X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=src%2Fconfigtest.php;h=e57374d17b77a7f9cc0ad8825dfdcaaf426f05bd;hp=47dc461b8c88f4526a29e6da6ae0ec58f0dff5cf;hb=a1912bbc27e69b3d6b59599bc309f282a5401ccc;hpb=0fa9bde70c488226bcd0e1a37bb199b6b8556e77;ds=sidebyside

diff --git a/src/configtest.php b/src/configtest.php
index 47dc461b..e57374d1 100644
--- a/src/configtest.php
+++ b/src/configtest.php
@@ -3,7 +3,7 @@
 /**
  * SquirrelMail configtest script
  *
- * @copyright © 2003-2006 The SquirrelMail Project Team
+ * @copyright © 2003-2007 The SquirrelMail Project Team
  * @license http://opensource.org/licenses/gpl-license.php GNU Public License
  * @version $Id$
  * @package squirrelmail
@@ -17,8 +17,54 @@
 
 // This script could really use some restructuring as it has grown quite rapidly
 // but is not very 'clean'. Feel free to get some structure into this thing.
-$warnings = 0;
 
+/** force verbose error reporting and turn on display of errors */
+error_reporting(E_ALL);
+ini_set('display_errors',1);
+
+/** Blockcopy from init.php. Cleans globals. */
+if ((bool) ini_get('register_globals') &&
+    strtolower(ini_get('register_globals'))!='off') {
+    /**
+     * Remove all globals that are not reserved by PHP
+     * 'value' and 'key' are used by foreach. Don't unset them inside foreach.
+     */
+    foreach ($GLOBALS as $key => $value) {
+        switch($key) {
+        case 'HTTP_POST_VARS':
+        case '_POST':
+        case 'HTTP_GET_VARS':
+        case '_GET':
+        case 'HTTP_COOKIE_VARS':
+        case '_COOKIE':
+        case 'HTTP_SERVER_VARS':
+        case '_SERVER':
+        case 'HTTP_ENV_VARS':
+        case '_ENV':
+        case 'HTTP_POST_FILES':
+        case '_FILES':
+        case '_REQUEST':
+        case 'HTTP_SESSION_VARS':
+        case '_SESSION':
+        case 'GLOBALS':
+        case 'key':
+        case 'value':
+            break;
+        default:
+            unset($GLOBALS[$key]);
+        }
+    }
+    // Unset variables used in foreach
+    unset($GLOBALS['key']);
+    unset($GLOBALS['value']);
+}
+
+
+/**
+ * Displays error messages and warnings
+ * @param string $str message
+ * @param boolean $fatal fatal error or only warning
+ */
 function do_err($str, $fatal = TRUE) {
     global $IND, $warnings;
     $level = $fatal ? 'FATAL ERROR:' : 'WARNING:';
@@ -31,26 +77,54 @@ function do_err($str, $fatal = TRUE) {
     }
 }
 
-$IND = str_repeat(' ',4);
-
 ob_implicit_flush();
 /** @ignore */
 define('SM_PATH', '../');
+/** load minimal function set */
+require(SM_PATH . 'include/constants.php');
+require(SM_PATH . 'functions/global.php');
+require(SM_PATH . 'functions/strings.php');
+$SQM_INTERNAL_VERSION = preg_split('/\./', SM_VERSION, 3);
+$SQM_INTERNAL_VERSION[2] = intval($SQM_INTERNAL_VERSION[2]);
 
-/* set default value in order to block remote access to script */
+/** set default value in order to block remote access */
 $allow_remote_configtest=false;
 
-/*
- * Load config before output begins. functions/strings.php depends on
- * functions/globals.php. functions/global.php needs to be run before
- * any html output starts. If config.php is missing, error will be displayed
- * later.
- */
+/** Load all configuration files before output begins */
+
+/* load default configuration */
+require(SM_PATH . 'config/config_default.php');
+/* reset arrays in default configuration */
+$ldap_server = array();
+$plugins = array();
+$fontsets = array();
+$theme = array();
+$theme[0]['PATH'] = SM_PATH . 'themes/default_theme.php';
+$theme[0]['NAME'] = 'Default';
+$aTemplateSet = array();
+$aTemplateSet[0]['ID'] = 'default';
+$aTemplateSet[0]['NAME'] = 'Default';
+/* load site configuration */
 if (file_exists(SM_PATH . 'config/config.php')) {
-	require(SM_PATH . 'config/config.php');
+    require(SM_PATH . 'config/config.php');
 }
-require(SM_PATH . 'functions/global.php');
-require(SM_PATH . 'functions/strings.php');
+/* load local configuration overrides */
+if (file_exists(SM_PATH . 'config/config_local.php')) {
+    require(SM_PATH . 'config/config_local.php');
+}
+
+/** Load plugins */
+global $disable_plugins;
+$squirrelmail_plugin_hooks = array();
+if (!$disable_plugins && file_exists(SM_PATH . 'config/plugin_hooks.php')) {
+    require(SM_PATH . 'config/plugin_hooks.php');
+}
+
+/** Warning counter */
+$warnings = 0;
+
+/** indent */
+$IND = str_repeat(' ',4);
 
 /**
  * get_location starts session and must be run before output is started.
@@ -96,19 +170,21 @@ if (! $allow_remote_configtest) {
         do_err('Enable "Allow remote configtest" option in squirrelmail configuration in order to use this script.');
     }
 }
-/* checking PHP specs */
 
-echo "<p><table>\n<tr><td>SquirrelMail version:</td><td><b>" . $version . "</b></td></tr>\n" .
+echo "<p><table>\n<tr><td>SquirrelMail version:</td><td><b>" . SM_VERSION . "</b></td></tr>\n" .
     '<tr><td>Config file version:</td><td><b>' . $config_version . "</b></td></tr>\n" .
     '<tr><td>Config file last modified:</td><td><b>' .
     date ('d F Y H:i:s', filemtime(SM_PATH . 'config/config.php')) .
     "</b></td></tr>\n</table>\n</p>\n\n";
 
 /* check $config_version */
-if ($config_version!='1.4.0') {
+if ($config_version!='1.5.0') {
     do_err('Configuration file version does not match required version. Please update your configuration file.');
 }
 
+
+/* checking PHP specs */
+
 echo "Checking PHP configuration...<br />\n";
 
 if(!check_php_version(4,1,0)) {
@@ -116,11 +192,54 @@ if(!check_php_version(4,1,0)) {
 }
 
 echo $IND . 'PHP version ' . PHP_VERSION . ' OK. (You have: ' . phpversion() . ". Minimum: 4.1.0)<br />\n";
-/* test for boolean false and any string that is not equal to 'off' */
+
+/* register_globals check: test for boolean false and any string that is not equal to 'off' */
+
 if ((bool) ini_get('register_globals') && 
     strtolower(ini_get('register_globals'))!='off') {
-	do_err('You have register_globals turned on.  This is not an error, but it CAN be a security hazard.  Consider turning register_globals off.', false);
+    do_err('You have register_globals turned on.  This is not an error, but it CAN be a security hazard.  Consider turning register_globals off.', false);
 }
+
+
+/* variables_order check */
+
+// FIXME(?): Hmm, how do we distinguish between when an ini setting is
+//           not available (ini_set() returns empty string) and when 
+//           the administrator set the value to an empty string?  The
+//           latter is sure to be highly rare, so for now, just assume
+//           that empty value means the setting isn't even available
+//           (could also check PHP version when this setting was implemented)
+$variables_order = ini_get('variables_order');
+if (!empty($variables_order) && (strpos($variables_order, 'G') === FALSE
+ || strpos($variables_order, 'P') === FALSE
+ || strpos($variables_order, 'C') === FALSE
+ || strpos($variables_order, 'S') === FALSE)) {
+    do_err('Your variables_order setting is insufficient for SquirrelMail to function.  It needs at least "GPCS", but you have it set to "' . $variables_order . '"', true);
+} else {
+    echo $IND . "variables_order OK: $variables_order.<br />\n";
+}
+
+
+/* gpc_order check */
+
+// FIXME(?): Hmm, how do we distinguish between when an ini setting is
+//           not available (ini_set() returns empty string) and when 
+//           the administrator set the value to an empty string?  The
+//           latter is sure to be highly rare, so for now, just assume
+//           that empty value means the setting isn't even available
+//           (could also check PHP version when this setting was implemented)
+$gpc_order = ini_get('gpc_order');
+if (!empty($gpc_order) && (strpos($gpc_order, 'G') === FALSE
+ || strpos($gpc_order, 'P') === FALSE
+ || strpos($gpc_order, 'C') === FALSE)) {
+    do_err('Your gpc_order setting is insufficient for SquirrelMail to function.  It needs to be set to "GPC", but you have it set to "' . $gpc_order . '"', true);
+} else {
+    echo $IND . "gpc_order OK: $gpc_order.<br />\n";
+}
+
+
+/* check PHP extensions */
+
 $php_exts = array('session','pcre');
 $diff = array_diff($php_exts, get_loaded_extensions());
 if(count($diff)) {
@@ -145,6 +264,21 @@ if (function_exists('mb_internal_encoding') &&
     do_err($mb_error);
 }
 
+/**
+ * Do not use SquirrelMail with magic_quotes_* on.
+ */
+if ( get_magic_quotes_runtime() || get_magic_quotes_gpc() ||
+    ( (bool) ini_get('magic_quotes_sybase') && ini_get('magic_quotes_sybase') != 'off' )
+    ) {
+    $magic_quotes_warning='You have enabled any one of <tt>magic_quotes_runtime</tt>, '
+        .'<tt>magic_quotes_gpc</tt> or <tt>magic_quotes_sybase</tt> in your PHP '
+        .'configuration. We recommend all those settings to be off. SquirrelMail '
+        .'may work with them on, but when experiencing stray backslashes in your mail '
+        .'or other strange behaviour, it may be advisable to turn them off.';
+    do_err($magic_quotes_warning,false);
+}
+
+
 /* checking paths */
 
 echo "Checking paths...<br />\n";
@@ -203,7 +337,12 @@ if($data_dir == $attachment_dir) {
 }
 
 
+echo "Checking plugins...<br />\n";
+
 /* check plugins and themes */
+//FIXME: check requirements given in plugin _info() function, such
+//       as required PHP extensions, Pear packages, other plugins, SM version, etc
+//       see development docs for list of returned info from that function
 $bad_plugins = array(
         'attachment_common',      // Integrated into SquirrelMail 1.2 core
         'auto_prune_sent',        // Obsolete: See Proon Automatic Folder Pruning plugin
@@ -256,15 +395,35 @@ if (isset($plugins[0])) {
     ob_end_clean();
     // if plugins output more than newlines and spacing, stop script execution.
     if (!empty($output)) {
-        $plugin_load_error = 'Some output is produced when plugins are loaded.'
-            .' Usually it means error. Output said: '.htmlspecialchars($output);
+        $plugin_load_error = 'Some output is produced when plugins are loaded. Usually this means there is an error in one of the plugin setup or configuration files. The output was: '.htmlspecialchars($output);
         do_err($plugin_load_error);
     }
+    /** 
+     * Print plugin versions
+     */
+    echo $IND . "Plugin versions...<br />\n";
+    foreach ($plugins as $name) {
+        $plugin_version = get_plugin_version($name);
+        echo $IND . $IND . $name . ' ' . (empty($plugin_version) ? '??' : $plugin_version) . "<br />\n";
+
+        // check if this plugin has any other plugin 
+        // dependencies and if they are satisfied
+        //
+        $failed_dependencies = check_plugin_dependencies($name);
+        if (is_array($failed_dependencies)) {
+            $missing_plugins = '';
+            foreach ($failed_dependencies as $depend_name => $depend_requirements) {
+                $missing_plugins .= ', ' . $depend_name . ' (version ' . $depend_requirements['version'] . ', ' . ($depend_requirements['activate'] ? 'must be activated' : 'need not be activated') . ')';
+            }
+            do_err($name . ' is missing some dependencies: ' . trim($missing_plugins, ', '), FALSE);
+        }
+
+    }
     /**
-     * Hook is added in 1.5.2. Plugins should print error message and return true
-     * if there is an error in plugin.
+     * This hook was added in 1.5.2 and 1.4.10. Each plugins should print an error 
+     * message and return TRUE if there are any errors in its setup/configuration.
      */
-    $plugin_err = boolean_hook_function('configtest');
+    $plugin_err = boolean_hook_function('configtest', $null, 1);
     if($plugin_err) {
         do_err('Some plugin tests failed.');
     } else {