/**
* SquirrelMail configtest script
*
- * @copyright © 2003-2007 The SquirrelMail Project Team
+ * @copyright 2003-2015 The SquirrelMail Project Team
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
* @version $Id$
* @package squirrelmail
// This script could really use some restructuring as it has grown quite rapidly
// but is not very 'clean'. Feel free to get some structure into this thing.
-/** force verbose error reporting and turn on display of errors */
+// force verbose error reporting and turn on display of errors, but not before
+// getting their original values
+$php_display_errors_original_value = ini_get('display_errors');
+$php_error_reporting_original_value = ini_get('error_reporting');
error_reporting(E_ALL);
ini_set('display_errors',1);
require(SM_PATH . 'config/config_local.php');
}
+sqGetGlobalVar('REMOTE_ADDR',$client_ip,SQ_SERVER);
+sqGetGlobalVar('SERVER_ADDR',$server_ip,SQ_SERVER);
+
/**
* Include Compatibility plugin if available.
*/
/* Block remote use of script */
if (! $allow_remote_configtest) {
- sqGetGlobalVar('REMOTE_ADDR',$client_ip,SQ_SERVER);
- sqGetGlobalVar('SERVER_ADDR',$server_ip,SQ_SERVER);
if ((! isset($client_ip) || $client_ip!='127.0.0.1') &&
(! isset($client_ip) || ! isset($server_ip) || $client_ip!=$server_ip)) {
echo $IND . 'PHP version ' . PHP_VERSION . ' OK. (You have: ' . phpversion() . ". Minimum: 4.1.0)<br />\n";
-echo $IND . 'display_errors: ' . ini_get('display_errors') . "<br />\n";
-
-echo $IND . 'error_reporting: ' . ini_get('error_reporting') . "<br />\n";
+// try to determine information about the user and group the web server is running as
+//
+$webOwnerID = 'N/A';
+$webOwnerInfo = array('name' => 'N/A');
+if (function_exists('posix_getuid'))
+ $webOwnerID = posix_getuid();
+if ($webOwnerID === FALSE)
+ $webOwnerID = 'N/A';
+if ($webOwnerID !== 'N/A' && function_exists('posix_getpwuid'))
+ $webOwnerInfo = posix_getpwuid($webOwnerID);
+if (!$webOwnerInfo)
+ $webOwnerInfo = array('name' => 'N/A');
+$webGroupID = 'N/A';
+$webGroupInfo = array('name' => 'N/A');
+if (function_exists('posix_getgid'))
+ $webGroupID = posix_getgid();
+if ($webGroupID === FALSE)
+ $webGroupID = 'N/A';
+if ($webGroupID !== 'N/A' && function_exists('posix_getgrgid'))
+ $webGroupInfo = posix_getgrgid($webGroupID);
+if (!$webGroupInfo)
+ $webGroupInfo = array('name' => 'N/A');
+
+echo $IND . 'Running as ' . $webOwnerInfo['name'] . '(' . $webOwnerID
+ . ') / ' . $webGroupInfo['name'] . '(' . $webGroupID . ")<br />\n";
+
+echo $IND . 'display_errors: ' . $php_display_errors_original_value . " (overridden with 1 for this page only)<br />\n";
+
+echo $IND . 'error_reporting: ' . $php_error_reporting_original_value . " (overridden with " . E_ALL . " for this page only)<br />\n";
$safe_mode = ini_get('safe_mode');
if ($safe_mode) {
+ //FIXME: should show that safe_mode is off when it is (this only shows the safe_mode setting when it's on) (also might be generally helpful to show things like open_basedir, too or even add phpinfo() output or a link to another script that has phpinfo()
echo $IND . 'safe_mode: ' . $safe_mode;
if (empty($prefs_dsn) || empty($addrbook_dsn))
echo ' (<font color="red">double check data and attachment directory ownership, etc!</font>)';
|| strpos($variables_order, 'P') === FALSE
|| strpos($variables_order, 'C') === FALSE
|| strpos($variables_order, 'S') === FALSE) {
- do_err('Your variables_order setting is insufficient for SquirrelMail to function. It needs at least "GPCS", but you have it set to "' . htmlspecialchars($variables_order) . '"', true);
+ do_err('Your variables_order setting is insufficient for SquirrelMail to function. It needs at least "GPCS", but you have it set to "' . sm_encode_html_special_chars($variables_order) . '"', true);
} else {
echo $IND . "variables_order OK: $variables_order.<br />\n";
}
else if (strpos($gpc_order, 'G') === FALSE
|| strpos($gpc_order, 'P') === FALSE
|| strpos($gpc_order, 'C') === FALSE) {
- do_err('Your gpc_order setting is insufficient for SquirrelMail to function. It needs to be set to "GPC", but you have it set to "' . htmlspecialchars($gpc_order) . '"', true);
+ do_err('Your gpc_order setting is insufficient for SquirrelMail to function. It needs to be set to "GPC", but you have it set to "' . sm_encode_html_special_chars($gpc_order) . '"', true);
} else {
echo $IND . "gpc_order OK: $gpc_order.<br />\n";
}
// if plugin outputs more than newlines and spacing, stop script execution.
if (!empty($output)) {
- $plugin_load_error = 'Some output was produced when plugin <i>' . $name . '</i> was loaded. Usually this means there is an error in the plugin\'s setup or configuration file. The output was: '.htmlspecialchars($output);
+ $plugin_load_error = 'Some output was produced when plugin <i>' . $name . '</i> was loaded. Usually this means there is an error in the plugin\'s setup or configuration file. The output was: '.sm_encode_html_special_chars($output);
do_err($plugin_load_error);
}
}
echo $IND . "Default language OK.<br />\n";
}
-echo $IND . "Base URL detected as: <tt>" . htmlspecialchars($test_location) .
+echo $IND . "Base URL detected as: <tt>" . sm_encode_html_special_chars($test_location) .
"</tt> (location base " . (empty($config_location_base) ? 'autodetected' : 'set to <tt>' .
- htmlspecialchars($config_location_base)."</tt>") . ")<br />\n";
+ sm_encode_html_special_chars($config_location_base)."</tt>") . ")<br />\n";
/* check minimal requirements for other security options */
echo $IND . "sendmail OK<br />\n";
} else {
- $stream = fsockopen( ($use_smtp_tls==1?'tls://':'').$smtpServerAddress, $smtpPort,
+ // NB: Using "ssl://" ensures the highest possible TLS version
+ // will be negotiated with the server (whereas "tls://" only
+ // uses TLS version 1.0)
+ $stream = fsockopen( ($use_smtp_tls==1?'ssl://':'').$smtpServerAddress, $smtpPort,
$errorNumber, $errorString);
if(!$stream) {
do_err("Error connecting to SMTP server \"$smtpServerAddress:$smtpPort\".".
- "Server error: ($errorNumber) ".htmlspecialchars($errorString));
+ "Server error: ($errorNumber) ".sm_encode_html_special_chars($errorString));
}
// check for SMTP code; should be 2xx to allow us access
$smtpline = fgets($stream, 1024);
if(((int) $smtpline{0}) > 3) {
do_err("Error connecting to SMTP server. Server error: ".
- htmlspecialchars($smtpline));
+ sm_encode_html_special_chars($smtpline));
}
/* smtp starttls checks */
if ($use_smtp_tls===2) {
// if something breaks, script should close smtp connection on exit.
+
+ // format EHLO argument correctly if needed
+ //
+ if (preg_match('/^\d+\.\d+\.\d+\.\d+$/', $client_ip))
+ $helohost = '[' . $client_ip . ']';
+ else // some day might add IPv6 here
+ $helohost = $client_ip;
+
+
// say helo
- fwrite($stream,"EHLO $client_ip\r\n");
+ fwrite($stream,"EHLO $helohost\r\n");
$ehlo=array();
$ehlo_error = false;
$starttls_response=fgets($stream, 1024);
if ($starttls_response[0]!=2) {
$starttls_cmd_err = 'SMTP STARTTLS failed. Server replied: '
- .htmlspecialchars($starttls_response);
+ .sm_encode_html_special_chars($starttls_response);
do_err($starttls_cmd_err);
} elseif(! stream_socket_enable_crypto($stream,true,STREAM_CRYPTO_METHOD_TLS_CLIENT)) {
do_err('Failed to enable encryption on SMTP STARTTLS connection.');
fputs($stream, 'QUIT');
fclose($stream);
echo $IND . 'SMTP server OK (<tt><small>'.
- trim(htmlspecialchars($smtpline))."</small></tt>)<br />\n";
+ trim(sm_encode_html_special_chars($smtpline))."</small></tt>)<br />\n";
/* POP before SMTP */
if($pop_before_smtp) {
$stream = fsockopen($pop_before_smtp_host, 110, $err_no, $err_str);
if (!$stream) {
do_err("Error connecting to POP Server ($pop_before_smtp_host:110) "
- . $err_no . ' : ' . htmlspecialchars($err_str));
+ . $err_no . ' : ' . sm_encode_html_special_chars($err_str));
}
$tmp = fgets($stream, 1024);
if (substr($tmp, 0, 3) != '+OK') {
do_err("Error connecting to POP Server ($pop_before_smtp_host:110)"
- . ' '.htmlspecialchars($tmp));
+ . ' '.sm_encode_html_special_chars($tmp));
}
fputs($stream, 'QUIT');
fclose($stream);
echo "Checking IMAP service....<br />\n";
/** Can we open a connection? */
-$stream = fsockopen( ($use_imap_tls==1?'tls://':'').$imapServerAddress, $imapPort,
+// NB: Using "ssl://" ensures the highest possible TLS version
+// will be negotiated with the server (whereas "tls://" only
+// uses TLS version 1.0)
+$stream = fsockopen( ($use_imap_tls==1?'ssl://':'').$imapServerAddress, $imapPort,
$errorNumber, $errorString);
if(!$stream) {
do_err("Error connecting to IMAP server \"$imapServerAddress:$imapPort\".".
"Server error: ($errorNumber) ".
- htmlspecialchars($errorString));
+ sm_encode_html_special_chars($errorString));
}
/** Is the first response 'OK'? */
$imapline = fgets($stream, 1024);
if(substr($imapline, 0,4) != '* OK') {
do_err('Error connecting to IMAP server. Server error: '.
- htmlspecialchars($imapline));
+ sm_encode_html_special_chars($imapline));
}
echo $IND . 'IMAP server ready (<tt><small>'.
- htmlspecialchars(trim($imapline))."</small></tt>)<br />\n";
+ sm_encode_html_special_chars(trim($imapline))."</small></tt>)<br />\n";
/** Check capabilities */
fputs($stream, "A001 CAPABILITY\r\n");
$starttls_line=fgets($stream, 1024);
if (! preg_match("/^A002 OK.*/i",$starttls_line)) {
$imap_starttls_err = 'IMAP STARTTLS failed. Server replied: '
- .htmlspecialchars($starttls_line);
+ .sm_encode_html_special_chars($starttls_line);
do_err($imap_starttls_err);
} elseif (! stream_socket_enable_crypto($stream,true,STREAM_CRYPTO_METHOD_TLS_CLIENT)) {
do_err('Failed to enable encryption on IMAP connection.');
}
}
-echo $IND . 'Capabilities: <tt>'.htmlspecialchars($capline)."</tt><br />\n";
+echo $IND . 'Capabilities: <tt>'.sm_encode_html_special_chars($capline)."</tt><br />\n";
if($imap_auth_mech == 'login' && stristr($capline, 'LOGINDISABLED') !== FALSE) {
do_err('Your server doesn\'t allow plaintext logins. '.
$display_locale = $setlocale;
$locale_count = 1;
}
- $tested_locales_msg = 'Tested '.htmlspecialchars($display_locale).' '
+ $tested_locales_msg = 'Tested '.sm_encode_html_special_chars($display_locale).' '
.($locale_count>1 ? 'locales':'locale'). '.';
echo $IND . $IND .$IND . $lang_data['NAME'].' (' .$lang_code. ') - ';
} else {
echo 'supported. '
.$tested_locales_msg
- .' setlocale() returned "'.htmlspecialchars($retlocale).'"';
+ .' setlocale() returned "'.sm_encode_html_special_chars($retlocale).'"';
}
echo "<br />\n";
}
echo "Webmail users can't change their time zone settings. \n";
}
if (isset($_ENV['TZ'])) {
- echo 'Default time zone is '.htmlspecialchars($_ENV['TZ']);
+ echo 'Default time zone is '.sm_encode_html_special_chars($_ENV['TZ']);
} else {
echo 'Current time zone is '.date('T');
}
$dbh = DB::connect($dsn, true);
if (DB::isError($dbh)) {
- do_err('Database error: '. htmlspecialchars(DB::errorMessage($dbh)) .
+ do_err('Database error: '. sm_encode_html_special_chars(DB::errorMessage($dbh)) .
' in ' .$type .' DSN.');
}
$dbh->disconnect();
projects / squirrelmail.git / blobdiff