/** * handler for JSON api requests * * @return JSON */ public function handle() { try { // init server and request first $server = new Zend_Json_Server(); $server->setClass('Setup_Frontend_Json', 'Setup'); $server->setClass('Tinebase_Frontend_Json', 'Tinebase'); $server->setAutoHandleExceptions(false); $server->setAutoEmitResponse(false); $request = new Zend_Json_Server_Request_Http(); Setup_Core::initFramework(); $method = $request->getMethod(); $jsonKey = isset($_SERVER['HTTP_X_TINE20_JSONKEY']) ? $_SERVER['HTTP_X_TINE20_JSONKEY'] : ''; Tinebase_Core::getLogger()->info(__METHOD__ . '::' . __LINE__ . ' is JSON request. method: ' . $method); $anonymnousMethods = array('Setup.getAllRegistryData', 'Setup.login', 'Tinebase.getAvailableTranslations', 'Tinebase.getTranslations', 'Tinebase.setLocale'); if (!Setup_Core::configFileExists()) { $anonymnousMethods = array_merge($anonymnousMethods, array('Setup.envCheck')); } // check json key for all methods but some exceptoins if (!in_array($method, $anonymnousMethods) && Setup_Core::configFileExists() && (empty($jsonKey) || $jsonKey != Setup_Core::get('jsonKey') || !Setup_Core::isRegistered(Setup_Core::USER))) { if (!Setup_Core::isRegistered(Setup_Core::USER)) { Setup_Core::getLogger()->INFO(__METHOD__ . '::' . __LINE__ . ' Attempt to request a privileged Json-API method without authorisation from "' . $_SERVER['REMOTE_ADDR'] . '". (session timeout?)'); throw new Tinebase_Exception_AccessDenied('Not Authorised', 401); } else { Setup_Core::getLogger()->WARN(__METHOD__ . '::' . __LINE__ . ' Fatal: got wrong json key! (' . $jsonKey . ') Possible CSRF attempt!' . ' affected account: ' . print_r(Setup_Core::getUser(), true) . ' request: ' . print_r($_REQUEST, true)); throw new Tinebase_Exception_AccessDenied('Not Authorised', 401); } } $response = $server->handle($request); } catch (Exception $exception) { $response = $this->_handleException($server, $request, $exception); } echo $response; }
/** * download config as config file * * @param array $data */ public function downloadConfig($data) { if (!Setup_Core::configFileExists() || Setup_Core::isRegistered(Setup_Core::USER)) { $data = Zend_Json::decode($data, Zend_Json::TYPE_ARRAY); $tmpFile = tempnam(Tinebase_Core::getTempDir(), 'tine20_'); Setup_Controller::getInstance()->writeConfigToFile($data, TRUE, $tmpFile); $configData = file_get_contents($tmpFile); unlink($tmpFile); header("Pragma: public"); header("Cache-Control: max-age=0"); header("Content-Disposition: attachment; filename=config.inc.php"); header("Content-Description: PHP File"); header("Content-type: text/plain"); die($configData); } }
/** * checks the environment * * @return array with success/failure values for the given attributes * */ private function _check() { foreach ($this->values as $key => $value) { if ($value['tag'] == 'ENVIROMENT') { switch ($value['attributes']['NAME']) { case 'Zend': $required = $value['attributes']['VERSION']; $zend = Zend_Version::VERSION; $operator = $value['attributes']['OPERATOR'] == 'biggerThan' ? '>' : '<'; $text = $value['attributes']['NAME'] . ' ' . $operator . ' ' . $required; if (version_compare($zend, $required, $operator)) { $data[] = array($text, 'SUCCESS'); } else { $data[] = array($text . ' (version is ' . $zend . ')', 'FAILURE'); } break; case 'PHP': if (version_compare($value['attributes']['VERSION'], phpversion(), '<=')) { $data[] = array($value['attributes']['NAME'], 'SUCCESS'); } else { Setup_Core::getLogger()->warn(__METHOD__ . '::' . __LINE__ . ' PHP version incompatible: ' . phpversion() . ' < ' . $value['attributes']['VERSION']); $data[] = array($value['attributes']['NAME'], 'FAILURE'); } break; case 'MySQL': // get setup controller for database connection if (Setup_Core::configFileExists()) { $dbConfig = Tinebase_Core::getConfig()->database; $hostnameWithPort = isset($dbConfig->port) ? $dbConfig->host . ':' . $dbConfig->port : $dbConfig->host; $link = @mysql_connect($hostnameWithPort, $dbConfig->username, $dbConfig->password); if (!$link) { //die('Could not connect to mysql database: ' . mysql_error()); Setup_Core::getLogger()->warn(__METHOD__ . '::' . __LINE__ . 'Could not connect to mysql database: ' . mysql_error()); Setup_Core::set(Setup_Core::CHECKDB, FALSE); } $mysqlVersion = @mysql_get_server_info(); } else { $mysqlVersion = @mysql_get_client_info(); } // some version strings have more than just the version preg_match('/\\d+\\.\\d+\\.\\d+/', $mysqlVersion, $matches); $mysqlVersion = is_array($matches) ? $matches[0] : $mysqlVersion; $text = $value['attributes']['NAME']; if (version_compare($value['attributes']['VERSION'], $mysqlVersion, '<=')) { $data[] = array($text, 'SUCCESS'); } else { Setup_Core::getLogger()->warn(__METHOD__ . '::' . __LINE__ . ' MySQL version incompatible: ' . $mysqlVersion . ' < ' . $value['attributes']['VERSION']); $data[] = array($text, 'FAILURE'); } break; case 'PgSQL': $pgsqlVersion = '0.0.0'; // get setup controller for database connection if (Setup_Core::configFileExists()) { $dbConfig = Tinebase_Core::getConfig()->database; $hostname = $dbConfig->host; $port = isset($dbConfig->port) ? $dbConfig->port : '5432'; $user = $dbConfig->username; $password = $dbConfig->password; $link = @pg_connect("host={$hostname} port={$port} user={$user} password={$password}"); if (PGSQL_CONNECTION_BAD === pg_connection_status($link)) { //die('Could not connect to postgresql database: ' . pg_errormessage()); Setup_Core::getLogger()->warn(__METHOD__ . '::' . __LINE__ . 'Could not connect to postgresql database: ' . pg_errormessage()); Setup_Core::set(Setup_Core::CHECKDB, FALSE); } else { $pgsqlVersion = @pg_version($link); $pgsqlVersion = $pgsqlVersion['server']; } } $text = $value['attributes']['NAME']; if (version_compare($value['attributes']['VERSION'], $pgsqlVersion, '<=')) { $data[] = array($text, 'SUCCESS'); } else { Setup_Core::getLogger()->warn(__METHOD__ . '::' . __LINE__ . ' PostgreSQL version incompatible: ' . $pgsqlVersion . ' < ' . $value['attributes']['VERSION']); $data[] = array($text, 'FAILURE'); } break; default: $data[] = array($value['attributes']['NAME'], 'FAILURE'); break; } } else { if ($value['tag'] == 'EXTENSION') { //print_r($this->loadedExtensions); foreach ($value as $extensionArray) { if (is_array($extensionArray)) { $succeeded = false; if (in_array($extensionArray['NAME'], $this->loadedExtensions)) { $passed[] = true; if ($this->values[$key + 1]['tag'] == 'INISET') { $iniSettings = ini_get_all($extensionArray['NAME']); //print_r($iniSettings); $i = 1; while ($values[$key + $i]['tag'] == 'INISET') { switch ($values[$key + $i]['attributes']['OPERATOR']) { case '<=': if (!$iniSettings[$values[$key + $i]['attributes']['NAME']][$values[$key + $i]['attributes']['SCOPE']] <= $values[$key + $i]['attributes']['VALUE']) { $passed[] = false; } break; case '==': if (!$iniSettings[$values[$key + $i]['attributes']['NAME']][$values[$key + $i]['attributes']['SCOPE']] == $values[$key + $i]['attributes']['VALUE']) { $passed[] = false; } break; case '>=': if (!$iniSettings[$values[$key + $i]['attributes']['NAME']][$values[$key + $i]['attributes']['SCOPE']] >= $values[$key + $i]['attributes']['VALUE']) { $passed[] = false; } break; default: break; } $i++; } } // end INISET if (!in_array(false, $passed)) { $succeeded = true; } unset($passed); unset($iniSettings); } if ($succeeded) { $data[] = array($extensionArray['NAME'], 'SUCCESS'); } else { $data[] = array($extensionArray['NAME'], 'FAILURE'); } } } } } // end EXTENSION } // end foreach return $data; }
public function testConfigFilesExists() { $this->assertTrue(Setup_Core::configFileExists()); }
/** * save data to config file * * @param array $_data * @param boolean $_merge */ public function saveConfigData($_data, $_merge = TRUE) { if (!empty($_data['setupuser']['password']) && !Setup_Auth::isMd5($_data['setupuser']['password'])) { $password = $_data['setupuser']['password']; $_data['setupuser']['password'] = md5($_data['setupuser']['password']); } if (Setup_Core::configFileExists() && !Setup_Core::configFileWritable()) { throw new Setup_Exception('Config File is not writeable.'); } if (Setup_Core::configFileExists()) { $doLogin = FALSE; $filename = Setup_Core::getConfigFilePath(); } else { $doLogin = TRUE; $filename = dirname(__FILE__) . '/../config.inc.php'; } $config = $this->writeConfigToFile($_data, $_merge, $filename); Setup_Core::set(Setup_Core::CONFIG, $config); Setup_Core::setupLogger(); if ($doLogin && isset($password)) { Tinebase_Core::getLogger()->info(__METHOD__ . '::' . __LINE__ . ' Create session for setup user ' . $_data['setupuser']['username']); $this->login($_data['setupuser']['username'], $password); } }
/** * Returns registry data of setup * . * @see Tinebase_Application_Json_Abstract * * @return mixed array 'variable name' => 'data' * * @todo add 'titlePostfix' => Tinebase_Config::getInstance()->getConfig(Tinebase_Config::PAGETITLEPOSTFIX, NULL, '')->value here? */ public function getRegistryData() { // anonymous registry $registryData = array('configExists' => Setup_Core::configFileExists(), 'version' => array('buildType' => TINE20_BUILDTYPE, 'codeName' => TINE20SETUP_CODENAME, 'packageString' => TINE20SETUP_PACKAGESTRING, 'releaseTime' => TINE20SETUP_RELEASETIME), 'authenticationData' => $this->loadAuthenticationData()); // authenticated or non existent config if (!Setup_Core::configFileExists() || Setup_Core::isRegistered(Setup_Core::USER)) { $registryData = array_merge($registryData, $this->checkConfig()); $registryData = array_merge($registryData, array('acceptedTermsVersion' => !empty($registryData['checkDB']) && $this->_controller->isInstalled('Tinebase') ? Setup_Controller::getInstance()->getAcceptedTerms() : 0, 'setupChecks' => $this->envCheck(), 'configData' => $this->loadConfig(), 'emailData' => !empty($registryData['checkDB']) && $this->_controller->isInstalled('Tinebase') ? $this->getEmailConfig() : array(), 'messengerData' => !empty($registryData['checkDB']) && $this->_controller->isInstalled('Tinebase') ? $this->getMessengerConfig() : array())); } // if setup user is logged in if (Setup_Core::isRegistered(Setup_Core::USER)) { $registryData += array('currentAccount' => Setup_Core::getUser()); } return $registryData; }