X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=src%2Fconfigtest.php;h=45822902a5b496f33b5000e2f50ad68e9f7a9896;hp=0d6be68a1ada3e5b4648eb9d990a87402698b288;hb=8459a9bbb8f2c312111cc119e1a727f7716b5008;hpb=fd72907b14fc668e47f413d4fcc58e1a4a0f045d
diff --git a/src/configtest.php b/src/configtest.php
index 0d6be68a..45822902 100644
--- a/src/configtest.php
+++ b/src/configtest.php
@@ -17,8 +17,54 @@
// This script could really use some restructuring as it has grown quite rapidly
// but is not very 'clean'. Feel free to get some structure into this thing.
-$warnings = 0;
+/** force verbose error reporting and turn on display of errors */
+error_reporting(E_ALL);
+ini_set('display_errors',1);
+
+/** Blockcopy from init.php. Cleans globals. */
+if ((bool) ini_get('register_globals') &&
+ strtolower(ini_get('register_globals'))!='off') {
+ /**
+ * Remove all globals that are not reserved by PHP
+ * 'value' and 'key' are used by foreach. Don't unset them inside foreach.
+ */
+ foreach ($GLOBALS as $key => $value) {
+ switch($key) {
+ case 'HTTP_POST_VARS':
+ case '_POST':
+ case 'HTTP_GET_VARS':
+ case '_GET':
+ case 'HTTP_COOKIE_VARS':
+ case '_COOKIE':
+ case 'HTTP_SERVER_VARS':
+ case '_SERVER':
+ case 'HTTP_ENV_VARS':
+ case '_ENV':
+ case 'HTTP_POST_FILES':
+ case '_FILES':
+ case '_REQUEST':
+ case 'HTTP_SESSION_VARS':
+ case '_SESSION':
+ case 'GLOBALS':
+ case 'key':
+ case 'value':
+ break;
+ default:
+ unset($GLOBALS[$key]);
+ }
+ }
+ // Unset variables used in foreach
+ unset($GLOBALS['key']);
+ unset($GLOBALS['value']);
+}
+
+
+/**
+ * Displays error messages and warnings
+ * @param string $str message
+ * @param boolean $fatal fatal error or only warning
+ */
function do_err($str, $fatal = TRUE) {
global $IND, $warnings;
$level = $fatal ? 'FATAL ERROR:' : 'WARNING:';
@@ -31,25 +77,57 @@ function do_err($str, $fatal = TRUE) {
}
}
-$IND = str_repeat(' ',4);
-
ob_implicit_flush();
/** @ignore */
define('SM_PATH', '../');
+/** load minimal function set */
+require(SM_PATH . 'functions/global.php');
+require(SM_PATH . 'functions/strings.php');
-/* set default value in order to block remote access to script */
+/** set default value in order to block remote access */
$allow_remote_configtest=false;
-/*
- * Load config before output begins. functions/strings.php depends on
- * functions/globals.php. functions/global.php needs to be run before
- * any html output starts. If config.php is missing, error will be displayed
- * later.
- */
+/** Load all configuration files before output begins */
+
+/* load default configuration */
+require(SM_PATH . 'config/config_default.php');
+/* reset arrays in default configuration */
+$ldap_server = array();
+$plugins = array();
+$fontsets = array();
+$theme = array();
+$theme[0]['PATH'] = SM_PATH . 'themes/default_theme.php';
+$theme[0]['NAME'] = 'Default';
+$aTemplateSet = array();
+$aTemplateSet[0]['ID'] = 'default';
+$aTemplateSet[0]['NAME'] = 'Default';
+/* load site configuration */
if (file_exists(SM_PATH . 'config/config.php')) {
- include(SM_PATH . 'config/config.php');
- include(SM_PATH . 'functions/strings.php');
+ require(SM_PATH . 'config/config.php');
+}
+/* load local configuration overrides */
+if (file_exists(SM_PATH . 'config/config_local.php')) {
+ require(SM_PATH . 'config/config_local.php');
}
+
+/** Load plugins */
+global $disable_plugins;
+$squirrelmail_plugin_hooks = array();
+if (!$disable_plugins && file_exists(SM_PATH . 'config/plugin_hooks.php')) {
+ require(SM_PATH . 'config/plugin_hooks.php');
+}
+
+/** Warning counter */
+$warnings = 0;
+
+/** indent */
+$IND = str_repeat(' ',4);
+
+/**
+ * get_location starts session and must be run before output is started.
+ */
+$test_location = get_location();
+
?>
@@ -98,7 +176,7 @@ echo "
\nSquirrelMail version: | " . $version . "<
" |
\n
\n\n\n";
/* check $config_version */
-if ($config_version!='1.4.0') {
+if ($config_version!='1.5.0') {
do_err('Configuration file version does not match required version. Please update your configuration file.');
}
@@ -109,7 +187,11 @@ if(!check_php_version(4,1,0)) {
}
echo $IND . 'PHP version ' . PHP_VERSION . ' OK. (You have: ' . phpversion() . ". Minimum: 4.1.0)
\n";
-
+/* test for boolean false and any string that is not equal to 'off' */
+if ((bool) ini_get('register_globals') &&
+ strtolower(ini_get('register_globals'))!='off') {
+ do_err('You have register_globals turned on. This is not an error, but it CAN be a security hazard. Consider turning register_globals off.', false);
+}
$php_exts = array('session','pcre');
$diff = array_diff($php_exts, get_loaded_extensions());
if(count($diff)) {
@@ -193,6 +275,9 @@ if($data_dir == $attachment_dir) {
/* check plugins and themes */
+//FIXME: check requirements given in plugin _info() function, such
+// as required PHP extensions, Pear packages, other plugins, SM version, etc
+// see development docs for list of returned info from that function
$bad_plugins = array(
'attachment_common', // Integrated into SquirrelMail 1.2 core
'auto_prune_sent', // Obsolete: See Proon Automatic Folder Pruning plugin
@@ -233,7 +318,32 @@ if (isset($plugins[0])) {
do_err('You have enabled the '.$plugin.' plugin, which causes problems with this version of SquirrelMail. Please check the ReleaseNotes or other documentation for more information.', false);
}
}
- echo $IND . "Plugins OK.
\n";
+ // load plugin functions
+ include_once(SM_PATH . 'functions/plugin.php');
+ // turn on output buffering in order to prevent output of new lines
+ ob_start();
+ foreach ($plugins as $name) {
+ use_plugin($name);
+ }
+ // get output and remove whitespace
+ $output = trim(ob_get_contents());
+ ob_end_clean();
+ // if plugins output more than newlines and spacing, stop script execution.
+ if (!empty($output)) {
+ $plugin_load_error = 'Some output is produced when plugins are loaded.'
+ .' Usually it means error. Output said: '.htmlspecialchars($output);
+ do_err($plugin_load_error);
+ }
+ /**
+ * This hook was added in 1.5.2. Each plugins should print an error
+ * message and return TRUE if there are any errors in its setup/configuration.
+ */
+ $plugin_err = boolean_hook_function('configtest', $null);
+ if($plugin_err) {
+ do_err('Some plugin tests failed.');
+ } else {
+ echo $IND . "Plugins OK.
\n";
+ }
} else {
echo $IND . "Plugins are not enabled in config.
\n";
}
@@ -265,7 +375,9 @@ if ( $squirrelmail_default_language != 'en_US' ) {
echo $IND . "Default language OK.
\n";
}
-echo $IND . "Base URL detected as: " . htmlspecialchars(get_location()) . "
\n";
+echo $IND . "Base URL detected as: " . htmlspecialchars($test_location) .
+ " (location base " . (empty($config_location_base) ? 'autodetected' : 'set to ' .
+ htmlspecialchars($config_location_base)."") . ")
\n";
/* check minimal requirements for other security options */
@@ -466,6 +578,27 @@ if($imap_auth_mech == 'login' && stristr($capline, 'LOGINDISABLED') !== FALSE) {
'in the SquirrelMail configuration.', FALSE);
}
+if (stristr($capline, 'XMAGICTRASH') !== false) {
+ $magic_trash = 'It looks like IMAP_MOVE_EXPUNGE_TO_TRASH option is turned on '
+ .'in your Courier IMAP configuration. Courier does not provide tools that '
+ .'allow to detect folder used for Trash or commands are not documented. '
+ .'SquirrelMail can\'t detect special trash folder. SquirrelMail manages '
+ .'all message deletion or move operations internally and '
+ .'IMAP_MOVE_EXPUNGE_TO_TRASH option can cause errors in message and '
+ .'folder management operations. Please turn off IMAP_MOVE_EXPUNGE_TO_TRASH '
+ .'option in Courier imapd configuration.';
+ do_err($magic_trash,false);
+}
+
+/* add warning about IMAP delivery */
+if (stristr($capline, 'XCOURIEROUTBOX') !== false) {
+ $courier_outbox = 'OUTBOX setting is enabled in your Courier imapd '
+ .'configuration. SquirrelMail uses standard SMTP protocol or sendmail '
+ .'binary to send emails. Courier IMAP delivery method is not supported'
+ .' and can create duplicate email messages.';
+ do_err($courier_outbox,false);
+}
+
/** OK, close connection */
fputs($stream, "A004 LOGOUT\r\n");
fclose($stream);
@@ -479,7 +612,7 @@ if (function_exists('gettext')) {
/* optional setlocale() tests. Should work only on glibc systems. */
if (sqgetGlobalVar('testlocales',$testlocales,SQ_GET)) {
- include_once(SM_PATH . 'functions/i18n.php');
+ include_once(SM_PATH . 'include/languages.php');
echo $IND . $IND . 'Testing translations:
';
foreach ($languages as $lang_code => $lang_data) {
/* don't test aliases */
@@ -552,9 +685,9 @@ if (function_exists('iconv')) {
} else {
echo "Iconv functions are unavailable.
\n";
}
-// same test as in include/validate.php
+// same test as in include/init.php + date_default_timezone_set check
echo "$IND timezone - ";
-if ( (!ini_get('safe_mode')) ||
+if ( (!ini_get('safe_mode')) || function_exists('date_default_timezone_set') ||
!strcmp(ini_get('safe_mode_allowed_env_vars'),'') ||
preg_match('/^([\w_]+,)*TZ/', ini_get('safe_mode_allowed_env_vars')) ) {
echo "Webmail users can change their time zone settings. \n";
@@ -689,4 +822,4 @@ if ($warnings) {
EOF;
echo $footer;
}
-?>
\ No newline at end of file
+?>