/** * builds the security notes while checking some security issues * these notes should be displayed! * * @return array returns the security issues, or null if none found! * @author Andreas Morsing * * @internal rev : **/ function getSecurityNotes(&$db) { $repository['type'] = config_get('repositoryType'); $repository['path'] = config_get('repositoryPath'); $securityNotes = null; if (checkForInstallDir()) { $securityNotes[] = lang_get("sec_note_remove_install_dir"); } $authCfg = config_get('authentication'); if ('LDAP' == $authCfg['method']) { if (!checkForLDAPExtension()) { $securityNotes[] = lang_get("ldap_extension_not_loaded"); } } else { if (checkForAdminDefaultPwd($db)) { $securityNotes[] = lang_get("sec_note_admin_default_pwd"); } } if (!checkForBTSConnection()) { $securityNotes[] = lang_get("bts_connection_problems"); } if ($repository['type'] == TL_REPOSITORY_TYPE_FS) { $ret = checkForRepositoryDir($repository['path']); if (!$ret['status_ok']) { $securityNotes[] = $ret['msg']; } } // Needed when schemas change has been done. // This call can be removed when release is stable $res = checkSchemaVersion($db); $msg = $res['msg']; if ($msg != "") { $securityNotes[] = $msg; } $msg = checkEmailConfig(); if (!is_null($msg)) { foreach ($msg as $detail) { $securityNotes[] = $detail; } } checkForExtensions($securityNotes); if (!is_null($securityNotes)) { $user_feedback = config_get('config_check_warning_mode'); switch ($user_feedback) { case 'SCREEN': break; case 'FILE': case 'SILENT': $warnings = ''; $filename = config_get('log_path') . 'config_check.txt'; if (@($handle = fopen($filename, 'w'))) { $warnings = implode("\n", $securityNotes); @fwrite($handle, $warnings); @fclose($handle); } $securityNotes = null; if ($user_feedback == 'FILE') { $securityNotes[] = sprintf(lang_get('config_check_warnings'), $filename); } break; } } return $securityNotes; }
// session_start(); $username = $_SESSION['loggedin_username']; $password = $_SESSION['loggedin_password']; $isloggedin = $_SESSION['isloggedin']; if (!$isloggedin or $password == "") { header("Location: .."); exit; // this is only exit to redirect to loginform, when not logged in. } if (PHP_VERSION < 5.2) { die("PHP 5.2 or greater is required!!!"); } define('APP_ROOT', dirname(__FILE__)); require_once './includes/common_functions.php'; checkForExtensions(); $error = Error::singleton(); if (!is_readable('/etc/phpsysinfo/config.php')) { $error->addError('file_exists(/etc/phpsysinfo/config.php)', '/etc/phpsysinfo/config.php does not exist or is not readable by the webserver in the phpsysinfo directory.'); } else { require_once '/etc/phpsysinfo/config.php'; // get the config file } if ($error->ErrorsExist()) { echo $error->ErrorsAsHTML(); exit; } //redirection part include './includes/redir.php'; //checking config.php setting for template, if not supportet set phpsysinfo.css as default $template = template;