/**
* builds the security notes while checking some security issues
* these notes should be displayed!
*
* @return array returns the security issues, or null if none found!
* @author Andreas Morsing
*
* @internal rev :
**/
function getSecurityNotes(&$db)
{
$repository['type'] = config_get('repositoryType');
$repository['path'] = config_get('repositoryPath');
$securityNotes = null;
if (checkForInstallDir()) {
$securityNotes[] = lang_get("sec_note_remove_install_dir");
}
$authCfg = config_get('authentication');
if ('LDAP' == $authCfg['method']) {
if (!checkForLDAPExtension()) {
$securityNotes[] = lang_get("ldap_extension_not_loaded");
}
} else {
if (checkForAdminDefaultPwd($db)) {
$securityNotes[] = lang_get("sec_note_admin_default_pwd");
}
}
if (!checkForBTSConnection()) {
$securityNotes[] = lang_get("bts_connection_problems");
}
if ($repository['type'] == TL_REPOSITORY_TYPE_FS) {
$ret = checkForRepositoryDir($repository['path']);
if (!$ret['status_ok']) {
$securityNotes[] = $ret['msg'];
}
}
// Needed when schemas change has been done.
// This call can be removed when release is stable
$res = checkSchemaVersion($db);
$msg = $res['msg'];
if ($msg != "") {
$securityNotes[] = $msg;
}
$msg = checkEmailConfig();
if (!is_null($msg)) {
foreach ($msg as $detail) {
$securityNotes[] = $detail;
}
}
checkForExtensions($securityNotes);
if (!is_null($securityNotes)) {
$user_feedback = config_get('config_check_warning_mode');
switch ($user_feedback) {
case 'SCREEN':
break;
case 'FILE':
case 'SILENT':
$warnings = '';
$filename = config_get('log_path') . 'config_check.txt';
if (@($handle = fopen($filename, 'w'))) {
$warnings = implode("\n", $securityNotes);
@fwrite($handle, $warnings);
@fclose($handle);
}
$securityNotes = null;
if ($user_feedback == 'FILE') {
$securityNotes[] = sprintf(lang_get('config_check_warnings'), $filename);
}
break;
}
}
return $securityNotes;
}
/**
*
*
*/
function init_gui(&$db, $args)
{
$gui = new stdClass();
$authCfg = config_get('authentication');
$gui->securityNotes = getSecurityNotes($db);
$gui->external_password_mgmt = 'LDAP' == $authCfg['method'] ? 1 : 0;
$gui->login_disabled = $gui->external_password_mgmt && !checkForLDAPExtension() ? 1 : 0;
$gui->user_self_signup = config_get('user_self_signup');
switch ($args->note) {
case 'expired':
if (!isset($_SESSION)) {
session_start();
}
session_unset();
session_destroy();
$gui->note = lang_get('session_expired');
$gui->reqURI = null;
break;
case 'first':
$gui->note = lang_get('your_first_login');
$gui->reqURI = null;
break;
case 'lost':
$gui->note = lang_get('passwd_lost');
$gui->reqURI = null;
break;
default:
$gui->note = lang_get('please_login');
break;
}
$gui->reqURI = $args->reqURI ? $args->reqURI : $args->preqURI;
return $gui;
}
/**
*
*
*/
function init_gui(&$db, $args)
{
$gui = new stdClass();
$secCfg = config_get('config_check_warning_frequence');
$gui->securityNotes = '';
if (strcmp($secCfg, 'ALWAYS') == 0 || strcmp($secCfg, 'ONCE_FOR_SESSION') == 0 && !isset($_SESSION['getSecurityNotesDone'])) {
$_SESSION['getSecurityNotesDone'] = 1;
$gui->securityNotes = getSecurityNotes($db);
}
$gui->authCfg = config_get('authentication');
$gui->user_self_signup = config_get('user_self_signup');
$gui->external_password_mgmt = false;
$gui->login_disabled = 'LDAP' == $gui->authCfg['method'] && !checkForLDAPExtension() ? 1 : 0;
switch ($args->note) {
case 'expired':
if (!isset($_SESSION)) {
session_start();
}
session_unset();
session_destroy();
$gui->note = lang_get('session_expired');
$gui->reqURI = null;
break;
case 'first':
$gui->note = lang_get('your_first_login');
$gui->reqURI = null;
break;
case 'lost':
$gui->note = lang_get('passwd_lost');
$gui->reqURI = null;
break;
default:
$gui->note = lang_get('please_login');
break;
}
$gui->reqURI = $args->reqURI ? $args->reqURI : $args->preqURI;
$gui->destination = $args->destination;
return $gui;
}
