/**
* SquirrelMail configtest script
*
- * @copyright © 2003-2007 The SquirrelMail Project Team
+ * @copyright 2003-2020 The SquirrelMail Project Team
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
* @version $Id$
* @package squirrelmail
* If it throws errors you need to adjust your config. *
************************************************************/
+/** This is the configtest page */
+define('PAGE_NAME', 'configtest');
+
// This script could really use some restructuring as it has grown quite rapidly
// but is not very 'clean'. Feel free to get some structure into this thing.
-/** force verbose error reporting and turn on display of errors */
+// force verbose error reporting and turn on display of errors, but not before
+// getting their original values
+$php_display_errors_original_value = ini_get('display_errors');
+$php_error_reporting_original_value = ini_get('error_reporting');
error_reporting(E_ALL);
ini_set('display_errors',1);
require(SM_PATH . 'include/constants.php');
require(SM_PATH . 'functions/global.php');
require(SM_PATH . 'functions/strings.php');
+require(SM_PATH . 'functions/files.php');
$SQM_INTERNAL_VERSION = explode('.', SM_VERSION, 3);
$SQM_INTERNAL_VERSION[2] = intval($SQM_INTERNAL_VERSION[2]);
require(SM_PATH . 'config/config_local.php');
}
+sqGetGlobalVar('REMOTE_ADDR',$client_ip,SQ_SERVER);
+sqGetGlobalVar('SERVER_ADDR',$server_ip,SQ_SERVER);
+
+/**
+ * Include Compatibility plugin if available.
+ */
+if (!$disable_plugins && file_exists(SM_PATH . 'plugins/compatibility/functions.php'))
+ include_once(SM_PATH . 'plugins/compatibility/functions.php');
+
/** Load plugins */
global $disable_plugins;
$squirrelmail_plugin_hooks = array();
/* Block remote use of script */
if (! $allow_remote_configtest) {
- sqGetGlobalVar('REMOTE_ADDR',$client_ip,SQ_SERVER);
- sqGetGlobalVar('SERVER_ADDR',$server_ip,SQ_SERVER);
if ((! isset($client_ip) || $client_ip!='127.0.0.1') &&
(! isset($client_ip) || ! isset($server_ip) || $client_ip!=$server_ip)) {
echo $IND . 'PHP version ' . PHP_VERSION . ' OK. (You have: ' . phpversion() . ". Minimum: 4.1.0)<br />\n";
+// try to determine information about the user and group the web server is running as
+//
+$webOwnerID = 'N/A';
+$webOwnerInfo = array('name' => 'N/A');
+if (function_exists('posix_getuid'))
+ $webOwnerID = posix_getuid();
+if ($webOwnerID === FALSE)
+ $webOwnerID = 'N/A';
+if ($webOwnerID !== 'N/A' && function_exists('posix_getpwuid'))
+ $webOwnerInfo = posix_getpwuid($webOwnerID);
+if (!$webOwnerInfo)
+ $webOwnerInfo = array('name' => 'N/A');
+$webGroupID = 'N/A';
+$webGroupInfo = array('name' => 'N/A');
+if (function_exists('posix_getgid'))
+ $webGroupID = posix_getgid();
+if ($webGroupID === FALSE)
+ $webGroupID = 'N/A';
+if ($webGroupID !== 'N/A' && function_exists('posix_getgrgid'))
+ $webGroupInfo = posix_getgrgid($webGroupID);
+if (!$webGroupInfo)
+ $webGroupInfo = array('name' => 'N/A');
+
+echo $IND . 'Running as ' . $webOwnerInfo['name'] . '(' . $webOwnerID
+ . ') / ' . $webGroupInfo['name'] . '(' . $webGroupID . ")<br />\n";
+
+echo $IND . 'display_errors: ' . $php_display_errors_original_value . " (overridden with 1 for this page only)<br />\n";
+
+echo $IND . 'error_reporting: ' . $php_error_reporting_original_value . " (overridden with " . E_ALL . " for this page only)<br />\n";
+
+$safe_mode = ini_get('safe_mode');
+if ($safe_mode) {
+ //FIXME: should show that safe_mode is off when it is (this only shows the safe_mode setting when it's on) (also might be generally helpful to show things like open_basedir, too or even add phpinfo() output or a link to another script that has phpinfo()
+ echo $IND . 'safe_mode: ' . $safe_mode;
+ if (empty($prefs_dsn) || empty($addrbook_dsn))
+ echo ' (<font color="red">double check data and attachment directory ownership, etc!</font>)';
+ if (!empty($addrbook_dsn) || !empty($prefs_dsn) || !empty($addrbook_global_dsn))
+ echo ' (<font color="red">does PHP have access to database interface?</font>)';
+ echo "<br />\n";
+ $safe_mode_exec_dir = ini_get('safe_mode_exec_dir');
+ echo $IND . 'safe_mode_exec_dir: ' . $safe_mode_exec_dir . "<br />\n";
+}
+
/* register_globals check: test for boolean false and any string that is not equal to 'off' */
-if ((bool) ini_get('register_globals') &&
+if ((bool) ini_get('register_globals') &&
strtolower(ini_get('register_globals'))!='off') {
- do_err('You have register_globals turned on. This is not an error, but it CAN be a security hazard. Consider turning register_globals off.', false);
+ do_err('You have register_globals turned on. This is not an error, but it CAN be a security hazard. Consider turning register_globals off.', false);
}
/* variables_order check */
-// FIXME(?): Hmm, how do we distinguish between when an ini setting is
-// not available (ini_set() returns empty string) and when
-// the administrator set the value to an empty string? The
-// latter is sure to be highly rare, so for now, just assume
-// that empty value means the setting isn't even available
-// (could also check PHP version when this setting was implemented)
-$variables_order = ini_get('variables_order');
-if (!empty($variables_order) && (strpos($variables_order, 'G') === FALSE
+// FIXME(?): Hmm, how do we distinguish between when an ini setting is not available (ini_set() returns empty string) and when the administrator set the value to an empty string? The latter is sure to be highly rare, so for now, just assume that empty value means the setting isn't even available (could also check PHP version when this setting was implemented) although, we'll also warn the user if it is empty, with a non-fatal error
+$variables_order = strtoupper(ini_get('variables_order'));
+if (empty($variables_order))
+ do_err('Your variables_order setting seems to be empty. Make sure it is undefined in any PHP ini files, .htaccess files, etc. and not specifically set to an empty value or SquirrelMail may not function correctly', false);
+else if (strpos($variables_order, 'G') === FALSE
|| strpos($variables_order, 'P') === FALSE
|| strpos($variables_order, 'C') === FALSE
- || strpos($variables_order, 'S') === FALSE)) {
- do_err('Your variables_order setting is insufficient for SquirrelMail to function. It needs at least "GPCS", but you have it set to "' . $variables_order . '"', true);
+ || strpos($variables_order, 'S') === FALSE) {
+ do_err('Your variables_order setting is insufficient for SquirrelMail to function. It needs at least "GPCS", but you have it set to "' . sm_encode_html_special_chars($variables_order) . '"', true);
} else {
echo $IND . "variables_order OK: $variables_order.<br />\n";
}
-/* gpc_order check */
+/* gpc_order check (removed from PHP as of v5.0) */
-// FIXME(?): Hmm, how do we distinguish between when an ini setting is
-// not available (ini_set() returns empty string) and when
-// the administrator set the value to an empty string? The
-// latter is sure to be highly rare, so for now, just assume
-// that empty value means the setting isn't even available
-// (could also check PHP version when this setting was implemented)
-$gpc_order = ini_get('gpc_order');
-if (!empty($gpc_order) && (strpos($gpc_order, 'G') === FALSE
- || strpos($gpc_order, 'P') === FALSE
- || strpos($gpc_order, 'C') === FALSE)) {
- do_err('Your gpc_order setting is insufficient for SquirrelMail to function. It needs to be set to "GPC", but you have it set to "' . $gpc_order . '"', true);
-} else {
- echo $IND . "gpc_order OK: $gpc_order.<br />\n";
+if (!check_php_version(5)) {
+ // FIXME(?): Hmm, how do we distinguish between when an ini setting is not available (ini_set() returns empty string) and when the administrator set the value to an empty string? The latter is sure to be highly rare, so for now, just assume that empty value means the setting isn't even available (could also check PHP version when this setting was implemented) although, we'll also warn the user if it is empty, with a non-fatal error
+ $gpc_order = strtoupper(ini_get('gpc_order'));
+ if (empty($gpc_order))
+ do_err('Your gpc_order setting seems to be empty. Make sure it is undefined in any PHP ini files, .htaccess files, etc. and not specifically set to an empty value or SquirrelMail may not function correctly', false);
+ else if (strpos($gpc_order, 'G') === FALSE
+ || strpos($gpc_order, 'P') === FALSE
+ || strpos($gpc_order, 'C') === FALSE) {
+ do_err('Your gpc_order setting is insufficient for SquirrelMail to function. It needs to be set to "GPC", but you have it set to "' . sm_encode_html_special_chars($gpc_order) . '"', true);
+ } else {
+ echo $IND . "gpc_order OK: $gpc_order.<br />\n";
+ }
}
do_err('Required PHP extensions missing: '.implode(', ',$diff) );
}
-echo $IND . "PHP extensions OK.<br />\n";
+echo $IND . "PHP extensions OK. Dynamic loading is ";
+
+if (!(bool)ini_get('enable_dl') || (bool)ini_get('safe_mode')) {
+ echo "disabled.<br />\n";
+} else {
+ echo "enabled.<br />\n";
+}
+
/* dangerous php settings */
/**
/**
* Do not use SquirrelMail with magic_quotes_* on.
*/
-if ( get_magic_quotes_runtime() || get_magic_quotes_gpc() ||
+if ( (function_exists('get_magic_quotes_runtime') && @get_magic_quotes_runtime()) ||
+ (function_exists('get_magic_quotes_gpc') && @get_magic_quotes_gpc()) ||
( (bool) ini_get('magic_quotes_sybase') && ini_get('magic_quotes_sybase') != 'off' )
) {
$magic_quotes_warning='You have enabled any one of <tt>magic_quotes_runtime</tt>, '
do_err($magic_quotes_warning,false);
}
+if (ini_get('short_open_tag') == 0) {
+ $short_open_tag_warning = 'You have configured PHP not to allow short tags '
+ . '(<tt>short_open_tag=off</tt>). This shouldn\'t be a problem with '
+ . 'SquirrelMail or any plugin coded coded according to the '
+ . 'SquirrelMail Coding Guidelines, but if you experience problems with '
+ . 'PHP code being displayed in some of the pages and changing setting '
+ . 'to "on" solves the problem, please file a bug report against the '
+ . 'failing plugin. The correct contact information is most likely '
+ . 'to be found in the plugin documentation.';
+ do_err($short_open_tag_warning, false);
+}
+
+
+/* check who the web server is running as if possible */
+
+if ($process_info = get_process_owner_info()) {
+ echo $IND . 'Web server is running as user: ' . $process_info['name'] . ' (' . $process_info['uid'] . ")<br />\n";
+ //echo $IND . 'Web server is running as effective user: ' . $process_info['ename'] . ' (' . $process_info['euid'] . ")<br />\n";
+ echo $IND . 'Web server is running as group: ' . $process_info['group'] . ' (' . $process_info['gid'] . ")<br />\n";
+ //echo $IND . 'Web server is running as effective group: ' . $process_info['egroup'] . ' (' . $process_info['egid'] . ")<br />\n";
+}
+
/* checking paths */
if(!file_exists($data_dir)) {
// data_dir is not that important in db_setups.
- if (isset($prefs_dsn) && ! empty($prefs_dsn)) {
+ if (!empty($prefs_dsn)) {
$data_dir_error = "Data dir ($data_dir) does not exist!\n";
echo $IND .'<font color="red"><b>ERROR:</b></font> ' . $data_dir_error;
} else {
}
// don't check if errors
if(!isset($data_dir_error) && !is_dir($data_dir)) {
- if (isset($prefs_dsn) && ! empty($prefs_dsn)) {
+ if (!empty($prefs_dsn)) {
$data_dir_error = "Data dir ($data_dir) is not a directory!\n";
echo $IND . '<font color="red"><b>ERROR:</b></font> ' . $data_dir_error;
} else {
}
}
// datadir should be executable - but no clean way to test on that
-if(!isset($data_dir_error) && !is_writable($data_dir)) {
- if (isset($prefs_dsn) && ! empty($prefs_dsn)) {
+if(!isset($data_dir_error) && !sq_is_writable($data_dir)) {
+ if (!empty($prefs_dsn)) {
$data_dir_error = "Data dir ($data_dir) is not writable!\n";
echo $IND . '<font color="red"><b>ERROR:</b></font> ' . $data_dir_error;
} else {
if (!is_dir($attachment_dir)) {
do_err("Attachment dir ($attachment_dir) is not a directory!");
}
- if (!is_writable($attachment_dir)) {
+ if (!sq_is_writable($attachment_dir)) {
do_err("I cannot write to attachment dir ($attachment_dir)!");
}
echo $IND . "Attachment dir OK.<br />\n";
echo "Checking plugins...<br />\n";
/* check plugins and themes */
-//FIXME: check requirements given in plugin _info() function, such
-// as required PHP extensions, Pear packages, other plugins, SM version, etc
-// see development docs for list of returned info from that function
+//FIXME: check requirements given in plugin _info() function, such as required PHP extensions, Pear packages, other plugins, SM version, etc see development docs for list of returned info from that function
+//FIXME: update this list with most recent contents of the Obsolete category - I think it has changed recently
$bad_plugins = array(
'attachment_common', // Integrated into SquirrelMail 1.2 core
'auto_prune_sent', // Obsolete: See Proon Automatic Folder Pruning plugin
if(!file_exists(SM_PATH .'plugins/'.$plugin)) {
do_err('You have enabled the <i>'.$plugin.'</i> plugin, but I cannot find it.', FALSE);
} elseif (!is_readable(SM_PATH .'plugins/'.$plugin.'/setup.php')) {
- do_err('You have enabled the <i>'.$plugin.'</i> plugin, but I cannot read its setup.php file.', FALSE);
+ do_err('You have enabled the <i>'.$plugin.'</i> plugin, but I cannot locate or read its setup.php file.', FALSE);
} elseif (in_array($plugin, $bad_plugins)) {
do_err('You have enabled the <i>'.$plugin.'</i> plugin, which causes problems with this version of SquirrelMail. Please check the ReleaseNotes or other documentation for more information.', false);
}
}
+
+
// load plugin functions
include_once(SM_PATH . 'functions/plugin.php');
+
// turn on output buffering in order to prevent output of new lines
ob_start();
foreach ($plugins as $name) {
use_plugin($name);
+
+ // get output and remove whitespace
+ $output = trim(ob_get_contents());
+
+ // if plugin outputs more than newlines and spacing, stop script execution.
+ if (!empty($output)) {
+ $plugin_load_error = 'Some output was produced when plugin <i>' . $name . '</i> was loaded. Usually this means there is an error in the plugin\'s setup or configuration file. The output was: '.sm_encode_html_special_chars($output);
+ do_err($plugin_load_error);
+ }
}
- // get output and remove whitespace
- $output = trim(ob_get_contents());
ob_end_clean();
- // if plugins output more than newlines and spacing, stop script execution.
- if (!empty($output)) {
- $plugin_load_error = 'Some output is produced when plugins are loaded. Usually this means there is an error in one of the plugin setup or configuration files. The output was: '.htmlspecialchars($output);
- do_err($plugin_load_error);
+
+
+ /**
+ * Check the contents of the static plugin hooks array file against
+ * the plugin setup file, which may have changed in an upgrade, etc.
+ * This helps remind admins to re-run the configuration utility when
+ * a plugin has been changed or upgraded.
+ */
+ $static_squirrelmail_plugin_hooks = $squirrelmail_plugin_hooks;
+ $squirrelmail_plugin_hooks = array();
+ foreach ($plugins as $name) {
+ $function = "squirrelmail_plugin_init_$name";
+ if (function_exists($function)) {
+ $function();
+
+ // now iterate through each hook and make sure the
+ // plugin is registered on the correct ones in the
+ // static plugin configuration file
+ //
+ foreach ($squirrelmail_plugin_hooks as $hook_name => $hooked_plugins)
+ foreach ($hooked_plugins as $hooked_plugin => $hooked_function)
+ if ($hooked_plugin == $name
+ && (empty($static_squirrelmail_plugin_hooks[$hook_name][$hooked_plugin])
+ || $static_squirrelmail_plugin_hooks[$hook_name][$hooked_plugin] != $hooked_function))
+ do_err('The plugin <i>' . $name . '</i> is supposed to be registered on the <i>' . $hook_name . '</i> hook, but it is not. You need to re-run the configuration utility and re-save your configuration file.', FALSE);
+ }
}
- /**
+ $squirrelmail_plugin_hooks = $static_squirrelmail_plugin_hooks;
+
+
+ /**
* Print plugin versions
*/
echo $IND . "Plugin versions...<br />\n";
foreach ($plugins as $name) {
$plugin_version = get_plugin_version($name);
- echo $IND . $IND . $name . ' ' . (empty($plugin_version) ? '??' : $plugin_version) . "<br />\n";
+ $english_name = get_plugin_requirement($name, 'english_name');
+ echo $IND . $IND . (empty($english_name) ? $name . ' ' : $english_name . ' (' . $name . ') ') . (empty($plugin_version) ? '??' : $plugin_version) . "<br />\n";
- // check if this plugin has any other plugin
+ // check if this plugin has any other plugin
// dependencies and if they are satisfied
//
$failed_dependencies = check_plugin_dependencies($name);
}
else if (is_array($failed_dependencies)) {
$missing_plugins = '';
+ $incompatible_plugins = '';
foreach ($failed_dependencies as $depend_name => $depend_requirements) {
- $missing_plugins .= ', ' . $depend_name . ' (version ' . $depend_requirements['version'] . ', ' . ($depend_requirements['activate'] ? 'must be activated' : 'need not be activated') . ')';
+ if ($depend_requirements['version'] == SQ_INCOMPATIBLE)
+ $incompatible_plugins .= ', ' . $depend_name;
+ else
+ $missing_plugins .= ', ' . $depend_name . ' (version ' . $depend_requirements['version'] . ', ' . ($depend_requirements['activate'] ? 'must be activated' : 'need not be activated') . ')';
}
- do_err($name . ' is missing some dependencies: ' . trim($missing_plugins, ', '), FALSE);
+ $error_string = (!empty($incompatible_plugins) ? $name . ' cannot be activated at the same time as the following plugins: ' . trim($incompatible_plugins, ', ') : '')
+ . (!empty($missing_plugins) ? (!empty($incompatible_plugins) ? '. ' . $name . ' is also ' : $name . ' is ') . 'missing some dependencies: ' . trim($missing_plugins, ', ') : '');
+ do_err($error_string, FALSE);
}
}
+
+
/**
- * This hook was added in 1.5.2 and 1.4.10. Each plugins should print an error
+ * This hook was added in 1.5.2 and 1.4.10. Each plugins should print an error
* message and return TRUE if there are any errors in its setup/configuration.
*/
$plugin_err = boolean_hook_function('configtest', $null, 1);
echo $IND . "Default language OK.<br />\n";
}
-echo $IND . "Base URL detected as: <tt>" . htmlspecialchars($test_location) .
+echo $IND . "Base URL detected as: <tt>" . sm_encode_html_special_chars($test_location) .
"</tt> (location base " . (empty($config_location_base) ? 'autodetected' : 'set to <tt>' .
- htmlspecialchars($config_location_base)."</tt>") . ")<br />\n";
+ sm_encode_html_special_chars($config_location_base)."</tt>") . ")<br />\n";
/* check minimal requirements for other security options */
echo $IND . "sendmail OK<br />\n";
} else {
- $stream = fsockopen( ($use_smtp_tls==1?'tls://':'').$smtpServerAddress, $smtpPort,
+ // NB: Using "ssl://" ensures the highest possible TLS version
+ // will be negotiated with the server (whereas "tls://" only
+ // uses TLS version 1.0)
+ $stream = fsockopen( ($use_smtp_tls==1?'ssl://':'').$smtpServerAddress, $smtpPort,
$errorNumber, $errorString);
if(!$stream) {
do_err("Error connecting to SMTP server \"$smtpServerAddress:$smtpPort\".".
- "Server error: ($errorNumber) ".htmlspecialchars($errorString));
+ "Server error: ($errorNumber) ".sm_encode_html_special_chars($errorString));
}
// check for SMTP code; should be 2xx to allow us access
$smtpline = fgets($stream, 1024);
if(((int) $smtpline{0}) > 3) {
do_err("Error connecting to SMTP server. Server error: ".
- htmlspecialchars($smtpline));
+ sm_encode_html_special_chars($smtpline));
}
/* smtp starttls checks */
if ($use_smtp_tls===2) {
// if something breaks, script should close smtp connection on exit.
+
+ // format EHLO argument correctly if needed
+ //
+ if (preg_match('/^\d+\.\d+\.\d+\.\d+$/', $client_ip))
+ $helohost = '[' . $client_ip . ']';
+ else // some day might add IPv6 here
+ $helohost = $client_ip;
+
+
// say helo
- fwrite($stream,"EHLO $client_ip\r\n");
+ fwrite($stream,"EHLO $helohost\r\n");
$ehlo=array();
$ehlo_error = false;
break;
}
} else {
- //
+ //
$ehlo_error = true;
$ehlo[]=$line;
break;
$starttls_response=fgets($stream, 1024);
if ($starttls_response[0]!=2) {
$starttls_cmd_err = 'SMTP STARTTLS failed. Server replied: '
- .htmlspecialchars($starttls_response);
+ .sm_encode_html_special_chars($starttls_response);
do_err($starttls_cmd_err);
} elseif(! stream_socket_enable_crypto($stream,true,STREAM_CRYPTO_METHOD_TLS_CLIENT)) {
do_err('Failed to enable encryption on SMTP STARTTLS connection.');
fputs($stream, 'QUIT');
fclose($stream);
echo $IND . 'SMTP server OK (<tt><small>'.
- trim(htmlspecialchars($smtpline))."</small></tt>)<br />\n";
+ trim(sm_encode_html_special_chars($smtpline))."</small></tt>)<br />\n";
/* POP before SMTP */
if($pop_before_smtp) {
- $stream = fsockopen($smtpServerAddress, 110, $err_no, $err_str);
+ if (empty($pop_before_smtp_host)) $pop_before_smtp_host = $smtpServerAddress;
+ $stream = fsockopen($pop_before_smtp_host, 110, $err_no, $err_str);
if (!$stream) {
- do_err("Error connecting to POP Server ($smtpServerAddress:110) "
- . $err_no . ' : ' . htmlspecialchars($err_str));
+ do_err("Error connecting to POP Server ($pop_before_smtp_host:110) "
+ . $err_no . ' : ' . sm_encode_html_special_chars($err_str));
}
$tmp = fgets($stream, 1024);
if (substr($tmp, 0, 3) != '+OK') {
- do_err("Error connecting to POP Server ($smtpServerAddress:110)"
- . ' '.htmlspecialchars($tmp));
+ do_err("Error connecting to POP Server ($pop_before_smtp_host:110)"
+ . ' '.sm_encode_html_special_chars($tmp));
}
fputs($stream, 'QUIT');
fclose($stream);
echo "Checking IMAP service....<br />\n";
/** Can we open a connection? */
-$stream = fsockopen( ($use_imap_tls==1?'tls://':'').$imapServerAddress, $imapPort,
+// NB: Using "ssl://" ensures the highest possible TLS version
+// will be negotiated with the server (whereas "tls://" only
+// uses TLS version 1.0)
+$stream = fsockopen( ($use_imap_tls==1?'ssl://':'').$imapServerAddress, $imapPort,
$errorNumber, $errorString);
if(!$stream) {
do_err("Error connecting to IMAP server \"$imapServerAddress:$imapPort\".".
"Server error: ($errorNumber) ".
- htmlspecialchars($errorString));
+ sm_encode_html_special_chars($errorString));
}
/** Is the first response 'OK'? */
$imapline = fgets($stream, 1024);
if(substr($imapline, 0,4) != '* OK') {
do_err('Error connecting to IMAP server. Server error: '.
- htmlspecialchars($imapline));
+ sm_encode_html_special_chars($imapline));
}
echo $IND . 'IMAP server ready (<tt><small>'.
- htmlspecialchars(trim($imapline))."</small></tt>)<br />\n";
+ sm_encode_html_special_chars(trim($imapline))."</small></tt>)<br />\n";
/** Check capabilities */
fputs($stream, "A001 CAPABILITY\r\n");
$starttls_line=fgets($stream, 1024);
if (! preg_match("/^A002 OK.*/i",$starttls_line)) {
$imap_starttls_err = 'IMAP STARTTLS failed. Server replied: '
- .htmlspecialchars($starttls_line);
+ .sm_encode_html_special_chars($starttls_line);
do_err($imap_starttls_err);
} elseif (! stream_socket_enable_crypto($stream,true,STREAM_CRYPTO_METHOD_TLS_CLIENT)) {
do_err('Failed to enable encryption on IMAP connection.');
}
}
-echo $IND . 'Capabilities: <tt>'.htmlspecialchars($capline)."</tt><br />\n";
+echo $IND . 'Capabilities: <tt>'.sm_encode_html_special_chars($capline)."</tt><br />\n";
if($imap_auth_mech == 'login' && stristr($capline, 'LOGINDISABLED') !== FALSE) {
do_err('Your server doesn\'t allow plaintext logins. '.
$display_locale = $setlocale;
$locale_count = 1;
}
- $tested_locales_msg = 'Tested '.htmlspecialchars($display_locale).' '
+ $tested_locales_msg = 'Tested '.sm_encode_html_special_chars($display_locale).' '
.($locale_count>1 ? 'locales':'locale'). '.';
echo $IND . $IND .$IND . $lang_data['NAME'].' (' .$lang_code. ') - ';
} else {
echo 'supported. '
.$tested_locales_msg
- .' setlocale() returned "'.htmlspecialchars($retlocale).'"';
+ .' setlocale() returned "'.sm_encode_html_special_chars($retlocale).'"';
}
echo "<br />\n";
}
echo "Webmail users can't change their time zone settings. \n";
}
if (isset($_ENV['TZ'])) {
- echo 'Default time zone is '.htmlspecialchars($_ENV['TZ']);
+ echo 'Default time zone is '.sm_encode_html_special_chars($_ENV['TZ']);
} else {
echo 'Current time zone is '.date('T');
}
echo ".<br />\n";
-// Pear DB tests
+// Database tests
echo "Checking database functions...<br />\n";
if($addrbook_dsn || $prefs_dsn || $addrbook_global_dsn) {
- @include_once('DB.php');
- if (class_exists('DB')) {
- echo "$IND PHP Pear DB support is present.<br />\n";
- $db_functions=array(
- 'dbase' => 'dbase_open',
- 'fbsql' => 'fbsql_connect',
- 'interbase' => 'ibase_connect',
- 'informix' => 'ifx_connect',
- 'msql' => 'msql_connect',
- 'mssql' => 'mssql_connect',
- 'mysql' => 'mysql_connect',
- 'mysqli' => 'mysqli_connect',
- 'oci8' => 'ocilogon',
- 'odbc' => 'odbc_connect',
- 'pgsql' => 'pg_connect',
- 'sqlite' => 'sqlite_open',
- 'sybase' => 'sybase_connect'
- );
-
- $dsns = array();
- if($prefs_dsn) {
- $dsns['preferences'] = $prefs_dsn;
- }
- if($addrbook_dsn) {
- $dsns['addressbook'] = $addrbook_dsn;
- }
- if($addrbook_global_dsn) {
- $dsns['global addressbook'] = $addrbook_global_dsn;
- }
+ $dsns = array();
+ if($prefs_dsn) {
+ $dsns['preferences'] = $prefs_dsn;
+ }
+ if($addrbook_dsn) {
+ $dsns['addressbook'] = $addrbook_dsn;
+ }
+ if($addrbook_global_dsn) {
+ $dsns['global addressbook'] = $addrbook_global_dsn;
+ }
+
+ global $disable_pdo, $use_pdo;
+ if (empty($disable_pdo) && class_exists('PDO'))
+ $use_pdo = TRUE;
+ else
+ $use_pdo = FALSE;
+ if ($use_pdo) {
+
+ // test connecting to each DSN
foreach($dsns as $type => $dsn) {
- $aDsn = explode(':', $dsn);
- $dbtype = array_shift($aDsn);
- if(isset($db_functions[$dbtype]) && function_exists($db_functions[$dbtype])) {
- echo "$IND$dbtype database support present.<br />\n";
+
+ // parse and convert DSN to PDO style
+ // $matches will contain:
+ // 1: database type
+ // 2: username
+ // 3: password
+ // 4: hostname
+ // 5: database name
+//TODO: add support for unix_socket and charset
+ if (!preg_match('|^(.+)://(.+):(.+)@(.+)/(.+)$|i', $dsn, $matches)) {
+ return $this->set_error(_("Could not parse prefs DSN"));
+ do_err('DSN parse error in ' .$type .' DSN.');
+ }
+ if (preg_match('|^(.+):(\d+)$|', $matches[4], $host_port_matches)) {
+ $matches[4] = $host_port_matches[1];
+ $matches[6] = $host_port_matches[2];
+ } else
+ $matches[6] = NULL;
+ $pdo_prefs_dsn = $matches[1] . ':host=' . $matches[4] . (!empty($matches[6]) ? ';port=' . $matches[6] : '') . ';dbname=' . $matches[5];
+ try {
+ $dbh = new PDO($pdo_prefs_dsn, $matches[2], $matches[3]);
+ } catch (Exception $e) {
+ do_err('Database error: '. sm_encode_html_special_chars($e->getMessage()) .
+ ' in ' .$type .' DSN.');
+ }
+ echo "$IND$type database connect successful.<br />\n";
+ }
+
+ } else {
+ @include_once('DB.php');
+ if (class_exists('DB')) {
+ echo "$IND PHP Pear DB support is present, however it is deprecated and PHP PDO is recommended.<br />\n"
+ .(!empty($disable_pdo) ? "$IND You have set \$disable_pdo - if you experience errors below, try removing that.<br />\n" : '');
+ $db_functions=array(
+ 'dbase' => 'dbase_open',
+ 'fbsql' => 'fbsql_connect',
+ 'interbase' => 'ibase_connect',
+ 'informix' => 'ifx_connect',
+ 'msql' => 'msql_connect',
+ 'mssql' => 'mssql_connect',
+ 'mysql' => 'mysql_connect',
+ 'mysqli' => 'mysqli_connect',
+ 'oci8' => 'ocilogon',
+ 'odbc' => 'odbc_connect',
+ 'pgsql' => 'pg_connect',
+ 'sqlite' => 'sqlite_open',
+ 'sybase' => 'sybase_connect'
+ );
+
+ foreach($dsns as $type => $dsn) {
+ $aDsn = explode(':', $dsn);
+ $dbtype = array_shift($aDsn);
+
+ if(isset($db_functions[$dbtype]) && function_exists($db_functions[$dbtype])) {
+ echo "$IND$dbtype database support present.<br />\n";
+ } elseif(!(bool)ini_get('enable_dl') || (bool)ini_get('safe_mode')) {
+ do_err($dbtype.' database support not present!');
+ } else {
+ // Non-fatal error
+ do_err($dbtype.' database support not present or not configured!
+ Trying to dynamically load '.$dbtype.' extension.
+ Please note that it is advisable to not rely on dynamic loading of extensions.', FALSE);
+ }
+
// now, test this interface:
$dbh = DB::connect($dsn, true);
if (DB::isError($dbh)) {
- do_err('Database error: '. htmlspecialchars(DB::errorMessage($dbh)) .
+ do_err('Database error: '. sm_encode_html_special_chars(DB::errorMessage($dbh)) .
' in ' .$type .' DSN.');
}
$dbh->disconnect();
echo "$IND$type database connect successful.<br />\n";
-
- } else {
- do_err($dbtype.' database support not present!');
}
+ } else {
+ $db_error='Required PHP PDO or PEAR DB support is not available.'
+ .(!empty($disable_pdo) ? ' You have set $disable_pdo - please try removing that.' : '')
+ .' PDO should come preinstalled with PHP version 5.1 or higher.'
+ .' Otherwise, is PEAR installed and is the include path set correctly to find <tt>DB.php</tt>?'
+ .' The include path is now: "<tt>' . ini_get('include_path') . '</tt>".';
+ do_err($db_error);
}
- } else {
- $db_error='Required PHP PEAR DB support is not available.'
- .' Is PEAR installed and is the include path set correctly to find <tt>DB.php</tt>?'
- .' The include path is now:<tt>' . ini_get('include_path') . '</tt>.';
- do_err($db_error);
}
} else {
echo $IND."not using database functionality.<br />\n";
if ( empty($param['binddn']) ) {
$bind = @ldap_bind($linkid);
} else {
- $bind = @ldap_bind($param['binddn'], $param['bindpw']);
+ $bind = @ldap_bind($linkid, $param['binddn'], $param['bindpw']);
}
if ( $bind ) {
echo '<h2 align="center">Summary</h2>';
$footer = '<hr width="75%" align="center">';
if ($warnings) {
- echo '<p>No fatal errors were found, but there was at least 1 warning. Please check the flagged issue(s) carefully, as correcting them may prevent erratic, undefined, or incorrect behavior (or flat out breakage).</p>';
+ echo '<p>No fatal errors were found, but there was at least 1 warning. Please check the flagged issue(s) carefully, as correcting them may prevent erratic, undefined, or incorrect behavior (or flat out breakage).</p>';
echo $footer;
} else {
print <<< EOF
EOF;
echo $footer;
}
-?>
projects / squirrelmail.git / blobdiff