#!/bin/sh -e
# -*- mode: Shell-script; tab-width: 8; fill-column: 70; -*-
# $Id: php.cli.control,v 0.0.1 2005/10/28 03:31:34 legion Exp $

readonly PHP_SAPI="apache2-mod_php"
readonly PHP_VERSION="5.2.14"
readonly PHP_LIBDIR="/usr/lib/php"
readonly PHP_DOC_ROOT="/var/www/html"

. /etc/control.d/phpfunctions

: ${php_on:?} ${php_off:?}

for f in `ls -1 "/etc/php/$PHP_VERSION/$PHP_SAPI/control.d/"`; do
    . "/etc/php/$PHP_VERSION/$PHP_SAPI/control.d/$f"
done

# Restricted mode
php_rule restricted	"safe_mode"				"$php_on"
php_rule restricted	"safe_mode_include_dir"			"./:$PHP_LIBDIR/:$PHP_LIBDIR/$PHP_VERSION/:/usr/share/php/pear/:/usr/share/php/modules/:/usr/share/php/$PHP_VERSION/modules/"
php_rule restricted	"safe_mode_allowed_env_vars" 		"PHP_"
php_rule restricted	"safe_mode_protected_env_vars"		"LD_LIBRARY_PATH,LD_PRELOAD,PATH,TMPDIR"
php_rule restricted	"disable_functions"			"chdir,dl,ini_get_all,phpinfo,system,shell_exec,popen,proc_open,exec,passthru,pcntl_exec"
php_rule restricted	"max_execution_time"			"30"
php_rule restricted	"max_input_time"			"30"
php_rule restricted	"memory_limit"				"5M"
php_rule restricted	"error_reporting"			"E_ALL" "6143"
php_rule restricted	"display_errors"			"$php_off"
php_rule restricted	"display_startup_errors"		"$php_off"
php_rule restricted	"log_errors"				"$php_on"
php_rule restricted	"ignore_repeated_errors"		"$php_off"
php_rule restricted	"ignore_repeated_source"		"$php_off"
php_rule restricted	"report_memleaks"			"$php_on"
php_rule restricted	"html_errors"				"$php_off"
php_rule restricted	"variables_order"			"GPCS"
php_rule restricted	"register_globals"			"$php_off"
php_rule restricted	"register_argc_argv"			"$php_off"
php_rule restricted	"post_max_size"				"2M"
php_rule restricted	"include_path"				"./:$PHP_LIBDIR/:$PHP_LIBDIR/$PHP_VERSION/:/usr/share/php/pear/:/usr/share/php/modules/:/usr/share/php/$PHP_VERSION/modules/"
php_rule restricted	"doc_root"				"$PHP_DOC_ROOT"
php_rule restricted	"extension_dir"				"$PHP_LIBDIR/$PHP_VERSION/extensions/"
php_rule restricted	"enable_dl"				"$php_off"
php_rule restricted	"upload_max_filesize"			"2M"
php_rule restricted	"allow_url_fopen" 			"$php_off"
php_rule restricted	"define_syslog_variables"		"$php_off"
php_rule restricted	"short_open_tag"			"$php_off"
php_rule restricted	"alt_sapi_config_ini_scan_dir"		"/etc/php/$PHP_VERSION/$PHP_SAPI/php.d"
php_rule restricted	"suhosin.executor.func.blacklist"	"chdir,dl,ini_get_all,phpinfo,system,shell_exec,popen,proc_open,exec,passthru,pcntl_exec"
php_rule restricted	"suhosin.executor.eval.blacklist"	"chdir,dl,ini_get_all,phpinfo,system,shell_exec,popen,proc_open,exec,passthru,pcntl_exec"

# Relaxed mode
php_rule relaxed	"safe_mode"				"$php_off"
php_rule relaxed	"disable_functions"			""
php_rule relaxed	"error_reporting"			"E_ALL" "6143"
php_rule relaxed	"display_errors"			"$php_off"
php_rule relaxed	"display_startup_errors"		"$php_off"
php_rule relaxed	"log_errors"				"$php_on"
php_rule relaxed	"ignore_repeated_errors"		"$php_off"
php_rule relaxed	"ignore_repeated_source"		"$php_off"
php_rule relaxed	"report_memleaks"			"$php_on"
php_rule relaxed	"html_errors"				"$php_on"
php_rule relaxed	"variables_order"			"GPCS"
php_rule relaxed	"register_globals"			"$php_off"
php_rule relaxed	"register_argc_argv"			"$php_off"
php_rule relaxed	"post_max_size"				"4M"
php_rule relaxed	"include_path"				"./:$PHP_LIBDIR/:$PHP_LIBDIR/$PHP_VERSION/:/usr/share/php/pear/:/usr/share/php/modules/:/usr/share/php/$PHP_VERSION/modules/"
php_rule relaxed	"doc_root"				"$PHP_DOC_ROOT"
php_rule relaxed	"extension_dir"				"$PHP_LIBDIR/$PHP_VERSION/extensions/"
php_rule relaxed	"enable_dl"				"$php_on"
php_rule relaxed	"upload_max_filesize"			"2M"
php_rule relaxed	"allow_url_fopen"			"$php_on"
php_rule relaxed	"define_syslog_variables"		"$php_off"
php_rule relaxed	"short_open_tag"			"$php_on"
php_rule relaxed	"alt_sapi_config_ini_scan_dir"		"/etc/php/$PHP_VERSION/$PHP_SAPI/php.d"
php_rule relaxed	"suhosin.executor.func.blacklist"	""
php_rule relaxed	"suhosin.executor.eval.blacklist"	""

# Public mode
php_rule public		"safe_mode"				"$php_off"
php_rule public		"disable_functions"			""
php_rule public		"error_reporting"			"E_ALL & ~E_NOTICE" "6135"
php_rule public		"display_errors"			"$php_on"
php_rule public		"display_startup_errors"		"$php_on"
php_rule public		"log_errors"				"$php_on"
php_rule public		"ignore_repeated_errors"		"$php_off"
php_rule public		"ignore_repeated_source"		"$php_off"
php_rule public		"html_errors"				"$php_on"
php_rule public		"variables_order"			"EGPCS"
php_rule public		"register_globals"			"$php_on"
php_rule public		"register_argc_argv"			"$php_on"
php_rule public		"extension_dir"				"$PHP_LIBDIR/$PHP_VERSION/extensions/"
php_rule public		"enable_dl"				"$php_on"
php_rule public		"allow_url_fopen"			"$php_on"
php_rule public		"define_syslog_variables"		"$php_on"
php_rule public		"short_open_tag"			"$php_on"
php_rule public		"alt_sapi_config_ini_scan_dir"		"/etc/php/$PHP_VERSION/$PHP_SAPI/php.d"
php_rule public		"suhosin.executor.func.blacklist"	""
php_rule public		"suhosin.executor.eval.blacklist"	""

##
## Real action
##

case "$1" in
    status|'')
	for s in $(php_show_modes); do
	    php_check "$s" || continue
	    printf %s\\n "$s"
	    exit
	done
	printf "unknown\n"
	;;
    list)
	php_show_modes
	;;
    help)
	for s in $(php_show_modes); do
	    php_help "$s"
	done
	;;
    *)
	if php_show_modes |grep -qs "\<$1\>"; then
	    php_setmode "$1"
	else
	    php_error "unknown action"
	fi
	;;
esac
