public function testInstall($args) { if (isset($_SERVER['APPLICATION_ENV']) && $_SERVER['APPLICATION_ENV'] != 'production') { if (true !== function_exists('\\password_hash')) { echo 'native password_* functions not available' . PHP_EOL; } else { \PasswordCompat\binary\check() ? $test = "Pass" : ($test = "Fail"); if ("Fail" == $test) { echo 'Test for functionality of compat library: ' . $test . '<br>' . PHP_EOL . ' see https://github.com/ircmaxell/password_compat <br>' . PHP_EOL . ' phpversion [' . phpversion() . ']<br> '; echo "\n"; } } } return; }
<?php require "libs/password.php"; echo "Test for functionality of compat library: " . (PasswordCompat\binary\check() ? "Pass" : "Fail"); echo "\n";
/** * show Libraries information in system information * * @since version 0.84 **/ static function showLibrariesInformation() { // No gettext echo "<tr class='tab_bg_2'><th>Libraries</th></tr>\n"; echo "<tr class='tab_bg_1'><td><pre>\n \n"; include_once GLPI_HTMLAWED; echo "htmLawed version " . hl_version() . " in (" . realpath(dirname(GLPI_HTMLAWED)) . ")\n"; include GLPI_PHPCAS; echo "phpCas version " . phpCAS::getVersion() . " in (" . (dirname(GLPI_PHPCAS) ? realpath(dirname(GLPI_PHPCAS)) : "system") . ")\n"; require_once GLPI_PHPMAILER_DIR . "/class.phpmailer.php"; $pm = new PHPMailer(); echo "PHPMailer version " . $pm->Version . " in (" . realpath(GLPI_PHPMAILER_DIR) . ")\n"; // EZ component echo "ZetaComponent ezcGraph installed in (" . dirname(dirname(GLPI_EZC_BASE)) . "): " . (class_exists('ezcGraph') ? 'OK' : 'KO') . "\n"; // Zend $zv = new Zend\Version\Version(); echo "Zend Framework version " . $zv::VERSION . " in (" . realpath(GLPI_ZEND_PATH) . ")\n"; // SimplePie : $sp = new SimplePie(); echo "SimplePie version " . SIMPLEPIE_VERSION . " in (" . realpath(GLPI_SIMPLEPIE_PATH) . ")\n"; // TCPDF include_once GLPI_TCPDF_DIR . '/include/tcpdf_static.php'; echo "TCPDF version " . TCPDF_STATIC::getTCPDFVersion() . " in (" . realpath(GLPI_TCPDF_DIR) . ")\n"; // password_compat require_once GLPI_PASSWORD_COMPAT; $check = PasswordCompat\binary\check() ? "Ok" : "KO"; echo "ircmaxell/password-compat in (" . realpath(dirname(GLPI_PASSWORD_COMPAT)) . "). Compatitility: {$check}\n"; echo "\n</pre></td></tr>"; }
/** * Checks to ensure the runtime environment meets all of the requirements to run the software * and returns an array of ServerCheck objects * * @return ServerCheck[] results of each server check */ public static function checkRequirements() { $checks = []; // PHP version $check = new ServerCheck("PHP"); if (!defined('PHP_VERSION_ID') || PHP_VERSION_ID < 50400) { $check->status = ServerCheck::FAILURE; $check->message = phpversion() . ". Requires PHP >= 5.4.0"; } else { $check->status = ServerCheck::SUCCESS; $check->message = phpversion(); } $checks[] = $check; // Check password_* function support $check = new ServerCheck("Password Hashing"); if (PHP_VERSION_ID >= 50500) { $check->status = ServerCheck::SUCCESS; $check->message = "Natively Supported"; } else { if (\PasswordCompat\binary\check()) { $check->status = ServerCheck::SUCCESS; $check->message = "Supported via password_compat Library"; } else { $check->status = ServerCheck::FAILURE; $check->message = "Not Supported! Requires PHP >= 5.3.7, DO NOT CONTINUE WITHOUT UPGRADING!"; } } $checks[] = $check; // Check PHP MySQL extension $check = new ServerCheck("PHP MySQL"); if (extension_loaded("mysql")) { $check->status = ServerCheck::SUCCESS; $check->message = "Extension Loaded"; } else { $check->status = ServerCheck::FAILURE; $check->message = "Please install the PHP5 MySQL extension before continuing"; } $checks[] = $check; // Check MySQL server $check = new ServerCheck("MySQL Server"); if (Database::getConnection()->getAttribute(PDO::ATTR_SERVER_VERSION)) { $check->status = ServerCheck::SUCCESS; $check->message = Database::getConnection()->getAttribute(PDO::ATTR_SERVER_VERSION); } else { $check->status = ServerCheck::FAILURE; $check->message = "Please install MySQL Server before continuing"; } $checks[] = $check; // Check cache directory writable $check = new ServerCheck("Cache Directory"); if (is_writable(__DIR__ . "/../cache")) { $check->status = ServerCheck::SUCCESS; $check->message = "Writable"; } else { $check->status = ServerCheck::FAILURE; $check->message = "Not Writable, CHMOD/CHOWN the /cache folder before continuing"; } $checks[] = $check; // Check install directory writable $check = new ServerCheck("Install Directory"); if (is_writable(__DIR__ . "/../install")) { $check->status = ServerCheck::SUCCESS; $check->message = "Writable"; } else { $check->status = ServerCheck::FAILURE; $check->message = "Not Writable, CHMOD/CHOWN the /install folder before continuing"; } $checks[] = $check; return $checks; }
// not rely on PHP sessions). switch ($fieldname) { // some of the fields get special treatment case 'name': // name: convert it to lower case $q_string .= "&{$fieldname}=" . urlencode($values[$fieldname]); $values[$fieldname] = utf8_strtolower($values[$fieldname]); break; case 'password_hash': // password: if the password field is blank it means // that the user doesn't want to change the password // so don't do anything; otherwise calculate the hash. // Note: we don't put the password in the query string // for security reasons. if (!empty($password0)) { if (PasswordCompat\binary\check()) { $hash = password_hash($password0, PASSWORD_DEFAULT); } else { $hash = md5($password0); } $values[$fieldname] = $hash; } break; case 'level': // level: set a safe default (lowest level of access) // if there is no value set $q_string .= "&{$fieldname}=" . $values[$fieldname]; if (!isset($values[$fieldname])) { $values[$fieldname] = 0; } // Check that we are not trying to upgrade our level. This shouldn't be possible
/** * show Libraries information in system information * * @since version 0.84 **/ static function showLibrariesInformation() { // No gettext echo "<tr class='tab_bg_2'><th>Libraries</th></tr>\n"; echo "<tr class='tab_bg_1'><td><pre>\n \n"; include_once GLPI_HTMLAWED; echo "htmLawed version " . hl_version() . " in (" . self::getLibraryDir("hl_version") . ")\n"; echo "phpCas version " . phpCAS::getVersion() . " in (" . (self::getLibraryDir("phpCAS") ? self::getLibraryDir("phpCAS") : "system") . ")\n"; $pm = new PHPMailer(); echo "PHPMailer version " . $pm->Version . " in (" . self::getLibraryDir("PHPMailer") . ")\n"; // EZ component echo "ZetaComponent ezcGraph installed in (" . self::getLibraryDir("ezcGraph") . "): " . (class_exists('ezcGraph') ? 'OK' : 'KO') . "\n"; // Zend echo "Zend Framework in (" . self::getLibraryDir("Zend\\Loader\\StandardAutoloader") . ")\n"; // SimplePie : $sp = new SimplePie(); echo "SimplePie version " . SIMPLEPIE_VERSION . " in (" . self::getLibraryDir($sp) . ")\n"; // TCPDF echo "TCPDF version " . TCPDF_STATIC::getTCPDFVersion() . " in (" . self::getLibraryDir("TCPDF") . ")\n"; // password_compat $check = PasswordCompat\binary\check() ? "Ok" : "KO"; echo "ircmaxell/password-compat in (" . self::getLibraryDir("PasswordCompat\\binary\\check") . "). Compatitility: {$check}\n"; // autolink echo "iacaml/autolink in (" . self::getLibraryDir("autolink") . ")\n"; // sabre/vobject echo "sabre/vobject in (" . self::getLibraryDir("Sabre\\VObject\\Component") . ")\n"; // vcard echo "guzzlehttp/guzzle in (" . self::getLibraryDir("JeroenDesloovere\\VCard\\VCard") . ")\n"; echo "\n</pre></td></tr>"; }
/** * Common Checks needed to use GLPI * * @return 2 : creation error 1 : delete error 0: OK **/ static function commonCheckForUseGLPI() { global $CFG_GLPI; $error = 0; // Title echo "<tr><th>" . __('Test done') . "</th><th >" . __('Results') . "</th></tr>"; // Parser test echo "<tr class='tab_bg_1'><td class='b left'>" . __('Testing PHP Parser') . "</td>"; // PHP Version - exclude PHP3, PHP 4 and zend.ze1 compatibility if (version_compare(PHP_VERSION, '5.3.0') >= 0) { // PHP > 5.3 ok, now check PHP zend.ze1_compatibility_mode if (ini_get("zend.ze1_compatibility_mode") == 1) { $error = 2; echo "<td class='red'>\n <img src='" . $CFG_GLPI['root_doc'] . "/pics/ko_min.png'>" . __('GLPI is not compatible with the option zend.ze1_compatibility_mode = On.') . "</td>"; } else { echo "<td><img src='" . $CFG_GLPI['root_doc'] . "/pics/ok_min.png' alt=\"" . __s('PHP version is at least 5.3.0 - Perfect!') . "\"\n title=\"" . __s('PHP version is at least 5.3.0 - Perfect!') . "\"></td>"; } } else { // PHP <5 $error = 2; echo "<td class='red'>\n <img src='" . $CFG_GLPI['root_doc'] . "/pics/ko_min.png'>" . __('You must install at least PHP 5.3.0.') . "</td>"; } echo "</tr>"; // Check for mysql extension ni php echo "<tr class='tab_bg_1'><td class='left b'>" . __('MySQL Improved extension test') . "</td>"; if (class_exists("mysqli")) { echo "<td><img src='" . $CFG_GLPI['root_doc'] . "/pics/ok_min.png'\n alt=\"" . __s('Ok - the MySQLi class exist - Perfect!') . "\"\n title=\"" . __s('Ok - the MySQLi class exist - Perfect!') . "\"></td>"; } else { echo "<td class='red'>"; echo "<img src='" . $CFG_GLPI['root_doc'] . "/pics/ko_min.png'>" . __('You must install the MySQL Improved extension for PHP.') . "</td>"; $error = 2; } echo "</tr>"; // session test echo "<tr class='tab_bg_1'><td class='b left'>" . __('Sessions test') . "</td>"; // check whether session are enabled at all!! if (!extension_loaded('session')) { $error = 2; echo "<td class='red b'>" . __('Your parser PHP is not installed with sessions support!') . "</td>"; } else { if (isset($_SESSION["Test_session_GLPI"]) && $_SESSION["Test_session_GLPI"] == 1 || isset($_SESSION["glpi_currenttime"])) { // From Update echo "<td><img src='" . $CFG_GLPI['root_doc'] . "/pics/ok_min.png' alt=\"" . __s('Sessions support is available - Perfect!') . "\" title=\"" . __s('Sessions support is available - Perfect!') . "\"></td>"; } else { if ($error != 2) { echo "<td class='red'>"; echo "<img src='" . $CFG_GLPI['root_doc'] . "/pics/warning_min.png'>" . __('Make sure that sessions support has been activated in your php.ini') . "</td>"; $error = 1; } } } echo "</tr>"; // Test for session auto_start if (ini_get('session.auto_start') == 1) { echo "<tr class='tab_bg_1'><td class='b'>" . __('Test session auto start') . "</td>"; echo "<td class='red'>"; echo "<img src='" . $CFG_GLPI['root_doc'] . "/pics/ko_min.png'>" . __('session.auto_start is activated. See .htaccess file in the GLPI root for more information.') . "</td></tr>"; $error = 2; } // Test for option session use trans_id loaded or not. echo "<tr class='tab_bg_1'>"; echo "<td class='left b'>" . __('Test if Session_use_trans_sid is used') . "</td>"; if (isset($_POST[session_name()]) || isset($_GET[session_name()])) { echo "<td class='red'>"; echo "<img src='" . $CFG_GLPI['root_doc'] . "/pics/ko_min.png'>" . __('You must desactivate the Session_use_trans_id option in your php.ini') . "</td>"; $error = 2; } else { echo "<td><img src='" . $CFG_GLPI['root_doc'] . "/pics/ok_min.png' alt=\"" . __s('Ok - the sessions works (no problem with trans_id) - Perfect!') . "\" title=\"" . __s('Ok - the sessions works (no problem with trans_id) - Perfect!') . "\"></td>"; } echo "</tr>"; // Test for sybase extension loaded or not. echo "<tr class='tab_bg_1'>"; echo "<td class='left b'>" . __('magic_quotes_sybase extension test') . "</td>"; if (ini_get('magic_quotes_sybase')) { echo "<td class='red'>"; echo "<img src='" . $CFG_GLPI['root_doc'] . "/pics/ko_min.png'>" . __('GLPI does not work with the magic_quotes_sybase option. Please turn it off and retry') . "</td>"; $error = 2; } else { echo "<td><img src='" . $CFG_GLPI['root_doc'] . "/pics/ok_min.png' alt=\"" . __s("The magic_quotes_sybase option isn't active on your server - Perfect!") . "\" title=\"" . __s("The magic_quotes_sybase option isn't active on your server - Perfect!") . "\"></td>"; } echo "</tr>"; // Test for ctype extension loaded or not (forhtmlawed) echo "<tr class='tab_bg_1'><td class='left b'>" . __('Test ctype functions') . "</td>"; if (!function_exists('ctype_digit')) { echo "<td><img src='" . $CFG_GLPI['root_doc'] . "/pics/ko_min.png'>" . __("GLPI can't work correctly without the ctype functions") . "></td>"; $error = 2; } else { echo "<td><img src='" . $CFG_GLPI['root_doc'] . "/pics/ok_min.png' alt=\"" . __s('The functionality is found - Perfect!') . "\" title=\"" . __s('The functionality is found - Perfect!') . "\"></td>"; } echo "</tr>"; // Test for fileinfo extension loaded or not echo "<tr class='tab_bg_1'><td class='left b'>" . __('Fileinfo extension test') . "</td>"; if (!class_exists('finfo')) { echo "<td><img src='" . $CFG_GLPI['root_doc'] . "/pics/ko_min.png'>" . __("Fileinfo extension of your parser PHP is not installed") . "</td>"; $error = 2; } else { echo "<td><img src='" . $CFG_GLPI['root_doc'] . "/pics/ok_min.png' alt=\"" . __s('The functionality is found - Perfect!') . "\" title=\"" . __s('The functionality is found - Perfect!') . "\"></td>"; } echo "</tr>"; // Test for json_encode function. echo "<tr class='tab_bg_1'><td class='left b'>" . __('Test json functions') . "</td>"; if (!function_exists('json_encode') || !function_exists('json_decode')) { echo "<td><img src='" . $CFG_GLPI['root_doc'] . "/pics/ko_min.png'>" . __("GLPI can't work correctly without the json_encode and json_decode functions") . "</td>"; $error = 2; } else { echo "<td><img src='" . $CFG_GLPI['root_doc'] . "/pics/ok_min.png' alt=\"" . __s('The functionality is found - Perfect!') . "\" title=\"" . __s('The functionality is found - Perfect!') . "\"></td>"; } echo "</tr>"; // Test for mbstring extension. echo "<tr class='tab_bg_1'><td class='left b'>" . __('Mbstring extension test') . "</td>"; if (!extension_loaded('mbstring')) { echo "<td><img src='" . $CFG_GLPI['root_doc'] . "/pics/ko_min.png'>" . __('Mbstring extension of your parser PHP is not installed') . "></td>"; $error = 2; } else { echo "<td><img src='" . $CFG_GLPI['root_doc'] . "/pics/ok_min.png' alt=\"" . __s('The functionality is found - Perfect!') . "\" title=\"" . __s('The functionality is found - Perfect!') . "\"></td>"; } echo "</tr>"; // Test for GD extension. echo "<tr class='tab_bg_1'><td class='left b'>" . __('GD extension test') . "</td>"; if (!extension_loaded('gd')) { echo "<td><img src='" . $CFG_GLPI['root_doc'] . "/pics/ko_min.png'>" . __('GD extension of your parser PHP is not installed') . "></td>"; $error = 2; } else { echo "<td><img src='" . $CFG_GLPI['root_doc'] . "/pics/ok_min.png' alt=\"" . __s('The functionality is found - Perfect!') . "\" title=\"" . __s('The functionality is found - Perfect!') . "\"></td>"; } echo "</tr>"; // Test for GD extension. echo "<tr class='tab_bg_1'><td class='left b'>" . __('Zlib extension test') . "</td>"; if (!extension_loaded('zlib')) { echo "<td><img src='" . $CFG_GLPI['root_doc'] . "/pics/ko_min.png'>" . __('Zlib extension of your parser PHP is not installed') . "></td>"; $error = 2; } else { echo "<td><img src='" . $CFG_GLPI['root_doc'] . "/pics/ok_min.png' alt=\"" . __s('The functionality is found - Perfect!') . "\" title=\"" . __s('The functionality is found - Perfect!') . "\"></td>"; } echo "</tr>"; // Test for Cryptographic extension. echo "<tr class='tab_bg_1'><td class='left b'>" . __('Cryptography test') . "</td>"; require_once GLPI_PASSWORD_COMPAT; if (PasswordCompat\binary\check()) { echo "<td><img src='" . $CFG_GLPI['root_doc'] . "/pics/ok_min.png' alt=\"" . __s('The functionality is found - Perfect!') . "\" title=\"" . __s('The functionality is found - Perfect!') . "\"></td>"; } else { echo "<td><img src='" . $CFG_GLPI['root_doc'] . "/pics/warning_min.png' alt=\"" . __s('PHP >= 5.3.7 recommended, with crypt extension') . "\" title=\"" . __s('PHP >= 5.3.7 recommended, with crypt extension') . "\"></td>"; $error = 1; } echo "</tr>"; // memory test echo "<tr class='tab_bg_1'><td class='left b'>" . __('Allocated memory test') . "</td>"; //Get memory limit $mem = self::getMemoryLimit(); switch (self::checkMemoryLimit()) { case 0: // memory_limit not compiled -> no memory limit // memory_limit not compiled -> no memory limit case 1: // memory_limit compiled and unlimited echo "<td><img src='" . $CFG_GLPI['root_doc'] . "/pics/ok_min.png' alt=\"" . __s('Unlimited memory - Perfect!') . "\" title=\"" . __s('Unlimited memory - Perfect!') . "\"></td>"; break; case 2: //Insufficient memory $showmem = $mem / 1048576; echo "<td class='red'><img src='" . $CFG_GLPI['root_doc'] . "/pics/ko_min.png'>" . "<span class='b'>" . sprintf(__('%1$s: %2$s'), __('Allocated memory'), sprintf(__('%1$s %2$s'), $showmem, __('Mio'))) . "</span>" . "<br>" . __('A minimum of 64Mio is commonly required for GLPI.') . "<br>" . __('Try increasing the memory_limit parameter in the php.ini file.') . "</td>"; $error = 2; break; case 3: //Got enough memory, going to the next step echo "<td><img src='" . $CFG_GLPI['root_doc'] . "/pics/ok_min.png' alt=\"" . __s('Allocated memory > 64Mio - Perfect!') . "\" title=\"" . __s('Allocated memory > 64Mio - Perfect!') . "\"></td>"; break; } echo "</tr>"; $suberr = Config::checkWriteAccessToDirs(); if ($suberr > $error) { $error = $suberr; } $suberr = self::checkSELinux(); if ($suberr > $error) { $error = $suberr; } return $error; }
/** * Compute the hash for a password * * @since version 0.85 * * @param $pass string * * @return string **/ static function getPasswordHash($pass) { if (PasswordCompat\binary\check()) { return password_hash($pass, PASSWORD_DEFAULT); } $salt = sprintf("%08x", mt_rand()); return $salt . sha1($salt . $pass); }