Пример #1
0
/**
 * builds the security notes while checking some security issues
 * these notes should be displayed!
 *
 * @return array returns the security issues, or null if none found!
 * @author Andreas Morsing 
 *
 * @internal rev :
 **/
function getSecurityNotes(&$db)
{
    $repository['type'] = config_get('repositoryType');
    $repository['path'] = config_get('repositoryPath');
    $securityNotes = null;
    if (checkForInstallDir()) {
        $securityNotes[] = lang_get("sec_note_remove_install_dir");
    }
    $authCfg = config_get('authentication');
    if ('LDAP' == $authCfg['method']) {
        if (!checkForLDAPExtension()) {
            $securityNotes[] = lang_get("ldap_extension_not_loaded");
        }
    } else {
        if (checkForAdminDefaultPwd($db)) {
            $securityNotes[] = lang_get("sec_note_admin_default_pwd");
        }
    }
    if (!checkForBTSConnection()) {
        $securityNotes[] = lang_get("bts_connection_problems");
    }
    if ($repository['type'] == TL_REPOSITORY_TYPE_FS) {
        $ret = checkForRepositoryDir($repository['path']);
        if (!$ret['status_ok']) {
            $securityNotes[] = $ret['msg'];
        }
    }
    // Needed when schemas change has been done.
    // This call can be removed when release is stable
    $res = checkSchemaVersion($db);
    $msg = $res['msg'];
    if ($msg != "") {
        $securityNotes[] = $msg;
    }
    $msg = checkEmailConfig();
    if (!is_null($msg)) {
        foreach ($msg as $detail) {
            $securityNotes[] = $detail;
        }
    }
    checkForExtensions($securityNotes);
    if (!is_null($securityNotes)) {
        $user_feedback = config_get('config_check_warning_mode');
        switch ($user_feedback) {
            case 'SCREEN':
                break;
            case 'FILE':
            case 'SILENT':
                $warnings = '';
                $filename = config_get('log_path') . 'config_check.txt';
                if (@($handle = fopen($filename, 'w'))) {
                    $warnings = implode("\n", $securityNotes);
                    @fwrite($handle, $warnings);
                    @fclose($handle);
                }
                $securityNotes = null;
                if ($user_feedback == 'FILE') {
                    $securityNotes[] = sprintf(lang_get('config_check_warnings'), $filename);
                }
                break;
        }
    }
    return $securityNotes;
}
Пример #2
0
//
session_start();
$username = $_SESSION['loggedin_username'];
$password = $_SESSION['loggedin_password'];
$isloggedin = $_SESSION['isloggedin'];
if (!$isloggedin or $password == "") {
    header("Location: ..");
    exit;
    // this is only exit to redirect to loginform, when not logged in.
}
if (PHP_VERSION < 5.2) {
    die("PHP 5.2 or greater is required!!!");
}
define('APP_ROOT', dirname(__FILE__));
require_once './includes/common_functions.php';
checkForExtensions();
$error = Error::singleton();
if (!is_readable('/etc/phpsysinfo/config.php')) {
    $error->addError('file_exists(/etc/phpsysinfo/config.php)', '/etc/phpsysinfo/config.php does not exist or is not readable by the webserver in the phpsysinfo directory.');
} else {
    require_once '/etc/phpsysinfo/config.php';
    // get the config file
}
if ($error->ErrorsExist()) {
    echo $error->ErrorsAsHTML();
    exit;
}
//redirection part
include './includes/redir.php';
//checking config.php setting for template, if not supportet set phpsysinfo.css as default
$template = template;