Keywords: PHP configuration | command-line tools | browser access | security practices | information processing
Abstract: This article explores various methods for viewing PHP configuration information in Ubuntu systems, including command-line tools and browser access. It focuses on the usage of the php -i command, analyzes differences between CLI and web server php.ini files, and provides security best practices. Through custom functions for structured processing of phpinfo output, it offers comprehensive technical reference for developers.
Basic Methods for Viewing PHP Information
In Ubuntu systems, viewing PHP configuration information is a common requirement during development. The traditional browser-based approach requires creating dedicated PHP files and accessing specific URLs, which is intuitive but operationally cumbersome. In practice, PHP provides more convenient command-line tools to obtain configuration information.
Command-Line PHP Information Viewing
Executing the php -i command in the terminal directly outputs complete PHP configuration information. This command displays detailed information such as PHP version, compilation options, and loaded extension modules in a clear, readable format. Compared to the browser method, command-line viewing is more efficient, particularly suitable for server maintenance and debugging scenarios.
Analysis of Environment Configuration Differences
It's important to note that PHP installations typically include two separate configuration environments: Command Line Interface (CLI) and Web Server Interface. These environments use different php.ini configuration files, which may result in inconsistent configuration information displays. To view the web server environment's configuration, use the php -c /etc/php/apache2/php.ini -i command to specify the configuration file path.
Security Considerations for Browser Access
While placing a script calling phpinfo() in the web server root directory enables browser access, this method poses security risks in production environments. Attackers could exploit this information to discover system vulnerabilities. If this approach must be used, it's recommended to add access controls or restrict usage to development environments only.
Structured Processing of Information Output
The phpinfo_array() function from the reference article demonstrates how to convert phpinfo() output into a structured array. This function uses output buffering and regular expression processing to parse HTML-formatted configuration information into an array format suitable for programmatic handling. For example:
<?php
function phpinfo_array($return=false){
ob_start();
phpinfo(-1);
$pi = preg_replace(
array('#^.*<body>(.*)</body>.*$#ms', '#<h2>PHP License</h2>.*$#ms',
'#<h1>Configuration</h1>#', "#\r?\n#", "#</(h1|h2|h3|tr)>#", '# +<#',
"#[ \t]+#", '# #', '# +#', '# class=".*?"#', '%'%',
'#<tr>(?:.*?)" src="(?:.*?)=(.*?)" alt="PHP Logo" /></a>'
.'<h1>PHP Version (.*?)</h1>(?:\n+?)</td></tr>#',
'#<h1><a href="(?:.*?)\?=(.*?)">PHP Credits</a></h1>#',
'#<tr>(?:.*?)" src="(?:.*?)=(.*?)"(?:.*?)Zend Engine (.*?),(?:.*?)</tr>#',
"# +#", '#<tr>#', '#</tr>#'),
array('$1', '', '', '', '</$1>' . "\n", '<', ' ', ' ', ' ', '', ' ',
'<h2>PHP Configuration</h2>'."\n".'<tr><td>PHP Version</td><td>$2</td></tr>'.
"\n".'<tr><td>PHP Egg</td><td>$1</td></tr>',
'<tr><td>PHP Credits Egg</td><td>$1</td></tr>',
'<tr><td>Zend Engine</td><td>$2</td></tr>' . "\n" .
'<tr><td>Zend Egg</td><td>$1</td></tr>', ' ', '%S%', '%E%'),
ob_get_clean());
$sections = explode('<h2>', strip_tags($pi, '<h2><th><td>'));
unset($sections[0]);
$pi = array();
foreach($sections as $section){
$n = substr($section, 0, strpos($section, '</h2>'));
preg_match_all(
'#%S%(?:<td>(.*?)</td>)?(?:<td>(.*?)</td>)?(?:<td>(.*?)</td>)?%E%#',
$section, $askapache, PREG_SET_ORDER);
foreach($askapache as $m)
$pi[$n][$m[1]]=(!isset($m[3])||$m[2]==$m[3])?$m[2]:array_slice($m,2);
}
return ($return === false) ? print_r($pi) : $pi;
}
?>The core concept of this function involves capturing phpinfo() output, cleaning and restructuring HTML content through regular expressions, and ultimately generating a structured configuration array. When the parameter is false, it directly prints the array; when true, it returns the array for further processing.
Practical Recommendations and Summary
In actual development, it's recommended to choose the appropriate viewing method based on specific scenarios: command-line tools are suitable for quick checks and script integration, browser methods are ideal for visual presentation, and structured processing works best for programmatic analysis. Regardless of the method chosen, pay attention to environmental differences and security protection to ensure system configuration information is not maliciously exploited.