From aa96780c0be6319d51de35b18320a38384018c2f Mon Sep 17 00:00:00 2001
From: D9ping <D9ping@users.noreply.github.com>
Date: Fri, 24 Aug 2018 10:22:59 +0200
Subject: [PATCH] Backup php configuration before changing it. Removed support
 for disabling php extensions.

Signed-off-by: D9ping <D9ping@users.noreply.github.com>
---
 installers/common.sh | 27 ++++++---------------------
 1 file changed, 6 insertions(+), 21 deletions(-)

diff --git a/installers/common.sh b/installers/common.sh
index 32e58b03..71a18c8c 100755
--- a/installers/common.sh
+++ b/installers/common.sh
@@ -270,7 +270,8 @@ function patch_system_files() {
 
 
 # Change configuration of php-cgi.
-function configure_php() {
+function reconfigure_php() {
+    install_log "Reconfiguring php"
     phpcgiconf=""
     if [ "$php_package" = "php7.0-cgi" ]; then
         phpcgiconf="/etc/php/7.0/cgi/php.ini"
@@ -279,13 +280,12 @@ function configure_php() {
     fi
 
     if [ -f "$phpcgiconf" ]; then
-        # Set the httpOnly flag on session cookies. 
-        # So they cannot be read by javascript, if cookie flag supported by useragent.
+        # Backup php configuration.
+        sudo cp "$phpcgiconf" "$phpcgiconf.`date +%F-%R`"
+        # Turn on the httpOnly flag if off.
         sudo sed -i -E 's/^session\.cookie_httponly\s*=\s*(0|([O|o]ff)|([F|f]alse)|([N|n]o))\s*$/session.cookie_httponly = 1/' "$phpcgiconf"
         # Don't accept uninitialized session ID's.
         sudo sed -i -E 's/^session\.use_strict_mode\s*=\s*(0|([O|o]ff)|([F|f]alse)|([N|n]o))\s*$/session.use_strict_mode = 1/' "$phpcgiconf"
-        # Turn off file upload support if on.
-        sudo sed -i -E 's/^file_uploads\s*=\s*(1|([O|o]n)|([T|t]rue)|([Y|y]es))\s*$/file_uploads = 0/' "$phpcgiconf"
         if [ "$php_package" = "php7.0-cgi" ]; then
             # Enable PHP Zend Opcache.
             sudo sed -i -E 's/^;?opcache\.enable\s*=\s*(0|([O|o]ff)|([F|f]alse)|([N|n]o))\s*$/opcache.enable = 1/' "$phpcgiconf"
@@ -300,21 +300,6 @@ function configure_php() {
         install_warning "PHP configuration could not be found."
     fi
 
-
-    # Disable unused php extensions to safe memory use and for hardening.
-    if [ -f "/usr/sbin/phpdismod" ]; then
-        sudo phpdismod phar
-        sudo phpdismod ftp
-        sudo phpdismod sockets
-        sudo phpdismod shmop
-        sudo phpdismod sysvmsg
-        sudo phpdismod sysvsem
-        sudo phpdismod sysvshm
-        sudo phpdismod tokenizer
-    else
-        install_warning "phpdismmod not found."
-    fi
-
     # Apply new php configuration.
     sudo service lighttpd reload
 }
@@ -345,6 +330,6 @@ function install_raspap() {
     move_config_file
     default_configuration
     patch_system_files
-    configure_php
+    reconfigure_php
     install_complete
 }