)$table['rows'];
switch ($table['type']) {
case 'index':
$cur_badness = 1;
$cur_reason = 'Index';
break;
case 'const':
$cur_badness = 1;
$cur_reason = 'Const';
break;
case 'eq_ref';
$cur_badness = 2;
$cur_reason = 'EqRef';
break;
case 'range':
$cur_badness = 3;
$cur_reason = 'Range';
break;
case 'ref':
$cur_badness = 3;
$cur_reason = 'Ref';
break;
case 'fulltext':
$cur_badness = 3;
$cur_reason = 'Fulltext';
break;
case 'ALL':
if (preg_match('/Using where/', $table['Extra'])) {
if ($table['rows'] < 256 && !empty($table['possible_keys'])) {
$cur_badness = 2;
$cur_reason = 'Small Table Scan';
} else {
$cur_badness = 6;
$cur_reason = 'TABLE SCAN!';
}
} else {
$cur_badness = 3;
$cur_reason = 'Whole Table';
}
break;
default:
if (preg_match('/No tables used/i', $table['Extra'])) {
$cur_badness = 1;
$cur_reason = 'No Tables';
} else if (preg_match('/Impossible/i', $table['Extra'])) {
$cur_badness = 1;
$cur_reason = 'Empty';
} else {
$cur_badness = 4;
$cur_reason = "Can't Analyze";
}
break;
}
if ($cur_badness > $badness) {
$badness = $cur_badness;
$reason = $cur_reason;
}
}
$log[$key]['explain'] = array(
'sev' => $badness,
'size' => $size,
'reason' => $reason,
);
} catch (Exception $ex) {
$log[$key]['explain'] = array(
'sev' => 5,
'size' => null,
'reason' => $ex->getMessage(),
);
}
}
}
return array(
- 'start' => $GLOBALS['__start__'],
+ 'start' => PhabricatorStartup::getStartTime(),
'end' => microtime(true),
'log' => $log,
);
}
public function render() {
$data = $this->getData();
$log = $data['log'];
$results = array();
$results[] =
'';
$page_total = $data['end'] - $data['start'];
$totals = array();
$counts = array();
foreach ($log as $row) {
$totals[$row['type']] = idx($totals, $row['type'], 0) + $row['duration'];
$counts[$row['type']] = idx($counts, $row['type'], 0) + 1;
}
$totals['All Services'] = array_sum($totals);
$counts['All Services'] = array_sum($counts);
$totals['Entire Page'] = $page_total;
$counts['Entire Page'] = 0;
$summary = array();
foreach ($totals as $type => $total) {
$summary[] = array(
$type,
number_format($counts[$type]),
number_format((int)(1000000 * $totals[$type])).' us',
sprintf('%.1f%%', 100 * $totals[$type] / $page_total),
);
}
$summary_table = new AphrontTableView($summary);
$summary_table->setColumnClasses(
array(
'',
'n',
'n',
'wide',
));
$summary_table->setHeaders(
array(
'Type',
'Count',
'Total Cost',
'Page Weight',
));
$results[] = $summary_table->render();
$rows = array();
foreach ($log as $row) {
$analysis = null;
switch ($row['type']) {
case 'query':
$info = $row['query'];
$info = wordwrap($info, 128, "\n", true);
if (!empty($row['explain'])) {
$analysis = phutil_escape_html($row['explain']['reason']);
$analysis = phutil_render_tag(
'span',
array(
'class' => 'explain-sev-'.$row['explain']['sev'],
),
$analysis);
}
$info = phutil_escape_html($info);
break;
case 'connect':
$info = $row['host'].':'.$row['database'];
$info = phutil_escape_html($info);
break;
case 'exec':
$info = $row['command'];
$info = phutil_escape_html($info);
break;
case 'conduit':
$info = $row['method'];
$info = phutil_escape_html($info);
break;
case 'http':
$info = $row['uri'];
$info = phutil_escape_html($info);
break;
default:
$info = '-';
break;
}
$rows[] = array(
phutil_escape_html($row['type']),
'+'.number_format(1000 * ($row['begin'] - $data['start'])).' ms',
number_format(1000000 * $row['duration']).' us',
$info,
$analysis,
);
}
$table = new AphrontTableView($rows);
$table->setColumnClasses(
array(
null,
'n',
'n',
'wide',
'',
));
$table->setHeaders(
array(
'Event',
'Start',
'Duration',
'Details',
'Analysis',
));
$results[] = $table->render();
return implode("\n", $results);
}
}
diff --git a/src/infrastructure/PhabricatorRequestOverseer.php b/src/infrastructure/PhabricatorRequestOverseer.php
index a26815ceed..ca5408c565 100644
--- a/src/infrastructure/PhabricatorRequestOverseer.php
+++ b/src/infrastructure/PhabricatorRequestOverseer.php
@@ -1,106 +1,98 @@
detectPostMaxSizeTriggered();
}
/**
* Detect if this request has had its POST data stripped by exceeding the
* 'post_max_size' PHP configuration limit.
*
* PHP has a setting called 'post_max_size'. If a POST request arrives with
* a body larger than the limit, PHP doesn't generate $_POST but processes
* the request anyway, and provides no formal way to detect that this
* happened.
*
* We can still read the entire body out of `php://input`. However according
* to the documentation the stream isn't available for "multipart/form-data"
* (on nginx + php-fpm it appears that it is available, though, at least) so
* any attempt to generate $_POST would be fragile.
+ *
+ * @phutil-external-symbol class PhabricatorStartup
*/
private function detectPostMaxSizeTriggered() {
// If this wasn't a POST, we're fine.
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
return;
}
// If there's POST data, clearly we're in good shape.
if ($_POST) {
return;
}
// For HTML5 drag-and-drop file uploads, Safari submits the data as
// "application/x-www-form-urlencoded". For most files this generates
// something in POST because most files decode to some nonempty (albeit
// meaningless) value. However, some files (particularly small images)
// don't decode to anything. If we know this is a drag-and-drop upload,
// we can skip this check.
if (isset($_REQUEST['__upload__'])) {
return;
}
// PHP generates $_POST only for two content types. This routing happens
// in `main/php_content_types.c` in PHP. Normally, all forms use one of
// these content types, but some requests may not -- for example, Firefox
// submits files sent over HTML5 XMLHTTPRequest APIs with the Content-Type
// of the file itself. If we don't have a recognized content type, we
// don't need $_POST.
//
// NOTE: We use strncmp() because the actual content type may be something
// like "multipart/form-data; boundary=...".
//
// NOTE: Chrome sometimes omits this header, see some discussion in T1762
// and http://code.google.com/p/chromium/issues/detail?id=6800
$content_type = idx($_SERVER, 'CONTENT_TYPE', '');
$parsed_types = array(
'application/x-www-form-urlencoded',
'multipart/form-data',
);
$is_parsed_type = false;
foreach ($parsed_types as $parsed_type) {
if (strncmp($content_type, $parsed_type, strlen($parsed_type)) === 0) {
$is_parsed_type = true;
break;
}
}
if (!$is_parsed_type) {
return;
}
// Check for 'Content-Length'. If there's no data, we don't expect $_POST
// to exist.
$length = (int)$_SERVER['CONTENT_LENGTH'];
if (!$length) {
return;
}
// Time to fatal: we know this was a POST with data that should have been
// populated into $_POST, but it wasn't.
$config = ini_get('post_max_size');
- $this->fatal(
+ PhabricatorStartup::didFatal(
"As received by the server, this request had a nonzero content length ".
"but no POST data.\n\n".
"Normally, this indicates that it exceeds the 'post_max_size' setting ".
"in the PHP configuration on the server. Increase the 'post_max_size' ".
"setting or reduce the size of the request.\n\n".
"Request size according to 'Content-Length' was '{$length}', ".
"'post_max_size' is set to '{$config}'.");
}
- /**
- * Defined in webroot/index.php.
- * TODO: Move here.
- *
- * @phutil-external-symbol function phabricator_fatal
- */
- public function fatal($message) {
- phabricator_fatal('FATAL ERROR: '.$message);
- }
-
}
diff --git a/support/PhabricatorStartup.php b/support/PhabricatorStartup.php
new file mode 100644
index 0000000000..90b20e997d
--- /dev/null
+++ b/support/PhabricatorStartup.php
@@ -0,0 +1,222 @@
+>> UNRECOVERABLE FATAL ERROR <<<\n\n";
+ if ($event) {
+ // Even though we should be emitting this as text-plain, escape things
+ // just to be sure since we can't really be sure what the program state
+ // is when we get here.
+ $msg .= htmlspecialchars(
+ $event['message']."\n\n".$event['file'].':'.$event['line'],
+ ENT_QUOTES,
+ 'UTF-8');
+ }
+
+ // flip dem tables
+ $msg .= "\n\n\n";
+ $msg .= "\xe2\x94\xbb\xe2\x94\x81\xe2\x94\xbb\x20\xef\xb8\xb5\x20\xc2\xaf".
+ "\x5c\x5f\x28\xe3\x83\x84\x29\x5f\x2f\xc2\xaf\x20\xef\xb8\xb5\x20".
+ "\xe2\x94\xbb\xe2\x94\x81\xe2\x94\xbb";
+
+ self::didFatal($msg);
+ }
+
+
+/* -( In Case of Apocalypse )---------------------------------------------- */
+
+
+ /**
+ * @task apocalypse
+ */
+ public static function didFatal($message) {
+ $access_log = self::getGlobal('log.access');
+
+ if ($access_log) {
+ try {
+ $access_log->setData(
+ array(
+ 'c' => 500,
+ ));
+ $access_log->write();
+ } catch (Exception $ex) {
+ $message .= "\n(Moreover, unable to write to access log.)";
+ }
+ }
+
+ header(
+ 'Content-Type: text/plain; charset=utf-8',
+ $replace = true,
+ $http_error = 500);
+
+ error_log($message);
+ echo $message;
+
+ exit(1);
+ }
+
+
+/* -( Validation )--------------------------------------------------------- */
+
+
+ /**
+ * @task valiation
+ */
+ private static function setupPHP() {
+ error_reporting(E_ALL | E_STRICT);
+ ini_set('memory_limit', -1);
+ }
+
+
+ /**
+ * @task valiation
+ */
+ private static function verifyPHP() {
+ $required_version = '5.2.3';
+ if (version_compare(PHP_VERSION, $required_version) < 0) {
+ self::didFatal(
+ "You are running PHP version '".PHP_VERSION."', which is older than ".
+ "the minimum version, '{$required_version}'. Update to at least ".
+ "'{$required_version}'.");
+ }
+
+ if (get_magic_quotes_gpc()) {
+ self::didFatal(
+ "Your server is configured with PHP 'magic_quotes_gpc' enabled. This ".
+ "feature is 'highly discouraged' by PHP's developers and you must ".
+ "disable it to run Phabricator. Consult the PHP manual for ".
+ "instructions.");
+ }
+ }
+
+
+ /**
+ * @task valiation
+ */
+ private static function verifyRewriteRules() {
+ if (isset($_REQUEST['__path__'])) {
+ return;
+ }
+
+ if (php_sapi_name() == 'cli-server') {
+ // Compatibility with PHP 5.4+ built-in web server.
+ $url = parse_url($_SERVER['REQUEST_URI']);
+ $_REQUEST['__path__'] = $url['path'];
+ } else {
+ self::didFatal(
+ "Request parameter '__path__' is not set. Your rewrite rules ".
+ "are not configured correctly.");
+ }
+ }
+
+
+ /**
+ * @task valiation
+ */
+ private static function validateGlobal($key) {
+ static $globals = array(
+ 'log.access' => true,
+ );
+
+ if (empty($globals[$key])) {
+ throw new Exception("Access to unknown startup global '{$key}'!");
+ }
+ }
+
+}
diff --git a/webroot/index.php b/webroot/index.php
index fee8fd3fae..bddda96949 100644
--- a/webroot/index.php
+++ b/webroot/index.php
@@ -1,366 +1,276 @@
', where '' ".
"is one of 'development', 'production', or a custom environment.");
}
-if (!isset($_REQUEST['__path__'])) {
- if (php_sapi_name() == 'cli-server') {
- // Compatibility with PHP 5.4+ built-in web server.
- $url = parse_url($_SERVER['REQUEST_URI']);
- $_REQUEST['__path__'] = $url['path'];
- } else {
- phabricator_fatal_config_error(
- "__path__ is not set. Your rewrite rules are not configured correctly.");
- }
-}
-
-if (get_magic_quotes_gpc()) {
- phabricator_fatal_config_error(
- "Your server is configured with PHP 'magic_quotes_gpc' enabled. This ".
- "feature is 'highly discouraged' by PHP's developers and you must ".
- "disable it to run Phabricator. Consult the PHP manual for instructions.");
-}
-
-register_shutdown_function('phabricator_shutdown');
require_once dirname(dirname(__FILE__)).'/conf/__init_conf__.php';
try {
setup_aphront_basics();
$overseer = new PhabricatorRequestOverseer();
$overseer->didStartup();
$conf = phabricator_read_config_file($env);
$conf['phabricator.env'] = $env;
PhabricatorEnv::setEnvConfig($conf);
// This needs to be done before we create the log, because
// PhabricatorAccessLog::getLog() calls date()
$tz = PhabricatorEnv::getEnvConfig('phabricator.timezone');
if ($tz) {
date_default_timezone_set($tz);
}
// Append any paths to $PATH if we need to.
$paths = PhabricatorEnv::getEnvConfig('environment.append-paths');
if (!empty($paths)) {
$current_env_path = getenv('PATH');
$new_env_paths = implode(':', $paths);
putenv('PATH='.$current_env_path.':'.$new_env_paths);
}
// This is the earliest we can get away with this, we need env config first.
PhabricatorAccessLog::init();
$access_log = PhabricatorAccessLog::getLog();
if ($access_log) {
+ PhabricatorStartup::setGlobal('log.access', $access_log);
$access_log->setData(
array(
'R' => idx($_SERVER, 'HTTP_REFERER', '-'),
'r' => idx($_SERVER, 'REMOTE_ADDR', '-'),
'M' => idx($_SERVER, 'REQUEST_METHOD', '-'),
));
}
DarkConsoleXHProfPluginAPI::hookProfiler();
PhutilErrorHandler::initialize();
PhutilErrorHandler::setErrorListener(
array('DarkConsoleErrorLogPluginAPI', 'handleErrors'));
foreach (PhabricatorEnv::getEnvConfig('load-libraries') as $library) {
phutil_load_library($library);
}
if (PhabricatorEnv::getEnvConfig('phabricator.setup')) {
try {
PhabricatorSetup::runSetup();
} catch (Exception $ex) {
echo "EXCEPTION!\n";
echo $ex;
}
return;
}
phabricator_detect_bad_base_uri();
$translation = PhabricatorEnv::newObjectFromConfig('translation.provider');
PhutilTranslator::getInstance()
->setLanguage($translation->getLanguage())
->addTranslations($translation->getTranslations());
$host = $_SERVER['HTTP_HOST'];
$path = $_REQUEST['__path__'];
switch ($host) {
default:
$config_key = 'aphront.default-application-configuration-class';
$application = PhabricatorEnv::newObjectFromConfig($config_key);
break;
}
$application->setHost($host);
$application->setPath($path);
$application->willBuildRequest();
$request = $application->buildRequest();
$write_guard = new AphrontWriteGuard(array($request, 'validateCSRF'));
PhabricatorEventEngine::initialize();
$application->setRequest($request);
list($controller, $uri_data) = $application->buildController();
if ($access_log) {
$access_log->setData(
array(
'U' => (string)$request->getRequestURI()->getPath(),
'C' => get_class($controller),
));
}
// If execution throws an exception and then trying to render that exception
// throws another exception, we want to show the original exception, as it is
// likely the root cause of the rendering exception.
$original_exception = null;
try {
$response = $controller->willBeginExecution();
if ($access_log) {
if ($request->getUser() && $request->getUser()->getPHID()) {
$access_log->setData(
array(
'u' => $request->getUser()->getUserName(),
));
}
}
if (!$response) {
$controller->willProcessRequest($uri_data);
$response = $controller->processRequest();
}
} catch (AphrontRedirectException $ex) {
$response = id(new AphrontRedirectResponse())
->setURI($ex->getURI());
} catch (Exception $ex) {
$original_exception = $ex;
$response = $application->handleException($ex);
}
try {
$response = $controller->didProcessRequest($response);
$response = $application->willSendResponse($response, $controller);
$response->setRequest($request);
$response_string = $response->buildResponseString();
} catch (Exception $ex) {
$write_guard->dispose();
if ($access_log) {
$access_log->write();
}
if ($original_exception) {
$ex = new PhutilAggregateException(
"Multiple exceptions during processing and rendering.",
array(
$original_exception,
$ex,
));
}
- phabricator_fatal('[Rendering Exception] '.$ex->getMessage());
+ PhabricatorStartup::didFatal('[Rendering Exception] '.$ex->getMessage());
}
$write_guard->dispose();
// TODO: Share the $sink->writeResponse() pathway here?
$sink = new AphrontPHPHTTPSink();
$sink->writeHTTPStatus($response->getHTTPResponseCode());
$headers = $response->getCacheHeaders();
$headers = array_merge($headers, $response->getHeaders());
$sink->writeHeaders($headers);
$sink->writeData($response_string);
if ($access_log) {
+ $request_start = PhabricatorStartup::getStartTime();
$access_log->setData(
array(
'c' => $response->getHTTPResponseCode(),
- 'T' => (int)(1000000 * (microtime(true) - $__start__)),
+ 'T' => (int)(1000000 * (microtime(true) - $request_start)),
));
$access_log->write();
}
if (DarkConsoleXHProfPluginAPI::isProfilerRequested()) {
$profile = DarkConsoleXHProfPluginAPI::stopProfiler();
$profile_sample = id(new PhabricatorXHProfSample())
->setFilePHID($profile);
if (empty($_REQUEST['__profile__'])) {
$sample_rate = PhabricatorEnv::getEnvConfig('debug.profile-rate');
} else {
$sample_rate = 0;
}
$profile_sample->setSampleRate($sample_rate);
if ($access_log) {
$profile_sample->setUsTotal($access_log->getData('T'))
->setHostname($access_log->getData('h'))
->setRequestPath($access_log->getData('U'))
->setController($access_log->getData('C'))
->setUserPHID($request->getUser()->getPHID());
}
$profile_sample->save();
}
} catch (Exception $ex) {
- phabricator_fatal("[Exception] ".$ex->getMessage());
+ PhabricatorStartup::didFatal("[Exception] ".$ex->getMessage());
}
/**
* @group aphront
*/
function setup_aphront_basics() {
$aphront_root = dirname(dirname(__FILE__));
$libraries_root = dirname($aphront_root);
$root = null;
if (!empty($_SERVER['PHUTIL_LIBRARY_ROOT'])) {
$root = $_SERVER['PHUTIL_LIBRARY_ROOT'];
}
ini_set(
'include_path',
$libraries_root.PATH_SEPARATOR.ini_get('include_path'));
@include_once $root.'libphutil/src/__phutil_library_init__.php';
if (!@constant('__LIBPHUTIL__')) {
echo "ERROR: Unable to load libphutil. Put libphutil/ next to ".
"phabricator/, or update your PHP 'include_path' to include ".
"the parent directory of libphutil/.\n";
exit(1);
}
// Load Phabricator itself using the absolute path, so we never end up doing
// anything surprising (loading index.php and libraries from different
// directories).
phutil_load_library($aphront_root.'/src');
phutil_load_library('arcanist/src');
}
-function phabricator_fatal_config_error($msg) {
- phabricator_fatal("CONFIG ERROR: ".$msg."\n");
-}
-
function phabricator_detect_bad_base_uri() {
$conf = PhabricatorEnv::getEnvConfig('phabricator.base-uri');
$uri = new PhutilURI($conf);
switch ($uri->getProtocol()) {
case 'http':
case 'https':
break;
default:
- return phabricator_fatal_config_error(
+ PhabricatorStartup::didFatal(
"'phabricator.base-uri' is set to '{$conf}', which is invalid. ".
"The URI must start with 'http://' or 'https://'.");
+ return;
}
if (strpos($uri->getDomain(), '.') === false) {
- phabricator_fatal_config_error(
+ PhabricatorStartup::didFatal(
"'phabricator.base-uri' is set to '{$conf}', which is invalid. The URI ".
"must contain a dot ('.'), like 'http://example.com/', not just ".
"'http://example/'. Some web browsers will not set cookies on domains ".
"with no TLD, and Phabricator requires cookies for login. ".
"If you are using localhost, create an entry in the hosts file like ".
"'127.0.0.1 example.com', and access the localhost with ".
"'http://example.com/'.");
}
}
-function phabricator_shutdown() {
- $event = error_get_last();
-
- if (!$event) {
- return;
- }
-
- switch ($event['type']) {
- case E_ERROR:
- case E_PARSE:
- case E_COMPILE_ERROR:
- break;
- default:
- return;
- }
-
- $msg = ">>> UNRECOVERABLE FATAL ERROR <<<\n\n";
- if ($event) {
- // Even though we should be emitting this as text-plain, escape things just
- // to be sure since we can't really be sure what the program state is when
- // we get here.
- $msg .= phutil_escape_html($event['message'])."\n\n";
- $msg .= phutil_escape_html($event['file'].':'.$event['line']);
- }
-
- // flip dem tables
- $msg .= "\n\n\n";
- $msg .= "\xe2\x94\xbb\xe2\x94\x81\xe2\x94\xbb\x20\xef\xb8\xb5\x20\xc2\xaf".
- "\x5c\x5f\x28\xe3\x83\x84\x29\x5f\x2f\xc2\xaf\x20\xef\xb8\xb5\x20".
- "\xe2\x94\xbb\xe2\x94\x81\xe2\x94\xbb";
-
- phabricator_fatal($msg);
-}
-
-function phabricator_fatal($msg) {
-
- global $access_log;
- if ($access_log) {
- try {
- $access_log->setData(
- array(
- 'c' => 500,
- ));
- $access_log->write();
- } catch (Exception $ex) {
- $msg .= "\nMoreover unable to write to access log.";
- }
- }
-
- header(
- 'Content-Type: text/plain; charset=utf-8',
- $replace = true,
- $http_error = 500);
-
- error_log($msg);
- echo $msg;
-
- exit(1);
-}
-