X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=src%2Fconfigtest.php;h=4362b32df65eec615918ae18ba4c4d9721918f24;hb=62fb877bb399fb7ae74231f16df5abd6c80094ce;hp=acf0a3a2f767393beaf701bef6e2fd1a419f1e3b;hpb=65efa9821218829082c7e0c68705f782d10172bb;p=squirrelmail.git

diff --git a/src/configtest.php b/src/configtest.php
index acf0a3a2..4362b32d 100644
--- a/src/configtest.php
+++ b/src/configtest.php
@@ -3,7 +3,7 @@
 /**
  * SquirrelMail configtest script
  *
- * @copyright &copy; 2003-2006 The SquirrelMail Project Team
+ * @copyright &copy; 2003-2007 The SquirrelMail Project Team
  * @license http://opensource.org/licenses/gpl-license.php GNU Public License
  * @version $Id$
  * @package squirrelmail
@@ -17,8 +17,54 @@
 
 // This script could really use some restructuring as it has grown quite rapidly
 // but is not very 'clean'. Feel free to get some structure into this thing.
-$warnings = 0;
 
+/** force verbose error reporting and turn on display of errors */
+error_reporting(E_ALL);
+ini_set('display_errors',1);
+
+/** Blockcopy from init.php. Cleans globals. */
+if ((bool) ini_get('register_globals') &&
+    strtolower(ini_get('register_globals'))!='off') {
+    /**
+     * Remove all globals that are not reserved by PHP
+     * 'value' and 'key' are used by foreach. Don't unset them inside foreach.
+     */
+    foreach ($GLOBALS as $key => $value) {
+        switch($key) {
+        case 'HTTP_POST_VARS':
+        case '_POST':
+        case 'HTTP_GET_VARS':
+        case '_GET':
+        case 'HTTP_COOKIE_VARS':
+        case '_COOKIE':
+        case 'HTTP_SERVER_VARS':
+        case '_SERVER':
+        case 'HTTP_ENV_VARS':
+        case '_ENV':
+        case 'HTTP_POST_FILES':
+        case '_FILES':
+        case '_REQUEST':
+        case 'HTTP_SESSION_VARS':
+        case '_SESSION':
+        case 'GLOBALS':
+        case 'key':
+        case 'value':
+            break;
+        default:
+            unset($GLOBALS[$key]);
+        }
+    }
+    // Unset variables used in foreach
+    unset($GLOBALS['key']);
+    unset($GLOBALS['value']);
+}
+
+
+/**
+ * Displays error messages and warnings
+ * @param string $str message
+ * @param boolean $fatal fatal error or only warning
+ */
 function do_err($str, $fatal = TRUE) {
     global $IND, $warnings;
     $level = $fatal ? 'FATAL ERROR:' : 'WARNING:';
@@ -31,26 +77,51 @@ function do_err($str, $fatal = TRUE) {
     }
 }
 
-$IND = str_repeat('&nbsp;',4);
-
 ob_implicit_flush();
 /** @ignore */
 define('SM_PATH', '../');
+/** load minimal function set */
+require(SM_PATH . 'functions/global.php');
+require(SM_PATH . 'functions/strings.php');
 
-/* set default value in order to block remote access to script */
+/** set default value in order to block remote access */
 $allow_remote_configtest=false;
 
-/*
- * Load config before output begins. functions/strings.php depends on
- * functions/globals.php. functions/global.php needs to be run before
- * any html output starts. If config.php is missing, error will be displayed
- * later.
- */
+/** Load all configuration files before output begins */
+
+/* load default configuration */
+require(SM_PATH . 'config/config_default.php');
+/* reset arrays in default configuration */
+$ldap_server = array();
+$plugins = array();
+$fontsets = array();
+$theme = array();
+$theme[0]['PATH'] = SM_PATH . 'themes/default_theme.php';
+$theme[0]['NAME'] = 'Default';
+$aTemplateSet = array();
+$aTemplateSet[0]['ID'] = 'default';
+$aTemplateSet[0]['NAME'] = 'Default';
+/* load site configuration */
 if (file_exists(SM_PATH . 'config/config.php')) {
-	require(SM_PATH . 'config/config.php');
+    require(SM_PATH . 'config/config.php');
 }
-require(SM_PATH . 'functions/global.php');
-require(SM_PATH . 'functions/strings.php');
+/* load local configuration overrides */
+if (file_exists(SM_PATH . 'config/config_local.php')) {
+    require(SM_PATH . 'config/config_local.php');
+}
+
+/** Load plugins */
+global $disable_plugins;
+$squirrelmail_plugin_hooks = array();
+if (!$disable_plugins && file_exists(SM_PATH . 'config/plugin_hooks.php')) {
+    require(SM_PATH . 'config/plugin_hooks.php');
+}
+
+/** Warning counter */
+$warnings = 0;
+
+/** indent */
+$IND = str_repeat('&nbsp;',4);
 
 /**
  * get_location starts session and must be run before output is started.
@@ -119,7 +190,7 @@ echo $IND . 'PHP version ' . PHP_VERSION . ' OK. (You have: ' . phpversion() . "
 /* test for boolean false and any string that is not equal to 'off' */
 if ((bool) ini_get('register_globals') && 
     strtolower(ini_get('register_globals'))!='off') {
-	do_err('You have register_globals turned on.  This is not an error, but it CAN be a security hazard.  Consider turning register_globals off.', false);
+    do_err('You have register_globals turned on.  This is not an error, but it CAN be a security hazard.  Consider turning register_globals off.', false);
 }
 $php_exts = array('session','pcre');
 $diff = array_diff($php_exts, get_loaded_extensions());
@@ -145,6 +216,21 @@ if (function_exists('mb_internal_encoding') &&
     do_err($mb_error);
 }
 
+/**
+ * Do not use SquirrelMail with magic_quotes_* on.
+ */
+if ( get_magic_quotes_runtime() || get_magic_quotes_gpc() ||
+    ( (bool) ini_get('magic_quotes_sybase') && ini_get('magic_quotes_sybase') != 'off' )
+    ) {
+    $magic_quotes_warning='You have enabled any one of <tt>magic_quotes_runtime</tt>, '
+        .'<tt>magic_quotes_gpc</tt> or <tt>magic_quotes_sybase</tt> in your PHP '
+        .'configuration. We recommend all those settings to be off. SquirrelMail '
+        .'may work with them on, but when experiencing stray backslashes in your mail '
+        .'or other strange behaviour, it may be advisable to turn them off.';
+    do_err($magic_quotes_warning,false);
+}
+
+
 /* checking paths */
 
 echo "Checking paths...<br />\n";
@@ -204,6 +290,9 @@ if($data_dir == $attachment_dir) {
 
 
 /* check plugins and themes */
+//FIXME: check requirements given in plugin _info() function, such
+//       as required PHP extensions, Pear packages, other plugins, SM version, etc
+//       see development docs for list of returned info from that function
 $bad_plugins = array(
         'attachment_common',      // Integrated into SquirrelMail 1.2 core
         'auto_prune_sent',        // Obsolete: See Proon Automatic Folder Pruning plugin
@@ -256,15 +345,14 @@ if (isset($plugins[0])) {
     ob_end_clean();
     // if plugins output more than newlines and spacing, stop script execution.
     if (!empty($output)) {
-        $plugin_load_error = 'Some output is produced when plugins are loaded.'
-            .' Usually it means error. Output said: '.htmlspecialchars($output);
+        $plugin_load_error = 'Some output is produced when plugins are loaded. Usually this means there is an error in one of the plugin setup or configuration files. The output was: '.htmlspecialchars($output);
         do_err($plugin_load_error);
     }
     /**
-     * Hook is added in 1.5.2. Plugins should print error message and return true
-     * if there is an error in plugin.
+     * This hook was added in 1.5.2 and 1.4.10. Each plugins should print an error 
+     * message and return TRUE if there are any errors in its setup/configuration.
      */
-    $plugin_err = boolean_hook_function('configtest');
+    $plugin_err = boolean_hook_function('configtest', $null, 1);
     if($plugin_err) {
         do_err('Some plugin tests failed.');
     } else {