private function initialize()
{
$config = CRM_Core_Config::singleton();
if (isset($config->customTemplateDir) && $config->customTemplateDir) {
$this->template_dir = array_merge(array($config->customTemplateDir), $config->templateDir);
} else {
$this->template_dir = $config->templateDir;
}
$this->compile_dir = CRM_Utils_File::addTrailingSlash(CRM_Utils_File::addTrailingSlash($config->templateCompileDir) . $this->getLocale());
CRM_Utils_File::createDir($this->compile_dir);
CRM_Utils_File::restrictAccess($this->compile_dir);
// check and ensure it is writable
// else we sometime suppress errors quietly and this results
// in blank emails etc
if (!is_writable($this->compile_dir)) {
echo "CiviCRM does not have permission to write temp files in {$this->compile_dir}, Exiting";
exit;
}
//Check for safe mode CRM-2207
if (ini_get('safe_mode')) {
$this->use_sub_dirs = FALSE;
} else {
$this->use_sub_dirs = TRUE;
}
$customPluginsDir = NULL;
if (isset($config->customPHPPathDir)) {
$customPluginsDir = $config->customPHPPathDir . DIRECTORY_SEPARATOR . 'CRM' . DIRECTORY_SEPARATOR . 'Core' . DIRECTORY_SEPARATOR . 'Smarty' . DIRECTORY_SEPARATOR . 'plugins' . DIRECTORY_SEPARATOR;
if (!file_exists($customPluginsDir)) {
$customPluginsDir = NULL;
}
}
$smartyDir = dirname(dirname(__DIR__)) . DIRECTORY_SEPARATOR . 'packages' . DIRECTORY_SEPARATOR . 'Smarty' . DIRECTORY_SEPARATOR;
$pluginsDir = __DIR__ . DIRECTORY_SEPARATOR . 'Smarty' . DIRECTORY_SEPARATOR . 'plugins' . DIRECTORY_SEPARATOR;
if ($customPluginsDir) {
$this->plugins_dir = array($customPluginsDir, $smartyDir . 'plugins', $pluginsDir);
} else {
$this->plugins_dir = array($smartyDir . 'plugins', $pluginsDir);
}
// add the session and the config here
$session = CRM_Core_Session::singleton();
$this->assign_by_ref('config', $config);
$this->assign_by_ref('session', $session);
global $tsLocale;
$this->assign('tsLocale', $tsLocale);
// CRM-7163 hack: we don’t display langSwitch on upgrades anyway
if (!CRM_Core_Config::isUpgradeMode()) {
$this->assign('langSwitch', CRM_Core_I18n::languages(TRUE));
}
$this->register_function('crmURL', array('CRM_Utils_System', 'crmURL'));
$this->load_filter('pre', 'resetExtScope');
$this->assign('crmPermissions', new CRM_Core_Smarty_Permissions());
}
/**
* This function includes the IDS vendor parts and runs the
* detection routines on the request array.
*
* @param object cake controller object
* @return boolean
*/
public function check(&$args)
{
// lets bypass a few civicrm urls from this check
static $skip = array('civicrm/ajax', 'civicrm/admin/setting/updateConfigBackend', 'civicrm/admin/messageTemplates');
$path = implode('/', $args);
if (in_array($path, $skip)) {
return;
}
#add request url and user agent
$_REQUEST['IDS_request_uri'] = $_SERVER['REQUEST_URI'];
if (isset($_SERVER['HTTP_USER_AGENT'])) {
$_REQUEST['IDS_user_agent'] = $_SERVER['HTTP_USER_AGENT'];
}
require_once 'IDS/Init.php';
// init the PHPIDS and pass the REQUEST array
$config =& CRM_Core_Config::singleton();
$configFile = $config->configAndLogDir . 'Config.IDS.ini';
if (!file_exists($configFile)) {
$tmpDir = empty($config->uploadDir) ? CIVICRM_TEMPLATE_COMPILEDIR : $config->uploadDir;
// also clear the stat cache in case we are upgrading
clearstatcache();
global $civicrm_root;
$contents = "\n[General]\n filter_type = xml\n filter_path = {$civicrm_root}/packages/IDS/default_filter.xml\n tmp_path = {$tmpDir}\n HTML_Purifier_Path = IDS/vendors/htmlpurifier/HTMLPurifier.auto.php\n HTML_Purifier_Cache = {$tmpDir}\n scan_keys = false\n exceptions[] = __utmz\n exceptions[] = __utmc\n exceptions[] = widget_code\n exceptions[] = html_message\n exceptions[] = body_html\n exceptions[] = msg_html\n exceptions[] = msg_text\n exceptions[] = msg_subject\n exceptions[] = description\n html[] = intro\n html[] = thankyou_text\n html[] = intro_text\n html[] = body_text\n html[] = footer_text\n html[] = thankyou_text\n html[] = thankyou_footer\n html[] = thankyou_footer_text\n html[] = new_text\n html[] = renewal_text\n html[] = help_pre\n html[] = help_post\n html[] = confirm_title\n html[] = confirm_text\n html[] = confirm_footer_text\n html[] = confirm_email_text\n html[] = report_header\n html[] = report_footer\n html[] = data\n html[] = instructions\n";
if (file_put_contents($configFile, $contents) === false) {
require_once 'CRM/Core/Error.php';
CRM_Core_Error::movedSiteError($configFile);
}
// also create the .htaccess file so we prevent the reading of the log and ini files
// via a browser, CRM-3875
require_once 'CRM/Utils/File.php';
CRM_Utils_File::restrictAccess($config->configAndLogDir);
}
$init = IDS_Init::init($configFile);
$ids = new IDS_Monitor($_REQUEST, $init);
$result = $ids->run();
if (!$result->isEmpty()) {
$this->react($result);
}
return true;
}
/**
* Set the default values.
* in an empty db, also called when setting component using GUI
*
* @param array $defaults
* Associated array of form elements.
* @param bool $formMode
* this variable is set true for GUI
* mode (eg: Global setting >> Components)
*
*/
public static function setValues(&$defaults, $formMode = FALSE)
{
$config = CRM_Core_Config::singleton();
$baseURL = $config->userFrameworkBaseURL;
// CRM-6216: Drupal’s $baseURL might have a trailing LANGUAGE_NEGOTIATION_PATH,
// which needs to be stripped before we start basing ResourceURL on it
if ($config->userSystem->is_drupal) {
global $language;
if (isset($language->prefix) and $language->prefix) {
if (substr($baseURL, -(strlen($language->prefix) + 1)) == $language->prefix . '/') {
$baseURL = substr($baseURL, 0, -(strlen($language->prefix) + 1));
}
}
}
$baseCMSURL = CRM_Utils_System::baseCMSURL();
if ($config->templateCompileDir) {
$path = CRM_Utils_File::baseFilePath($config->templateCompileDir);
}
if (!isset($defaults['enableSSL'])) {
$defaults['enableSSL'] = 0;
}
//set defaults if not set in db
if (!isset($defaults['userFrameworkResourceURL'])) {
if ($config->userFramework == 'Joomla') {
$defaults['userFrameworkResourceURL'] = $baseURL . "components/com_civicrm/civicrm/";
} elseif ($config->userFramework == 'WordPress') {
$defaults['userFrameworkResourceURL'] = $baseURL . "wp-content/plugins/civicrm/civicrm/";
} else {
// Drupal setting
// check and see if we are installed in sites/all (for D5 and above)
// we dont use checkURL since drupal generates an error page and throws
// the system for a loop on lobo's macosx box
// or in modules
global $civicrm_root;
$cmsPath = $config->userSystem->cmsRootPath();
$defaults['userFrameworkResourceURL'] = $baseURL . str_replace("{$cmsPath}/", '', str_replace('\\', '/', $civicrm_root));
if (strpos($civicrm_root, DIRECTORY_SEPARATOR . 'sites' . DIRECTORY_SEPARATOR . 'all' . DIRECTORY_SEPARATOR . 'modules') === FALSE) {
$startPos = strpos($civicrm_root, DIRECTORY_SEPARATOR . 'sites' . DIRECTORY_SEPARATOR);
$endPos = strpos($civicrm_root, DIRECTORY_SEPARATOR . 'modules' . DIRECTORY_SEPARATOR);
if ($startPos && $endPos) {
// if component is in sites/SITENAME/modules
$siteName = substr($civicrm_root, $startPos + 7, $endPos - $startPos - 7);
$civicrmDirName = trim(basename($civicrm_root));
$defaults['userFrameworkResourceURL'] = $baseURL . "sites/{$siteName}/modules/{$civicrmDirName}/";
if (!isset($defaults['imageUploadURL'])) {
$defaults['imageUploadURL'] = $baseURL . "sites/{$siteName}/files/civicrm/persist/contribute/";
}
}
}
}
}
if (!isset($defaults['imageUploadURL'])) {
if ($config->userFramework == 'Joomla') {
// gross hack
// we need to remove the administrator/ from the end
$tempURL = str_replace("/administrator/", "/", $baseURL);
$defaults['imageUploadURL'] = $tempURL . "media/civicrm/persist/contribute/";
} elseif ($config->userFramework == 'WordPress') {
//for standalone no need of sites/defaults directory
$defaults['imageUploadURL'] = $baseURL . "wp-content/plugins/files/civicrm/persist/contribute/";
} else {
$defaults['imageUploadURL'] = $baseURL . "sites/default/files/civicrm/persist/contribute/";
}
}
if (!isset($defaults['imageUploadDir']) && is_dir($config->templateCompileDir)) {
$imgDir = $path . "persist/contribute/";
CRM_Utils_File::createDir($imgDir);
$defaults['imageUploadDir'] = $imgDir;
}
if (!isset($defaults['uploadDir']) && is_dir($config->templateCompileDir)) {
$uploadDir = $path . "upload/";
CRM_Utils_File::createDir($uploadDir);
CRM_Utils_File::restrictAccess($uploadDir);
$defaults['uploadDir'] = $uploadDir;
}
if (!isset($defaults['customFileUploadDir']) && is_dir($config->templateCompileDir)) {
$customDir = $path . "custom/";
CRM_Utils_File::createDir($customDir);
CRM_Utils_File::restrictAccess($customDir);
$defaults['customFileUploadDir'] = $customDir;
}
// FIXME: hack to bypass the step for generating defaults for components,
// while running upgrade, to avoid any serious non-recoverable error
// which might hinder the upgrade process.
$args = array();
if (isset($_GET[$config->userFrameworkURLVar])) {
$args = explode('/', $_GET[$config->userFrameworkURLVar]);
}
if (isset($defaults['enableComponents'])) {
foreach ($defaults['enableComponents'] as $key => $name) {
$comp = $config->componentRegistry->get($name);
if ($comp) {
$co = $comp->getConfigObject();
$co->setDefaults($defaults);
}
}
}
}
/**
* Deletes the web server writable directories.
*
* @param int $value
* 1: clean templates_c, 2: clean upload, 3: clean both
* @param bool $rmdir
*/
public function cleanup($value, $rmdir = TRUE)
{
$value = (int) $value;
if ($value & 1) {
// clean templates_c
CRM_Utils_File::cleanDir($this->templateCompileDir, $rmdir);
CRM_Utils_File::createDir($this->templateCompileDir);
}
if ($value & 2) {
// clean upload dir
CRM_Utils_File::cleanDir($this->uploadDir);
CRM_Utils_File::createDir($this->uploadDir);
}
// Whether we delete/create or simply preserve directories, we should
// certainly make sure the restrictions are enforced.
foreach (array($this->templateCompileDir, $this->uploadDir, $this->configAndLogDir, $this->customFileUploadDir) as $dir) {
if ($dir && is_dir($dir)) {
CRM_Utils_File::restrictAccess($dir);
}
}
}
public function __get($k)
{
if (!isset($this->map[$k])) {
throw new \CRM_Core_Exception("Cannot read unrecognized property CRM_Core_Config::\${$k}.");
}
if (isset($this->cache[$k])) {
return $this->cache[$k];
}
$type = $this->map[$k][0];
$name = isset($this->map[$k][1]) ? $this->map[$k][1] : $k;
switch ($type) {
case 'setting':
return $this->getSettings()->get($name);
case 'setting-path':
// Array(0 => $type, 1 => $setting, 2 => $actions).
$value = $this->getSettings()->get($name);
$value = Civi::paths()->getPath($value);
if ($value) {
$value = CRM_Utils_File::addTrailingSlash($value);
if (isset($this->map[$k][2]) && in_array('mkdir', $this->map[$k][2])) {
CRM_Utils_File::createDir($value);
}
if (isset($this->map[$k][2]) && in_array('restrict', $this->map[$k][2])) {
CRM_Utils_File::restrictAccess($value);
}
}
$this->cache[$k] = $value;
return $value;
case 'setting-url-abs':
$value = $this->getSettings()->get($name);
$this->cache[$k] = Civi::paths()->getUrl($value, 'absolute');
return $this->cache[$k];
case 'setting-url-rel':
$value = $this->getSettings()->get($name);
$this->cache[$k] = Civi::paths()->getUrl($value, 'relative');
return $this->cache[$k];
case 'runtime':
return \Civi\Core\Container::getBootService('runtime')->{$name};
case 'boot-svc':
$this->cache[$k] = \Civi\Core\Container::getBootService($name);
return $this->cache[$k];
case 'local':
$this->initLocals();
return $this->locals[$name];
case 'user-system':
$userSystem = \Civi\Core\Container::getBootService('userSystem');
$this->cache[$k] = call_user_func(array($userSystem, $name));
return $this->cache[$k];
case 'service':
return \Civi::service($name);
case 'callback':
// Array(0 => $type, 1 => $obj, 2 => $getter, 3 => $setter, 4 => $unsetter).
if (!isset($this->map[$k][1], $this->map[$k][2])) {
throw new \CRM_Core_Exception("Cannot find getter for property CRM_Core_Config::\${$k}");
}
return \Civi\Core\Resolver::singleton()->call(array($this->map[$k][1], $this->map[$k][2]), array($k));
default:
throw new \CRM_Core_Exception("Cannot read property CRM_Core_Config::\${$k} ({$type})");
}
}
/**
* Create the default config file for the IDS system.
*
* @param bool $force
* Should we recreate it irrespective if it exists or not.
*
* @return string
* the full path to the config file
*/
public static function createConfigFile($force = FALSE)
{
$config = CRM_Core_Config::singleton();
$configFile = $config->configAndLogDir . 'Config.IDS.ini';
if (!$force && file_exists($configFile)) {
return $configFile;
}
$tmpDir = empty($config->uploadDir) ? CIVICRM_TEMPLATE_COMPILEDIR : $config->uploadDir;
// also clear the stat cache in case we are upgrading
clearstatcache();
global $civicrm_root;
$contents = "\n[General]\n filter_type = xml\n filter_path = {$civicrm_root}/packages/IDS/default_filter.xml\n tmp_path = {$tmpDir}\n HTML_Purifier_Path = IDS/vendors/htmlpurifier/HTMLPurifier.auto.php\n HTML_Purifier_Cache = {$tmpDir}\n scan_keys = false\n exceptions[] = __utmz\n exceptions[] = __utmc\n exceptions[] = widget_code\n exceptions[] = html_message\n exceptions[] = text_message\n exceptions[] = body_html\n exceptions[] = msg_html\n exceptions[] = msg_text\n exceptions[] = msg_subject\n exceptions[] = description\n exceptions[] = intro\n exceptions[] = thankyou_text\n exceptions[] = intro_text\n exceptions[] = body_text\n exceptions[] = footer_text\n exceptions[] = thankyou_text\n exceptions[] = tf_thankyou_text\n exceptions[] = thankyou_footer\n exceptions[] = thankyou_footer_text\n exceptions[] = new_text\n exceptions[] = renewal_text\n exceptions[] = help_pre\n exceptions[] = help_post\n exceptions[] = confirm_title\n exceptions[] = confirm_text\n exceptions[] = confirm_footer_text\n exceptions[] = confirm_email_text\n exceptions[] = report_header\n exceptions[] = report_footer\n exceptions[] = data\n exceptions[] = json\n exceptions[] = instructions\n exceptions[] = suggested_message\n exceptions[] = page_text\n";
if (file_put_contents($configFile, $contents) === FALSE) {
CRM_Core_Error::movedSiteError($configFile);
}
// also create the .htaccess file so we prevent the reading of the log and ini files
// via a browser, CRM-3875
CRM_Utils_File::restrictAccess($config->configAndLogDir);
return $configFile;
}
/**
* @param bool $loadFromDB
*/
public function initialize($loadFromDB = TRUE)
{
if (!defined('CIVICRM_DSN') && $loadFromDB) {
$this->fatal('You need to define CIVICRM_DSN in civicrm.settings.php');
}
$this->dsn = defined('CIVICRM_DSN') ? CIVICRM_DSN : NULL;
if (!defined('CIVICRM_TEMPLATE_COMPILEDIR') && $loadFromDB) {
$this->fatal('You need to define CIVICRM_TEMPLATE_COMPILEDIR in civicrm.settings.php');
}
if (defined('CIVICRM_TEMPLATE_COMPILEDIR')) {
$this->configAndLogDir = CRM_Utils_File::baseFilePath() . 'ConfigAndLog' . DIRECTORY_SEPARATOR;
CRM_Utils_File::createDir($this->configAndLogDir);
CRM_Utils_File::restrictAccess($this->configAndLogDir);
$this->templateCompileDir = defined('CIVICRM_TEMPLATE_COMPILEDIR') ? CRM_Utils_File::addTrailingSlash(CIVICRM_TEMPLATE_COMPILEDIR) : NULL;
CRM_Utils_File::createDir($this->templateCompileDir);
CRM_Utils_File::restrictAccess($this->templateCompileDir);
}
if (!defined('CIVICRM_UF')) {
$this->fatal('You need to define CIVICRM_UF in civicrm.settings.php');
}
$this->userFramework = CIVICRM_UF;
$this->userFrameworkClass = 'CRM_Utils_System_' . CIVICRM_UF;
$this->userHookClass = 'CRM_Utils_Hook_' . CIVICRM_UF;
if (CIVICRM_UF == 'Joomla') {
$this->userFrameworkURLVar = 'task';
}
if (defined('CIVICRM_UF_DSN')) {
$this->userFrameworkDSN = CIVICRM_UF_DSN;
}
// this is dynamically figured out in the civicrm.settings.php file
if (defined('CIVICRM_CLEANURL')) {
$this->cleanURL = CIVICRM_CLEANURL;
} else {
$this->cleanURL = 0;
}
$this->templateDir = array(dirname(dirname(dirname(__DIR__))) . DIRECTORY_SEPARATOR . 'templates' . DIRECTORY_SEPARATOR);
$this->initialized = 1;
}
/**
* @param $rev
*/
public function upgrade_3_2_1($rev)
{
//CRM-6565 check if Activity Index is already exists or not.
$addActivityTypeIndex = TRUE;
$indexes = CRM_Core_DAO::executeQuery('SHOW INDEXES FROM civicrm_activity');
while ($indexes->fetch()) {
if ($indexes->Key_name == 'UI_activity_type_id') {
$addActivityTypeIndex = FALSE;
}
}
// CRM-6563: restrict access to the upload dir, tighten access to the config-and-log dir
$config = CRM_Core_Config::singleton();
CRM_Utils_File::restrictAccess($config->uploadDir);
CRM_Utils_File::restrictAccess($config->configAndLogDir);
$upgrade = new CRM_Upgrade_Form();
$upgrade->assign('addActivityTypeIndex', $addActivityTypeIndex);
$upgrade->processSQL($rev);
}
/**
* delete the web server writable directories
*
* @param int $value 1 - clean templates_c, 2 - clean upload, 3 - clean both
*
* @access public
* @return void
*/
public function cleanup($value, $rmdir = true)
{
$value = (int) $value;
if ($value & 1) {
// clean templates_c
CRM_Utils_File::cleanDir($this->templateCompileDir, $rmdir);
CRM_Utils_File::createDir($this->templateCompileDir);
}
if ($value & 2) {
// clean upload dir
CRM_Utils_File::cleanDir($this->uploadDir);
CRM_Utils_File::createDir($this->uploadDir);
CRM_Utils_File::restrictAccess($this->uploadDir);
}
}
