private function initialize() { $config = CRM_Core_Config::singleton(); if (isset($config->customTemplateDir) && $config->customTemplateDir) { $this->template_dir = array_merge(array($config->customTemplateDir), $config->templateDir); } else { $this->template_dir = $config->templateDir; } $this->compile_dir = CRM_Utils_File::addTrailingSlash(CRM_Utils_File::addTrailingSlash($config->templateCompileDir) . $this->getLocale()); CRM_Utils_File::createDir($this->compile_dir); CRM_Utils_File::restrictAccess($this->compile_dir); // check and ensure it is writable // else we sometime suppress errors quietly and this results // in blank emails etc if (!is_writable($this->compile_dir)) { echo "CiviCRM does not have permission to write temp files in {$this->compile_dir}, Exiting"; exit; } //Check for safe mode CRM-2207 if (ini_get('safe_mode')) { $this->use_sub_dirs = FALSE; } else { $this->use_sub_dirs = TRUE; } $customPluginsDir = NULL; if (isset($config->customPHPPathDir)) { $customPluginsDir = $config->customPHPPathDir . DIRECTORY_SEPARATOR . 'CRM' . DIRECTORY_SEPARATOR . 'Core' . DIRECTORY_SEPARATOR . 'Smarty' . DIRECTORY_SEPARATOR . 'plugins' . DIRECTORY_SEPARATOR; if (!file_exists($customPluginsDir)) { $customPluginsDir = NULL; } } $smartyDir = dirname(dirname(__DIR__)) . DIRECTORY_SEPARATOR . 'packages' . DIRECTORY_SEPARATOR . 'Smarty' . DIRECTORY_SEPARATOR; $pluginsDir = __DIR__ . DIRECTORY_SEPARATOR . 'Smarty' . DIRECTORY_SEPARATOR . 'plugins' . DIRECTORY_SEPARATOR; if ($customPluginsDir) { $this->plugins_dir = array($customPluginsDir, $smartyDir . 'plugins', $pluginsDir); } else { $this->plugins_dir = array($smartyDir . 'plugins', $pluginsDir); } // add the session and the config here $session = CRM_Core_Session::singleton(); $this->assign_by_ref('config', $config); $this->assign_by_ref('session', $session); global $tsLocale; $this->assign('tsLocale', $tsLocale); // CRM-7163 hack: we don’t display langSwitch on upgrades anyway if (!CRM_Core_Config::isUpgradeMode()) { $this->assign('langSwitch', CRM_Core_I18n::languages(TRUE)); } $this->register_function('crmURL', array('CRM_Utils_System', 'crmURL')); $this->load_filter('pre', 'resetExtScope'); $this->assign('crmPermissions', new CRM_Core_Smarty_Permissions()); }
/** * This function includes the IDS vendor parts and runs the * detection routines on the request array. * * @param object cake controller object * @return boolean */ public function check(&$args) { // lets bypass a few civicrm urls from this check static $skip = array('civicrm/ajax', 'civicrm/admin/setting/updateConfigBackend', 'civicrm/admin/messageTemplates'); $path = implode('/', $args); if (in_array($path, $skip)) { return; } #add request url and user agent $_REQUEST['IDS_request_uri'] = $_SERVER['REQUEST_URI']; if (isset($_SERVER['HTTP_USER_AGENT'])) { $_REQUEST['IDS_user_agent'] = $_SERVER['HTTP_USER_AGENT']; } require_once 'IDS/Init.php'; // init the PHPIDS and pass the REQUEST array $config =& CRM_Core_Config::singleton(); $configFile = $config->configAndLogDir . 'Config.IDS.ini'; if (!file_exists($configFile)) { $tmpDir = empty($config->uploadDir) ? CIVICRM_TEMPLATE_COMPILEDIR : $config->uploadDir; // also clear the stat cache in case we are upgrading clearstatcache(); global $civicrm_root; $contents = "\n[General]\n filter_type = xml\n filter_path = {$civicrm_root}/packages/IDS/default_filter.xml\n tmp_path = {$tmpDir}\n HTML_Purifier_Path = IDS/vendors/htmlpurifier/HTMLPurifier.auto.php\n HTML_Purifier_Cache = {$tmpDir}\n scan_keys = false\n exceptions[] = __utmz\n exceptions[] = __utmc\n exceptions[] = widget_code\n exceptions[] = html_message\n exceptions[] = body_html\n exceptions[] = msg_html\n exceptions[] = msg_text\n exceptions[] = msg_subject\n exceptions[] = description\n html[] = intro\n html[] = thankyou_text\n html[] = intro_text\n html[] = body_text\n html[] = footer_text\n html[] = thankyou_text\n html[] = thankyou_footer\n html[] = thankyou_footer_text\n html[] = new_text\n html[] = renewal_text\n html[] = help_pre\n html[] = help_post\n html[] = confirm_title\n html[] = confirm_text\n html[] = confirm_footer_text\n html[] = confirm_email_text\n html[] = report_header\n html[] = report_footer\n html[] = data\n html[] = instructions\n"; if (file_put_contents($configFile, $contents) === false) { require_once 'CRM/Core/Error.php'; CRM_Core_Error::movedSiteError($configFile); } // also create the .htaccess file so we prevent the reading of the log and ini files // via a browser, CRM-3875 require_once 'CRM/Utils/File.php'; CRM_Utils_File::restrictAccess($config->configAndLogDir); } $init = IDS_Init::init($configFile); $ids = new IDS_Monitor($_REQUEST, $init); $result = $ids->run(); if (!$result->isEmpty()) { $this->react($result); } return true; }
/** * Set the default values. * in an empty db, also called when setting component using GUI * * @param array $defaults * Associated array of form elements. * @param bool $formMode * this variable is set true for GUI * mode (eg: Global setting >> Components) * */ public static function setValues(&$defaults, $formMode = FALSE) { $config = CRM_Core_Config::singleton(); $baseURL = $config->userFrameworkBaseURL; // CRM-6216: Drupal’s $baseURL might have a trailing LANGUAGE_NEGOTIATION_PATH, // which needs to be stripped before we start basing ResourceURL on it if ($config->userSystem->is_drupal) { global $language; if (isset($language->prefix) and $language->prefix) { if (substr($baseURL, -(strlen($language->prefix) + 1)) == $language->prefix . '/') { $baseURL = substr($baseURL, 0, -(strlen($language->prefix) + 1)); } } } $baseCMSURL = CRM_Utils_System::baseCMSURL(); if ($config->templateCompileDir) { $path = CRM_Utils_File::baseFilePath($config->templateCompileDir); } if (!isset($defaults['enableSSL'])) { $defaults['enableSSL'] = 0; } //set defaults if not set in db if (!isset($defaults['userFrameworkResourceURL'])) { if ($config->userFramework == 'Joomla') { $defaults['userFrameworkResourceURL'] = $baseURL . "components/com_civicrm/civicrm/"; } elseif ($config->userFramework == 'WordPress') { $defaults['userFrameworkResourceURL'] = $baseURL . "wp-content/plugins/civicrm/civicrm/"; } else { // Drupal setting // check and see if we are installed in sites/all (for D5 and above) // we dont use checkURL since drupal generates an error page and throws // the system for a loop on lobo's macosx box // or in modules global $civicrm_root; $cmsPath = $config->userSystem->cmsRootPath(); $defaults['userFrameworkResourceURL'] = $baseURL . str_replace("{$cmsPath}/", '', str_replace('\\', '/', $civicrm_root)); if (strpos($civicrm_root, DIRECTORY_SEPARATOR . 'sites' . DIRECTORY_SEPARATOR . 'all' . DIRECTORY_SEPARATOR . 'modules') === FALSE) { $startPos = strpos($civicrm_root, DIRECTORY_SEPARATOR . 'sites' . DIRECTORY_SEPARATOR); $endPos = strpos($civicrm_root, DIRECTORY_SEPARATOR . 'modules' . DIRECTORY_SEPARATOR); if ($startPos && $endPos) { // if component is in sites/SITENAME/modules $siteName = substr($civicrm_root, $startPos + 7, $endPos - $startPos - 7); $civicrmDirName = trim(basename($civicrm_root)); $defaults['userFrameworkResourceURL'] = $baseURL . "sites/{$siteName}/modules/{$civicrmDirName}/"; if (!isset($defaults['imageUploadURL'])) { $defaults['imageUploadURL'] = $baseURL . "sites/{$siteName}/files/civicrm/persist/contribute/"; } } } } } if (!isset($defaults['imageUploadURL'])) { if ($config->userFramework == 'Joomla') { // gross hack // we need to remove the administrator/ from the end $tempURL = str_replace("/administrator/", "/", $baseURL); $defaults['imageUploadURL'] = $tempURL . "media/civicrm/persist/contribute/"; } elseif ($config->userFramework == 'WordPress') { //for standalone no need of sites/defaults directory $defaults['imageUploadURL'] = $baseURL . "wp-content/plugins/files/civicrm/persist/contribute/"; } else { $defaults['imageUploadURL'] = $baseURL . "sites/default/files/civicrm/persist/contribute/"; } } if (!isset($defaults['imageUploadDir']) && is_dir($config->templateCompileDir)) { $imgDir = $path . "persist/contribute/"; CRM_Utils_File::createDir($imgDir); $defaults['imageUploadDir'] = $imgDir; } if (!isset($defaults['uploadDir']) && is_dir($config->templateCompileDir)) { $uploadDir = $path . "upload/"; CRM_Utils_File::createDir($uploadDir); CRM_Utils_File::restrictAccess($uploadDir); $defaults['uploadDir'] = $uploadDir; } if (!isset($defaults['customFileUploadDir']) && is_dir($config->templateCompileDir)) { $customDir = $path . "custom/"; CRM_Utils_File::createDir($customDir); CRM_Utils_File::restrictAccess($customDir); $defaults['customFileUploadDir'] = $customDir; } // FIXME: hack to bypass the step for generating defaults for components, // while running upgrade, to avoid any serious non-recoverable error // which might hinder the upgrade process. $args = array(); if (isset($_GET[$config->userFrameworkURLVar])) { $args = explode('/', $_GET[$config->userFrameworkURLVar]); } if (isset($defaults['enableComponents'])) { foreach ($defaults['enableComponents'] as $key => $name) { $comp = $config->componentRegistry->get($name); if ($comp) { $co = $comp->getConfigObject(); $co->setDefaults($defaults); } } } }
/** * Deletes the web server writable directories. * * @param int $value * 1: clean templates_c, 2: clean upload, 3: clean both * @param bool $rmdir */ public function cleanup($value, $rmdir = TRUE) { $value = (int) $value; if ($value & 1) { // clean templates_c CRM_Utils_File::cleanDir($this->templateCompileDir, $rmdir); CRM_Utils_File::createDir($this->templateCompileDir); } if ($value & 2) { // clean upload dir CRM_Utils_File::cleanDir($this->uploadDir); CRM_Utils_File::createDir($this->uploadDir); } // Whether we delete/create or simply preserve directories, we should // certainly make sure the restrictions are enforced. foreach (array($this->templateCompileDir, $this->uploadDir, $this->configAndLogDir, $this->customFileUploadDir) as $dir) { if ($dir && is_dir($dir)) { CRM_Utils_File::restrictAccess($dir); } } }
public function __get($k) { if (!isset($this->map[$k])) { throw new \CRM_Core_Exception("Cannot read unrecognized property CRM_Core_Config::\${$k}."); } if (isset($this->cache[$k])) { return $this->cache[$k]; } $type = $this->map[$k][0]; $name = isset($this->map[$k][1]) ? $this->map[$k][1] : $k; switch ($type) { case 'setting': return $this->getSettings()->get($name); case 'setting-path': // Array(0 => $type, 1 => $setting, 2 => $actions). $value = $this->getSettings()->get($name); $value = Civi::paths()->getPath($value); if ($value) { $value = CRM_Utils_File::addTrailingSlash($value); if (isset($this->map[$k][2]) && in_array('mkdir', $this->map[$k][2])) { CRM_Utils_File::createDir($value); } if (isset($this->map[$k][2]) && in_array('restrict', $this->map[$k][2])) { CRM_Utils_File::restrictAccess($value); } } $this->cache[$k] = $value; return $value; case 'setting-url-abs': $value = $this->getSettings()->get($name); $this->cache[$k] = Civi::paths()->getUrl($value, 'absolute'); return $this->cache[$k]; case 'setting-url-rel': $value = $this->getSettings()->get($name); $this->cache[$k] = Civi::paths()->getUrl($value, 'relative'); return $this->cache[$k]; case 'runtime': return \Civi\Core\Container::getBootService('runtime')->{$name}; case 'boot-svc': $this->cache[$k] = \Civi\Core\Container::getBootService($name); return $this->cache[$k]; case 'local': $this->initLocals(); return $this->locals[$name]; case 'user-system': $userSystem = \Civi\Core\Container::getBootService('userSystem'); $this->cache[$k] = call_user_func(array($userSystem, $name)); return $this->cache[$k]; case 'service': return \Civi::service($name); case 'callback': // Array(0 => $type, 1 => $obj, 2 => $getter, 3 => $setter, 4 => $unsetter). if (!isset($this->map[$k][1], $this->map[$k][2])) { throw new \CRM_Core_Exception("Cannot find getter for property CRM_Core_Config::\${$k}"); } return \Civi\Core\Resolver::singleton()->call(array($this->map[$k][1], $this->map[$k][2]), array($k)); default: throw new \CRM_Core_Exception("Cannot read property CRM_Core_Config::\${$k} ({$type})"); } }
/** * Create the default config file for the IDS system. * * @param bool $force * Should we recreate it irrespective if it exists or not. * * @return string * the full path to the config file */ public static function createConfigFile($force = FALSE) { $config = CRM_Core_Config::singleton(); $configFile = $config->configAndLogDir . 'Config.IDS.ini'; if (!$force && file_exists($configFile)) { return $configFile; } $tmpDir = empty($config->uploadDir) ? CIVICRM_TEMPLATE_COMPILEDIR : $config->uploadDir; // also clear the stat cache in case we are upgrading clearstatcache(); global $civicrm_root; $contents = "\n[General]\n filter_type = xml\n filter_path = {$civicrm_root}/packages/IDS/default_filter.xml\n tmp_path = {$tmpDir}\n HTML_Purifier_Path = IDS/vendors/htmlpurifier/HTMLPurifier.auto.php\n HTML_Purifier_Cache = {$tmpDir}\n scan_keys = false\n exceptions[] = __utmz\n exceptions[] = __utmc\n exceptions[] = widget_code\n exceptions[] = html_message\n exceptions[] = text_message\n exceptions[] = body_html\n exceptions[] = msg_html\n exceptions[] = msg_text\n exceptions[] = msg_subject\n exceptions[] = description\n exceptions[] = intro\n exceptions[] = thankyou_text\n exceptions[] = intro_text\n exceptions[] = body_text\n exceptions[] = footer_text\n exceptions[] = thankyou_text\n exceptions[] = tf_thankyou_text\n exceptions[] = thankyou_footer\n exceptions[] = thankyou_footer_text\n exceptions[] = new_text\n exceptions[] = renewal_text\n exceptions[] = help_pre\n exceptions[] = help_post\n exceptions[] = confirm_title\n exceptions[] = confirm_text\n exceptions[] = confirm_footer_text\n exceptions[] = confirm_email_text\n exceptions[] = report_header\n exceptions[] = report_footer\n exceptions[] = data\n exceptions[] = json\n exceptions[] = instructions\n exceptions[] = suggested_message\n exceptions[] = page_text\n"; if (file_put_contents($configFile, $contents) === FALSE) { CRM_Core_Error::movedSiteError($configFile); } // also create the .htaccess file so we prevent the reading of the log and ini files // via a browser, CRM-3875 CRM_Utils_File::restrictAccess($config->configAndLogDir); return $configFile; }
/** * @param bool $loadFromDB */ public function initialize($loadFromDB = TRUE) { if (!defined('CIVICRM_DSN') && $loadFromDB) { $this->fatal('You need to define CIVICRM_DSN in civicrm.settings.php'); } $this->dsn = defined('CIVICRM_DSN') ? CIVICRM_DSN : NULL; if (!defined('CIVICRM_TEMPLATE_COMPILEDIR') && $loadFromDB) { $this->fatal('You need to define CIVICRM_TEMPLATE_COMPILEDIR in civicrm.settings.php'); } if (defined('CIVICRM_TEMPLATE_COMPILEDIR')) { $this->configAndLogDir = CRM_Utils_File::baseFilePath() . 'ConfigAndLog' . DIRECTORY_SEPARATOR; CRM_Utils_File::createDir($this->configAndLogDir); CRM_Utils_File::restrictAccess($this->configAndLogDir); $this->templateCompileDir = defined('CIVICRM_TEMPLATE_COMPILEDIR') ? CRM_Utils_File::addTrailingSlash(CIVICRM_TEMPLATE_COMPILEDIR) : NULL; CRM_Utils_File::createDir($this->templateCompileDir); CRM_Utils_File::restrictAccess($this->templateCompileDir); } if (!defined('CIVICRM_UF')) { $this->fatal('You need to define CIVICRM_UF in civicrm.settings.php'); } $this->userFramework = CIVICRM_UF; $this->userFrameworkClass = 'CRM_Utils_System_' . CIVICRM_UF; $this->userHookClass = 'CRM_Utils_Hook_' . CIVICRM_UF; if (CIVICRM_UF == 'Joomla') { $this->userFrameworkURLVar = 'task'; } if (defined('CIVICRM_UF_DSN')) { $this->userFrameworkDSN = CIVICRM_UF_DSN; } // this is dynamically figured out in the civicrm.settings.php file if (defined('CIVICRM_CLEANURL')) { $this->cleanURL = CIVICRM_CLEANURL; } else { $this->cleanURL = 0; } $this->templateDir = array(dirname(dirname(dirname(__DIR__))) . DIRECTORY_SEPARATOR . 'templates' . DIRECTORY_SEPARATOR); $this->initialized = 1; }
/** * @param $rev */ public function upgrade_3_2_1($rev) { //CRM-6565 check if Activity Index is already exists or not. $addActivityTypeIndex = TRUE; $indexes = CRM_Core_DAO::executeQuery('SHOW INDEXES FROM civicrm_activity'); while ($indexes->fetch()) { if ($indexes->Key_name == 'UI_activity_type_id') { $addActivityTypeIndex = FALSE; } } // CRM-6563: restrict access to the upload dir, tighten access to the config-and-log dir $config = CRM_Core_Config::singleton(); CRM_Utils_File::restrictAccess($config->uploadDir); CRM_Utils_File::restrictAccess($config->configAndLogDir); $upgrade = new CRM_Upgrade_Form(); $upgrade->assign('addActivityTypeIndex', $addActivityTypeIndex); $upgrade->processSQL($rev); }
/** * delete the web server writable directories * * @param int $value 1 - clean templates_c, 2 - clean upload, 3 - clean both * * @access public * @return void */ public function cleanup($value, $rmdir = true) { $value = (int) $value; if ($value & 1) { // clean templates_c CRM_Utils_File::cleanDir($this->templateCompileDir, $rmdir); CRM_Utils_File::createDir($this->templateCompileDir); } if ($value & 2) { // clean upload dir CRM_Utils_File::cleanDir($this->uploadDir); CRM_Utils_File::createDir($this->uploadDir); CRM_Utils_File::restrictAccess($this->uploadDir); } }