'; exit(); } } /** * checks if installation is done * * @return bool returns true if the installation was already executed, false else * @author Martin Havlat **/ function checkInstallStatus() { $status=defined('DB_TYPE') ? true : false; return $status; } /** * Checks if charts are supported (GD and PNG library) * * @return string resulted message ('OK' means pass) * @author Martin Havlat **/ function checkLibGd() { if( extension_loaded('gd') ) { $arrLibConf = gd_info(); $msg = lang_get("error_gd_png_support_disabled"); if ($arrLibConf["PNG Support"]) { $msg = 'OK'; } } else { $msg = lang_get("error_gd_missing"); } return $msg; } /** * Checks if needed functions and extensions are defined * * @param array [ref] msgs will be appended * @return bool returns true if all extension or functions ar present or defined * **/ function checkForExtensions(&$msg) { // without this pChart do not work if( !extension_loaded('gd') ) { $msg[] = lang_get("error_gd_missing"); } return true; } /** * checks if the install dir is present * * @return bool returns true if the install dir is present, false else **/ function checkForInstallDir() { $installerDir = TL_ABS_PATH. DIRECTORY_SEPARATOR . "install" . DIRECTORY_SEPARATOR; clearstatcache(); $dirExists= (is_dir($installerDir)) ? true : false; return $dirExists; } /** * checks if the default password for the admin accout is still set * * @return boolean returns true if the default password for the admin account is set, * false else **/ function checkForAdminDefaultPwd(&$db) { $passwordHasDefaultValue = false; $user = new tlUser(); $user->login = "admin"; if ($user->readFromDB($db,tlUser::USER_O_SEARCH_BYLOGIN) >= tl::OK && $user->comparePassword("admin") >= tl::OK) { $passwordHasDefaultValue = true; } return $passwordHasDefaultValue; } /* function: checkForLDAPExtension */ function checkForLDAPExtension() { return extension_loaded("ldap"); } /** * builds the security notes while checking some security issues * these notes should be displayed! * * @return array returns the security issues, or null if none found! * **/ function getSecurityNotes(&$db) { $repository['type'] = config_get('repositoryType'); $repository['path'] = config_get('repositoryPath'); $securityNotes = null; if (checkForInstallDir()) { $securityNotes[] = lang_get("sec_note_remove_install_dir"); } $authCfg = config_get('authentication'); if( 'LDAP' == $authCfg['method'] ) { if( !checkForLDAPExtension() ) { $securityNotes[] = lang_get("ldap_extension_not_loaded"); } } else { if( checkForAdminDefaultPwd($db) ) { $securityNotes[] = lang_get("sec_note_admin_default_pwd"); } } if (!checkForBTSConnection()) { $securityNotes[] = lang_get("bts_connection_problems"); } if($repository['type'] == TL_REPOSITORY_TYPE_FS) { $ret = checkForRepositoryDir($repository['path']); if(!$ret['status_ok']) { $securityNotes[] = $ret['msg']; } } // Needed when schemas change has been done. // This call can be removed when release is stable $res = checkSchemaVersion($db); $msg = $res['msg']; if($msg != "") { $securityNotes[] = $msg; } $msg = checkEmailConfig(); if(!is_null($msg)) { foreach($msg as $detail) { $securityNotes[] = $detail; } } checkForExtensions($securityNotes); if(!is_null($securityNotes)) { $user_feedback=config_get('config_check_warning_mode'); switch($user_feedback) { case 'SCREEN': break; case 'FILE': case 'SILENT': $warnings=''; $filename = config_get('log_path') . 'config_check.txt'; if (@$handle = fopen($filename, 'w')) { $warnings=implode("\n",$securityNotes); @fwrite($handle, $warnings); @fclose($handle); } $securityNotes=null; if($user_feedback=='FILE') { $securityNotes[] = sprintf(lang_get('config_check_warnings'),$filename); } break; } } return $securityNotes; } /** * checks if the connection to the Bug Tracking System database is working * * @return boolean returns true if ok * false else * @author franciscom **/ function checkForBTSConnection() { global $g_bugInterface; $status_ok = true; if($g_bugInterface && !$g_bugInterface->connect()) { $status_ok = false; } return $status_ok; } /** * Check if server OS is microsoft Windows flavour * * @return boolean TRUE if microsoft * @author havlatm */ function isMSWindowsServer() { $osID = strtoupper(substr(PHP_OS, 0, 3)); $isWindows = (strcmp('WIN',$osID) == 0) ? true: false; return $isWindows; } /* function: checkForRepositoryDir */ function checkForRepositoryDir($the_dir) { clearstatcache(); $ret['msg']=lang_get('attachments_dir') . " " . $the_dir . " "; $ret['status_ok']=false; if(is_dir($the_dir)) { $ret['msg'] .= lang_get('exists') . ' '; $ret['status_ok'] = true; $ret['status_ok'] = (is_writable($the_dir)) ? true : false; if($ret['status_ok']) { $ret['msg'] .= lang_get('directory_is_writable'); } else { $ret['msg'] .= lang_get('but_directory_is_not_writable'); } } else { $ret['msg'] .= lang_get('does_not_exist'); } return $ret; } /** * Check if DB schema is valid * * @param pointer $db Database class * @return string message * @todo Update list of versions */ function checkSchemaVersion(&$db) { $result = array('status' => tl::ERROR, 'msg' => null, 'kill_session' => true); $latest_version = TL_LATEST_DB_VERSION; $db_version_table = DB_TABLE_PREFIX . 'db_version'; $sql = "SELECT * FROM {$db_version_table} ORDER BY upgrade_ts DESC"; $res = $db->exec_query($sql,1); if (!$res) { return $result['msg'] = "Failed to get Schema version from DB"; } $myrow = $db->fetch_array($res); $upgrade_msg = "You need to upgrade your Testlink Database to {$latest_version} -
" . 'click here access install and upgrade page
'; $manualop_msg = "You need to proceed with Manual upgrade of your DB scheme to {$latest_version} - Read README file!"; switch (trim($myrow['version'])) { case '1.7.0 Alpha': case '1.7.0 Beta 1': case '1.7.0 Beta 2': case '1.7.0 Beta 3': case '1.7.0 Beta 4': case '1.7.0 Beta 5': case '1.7.0 RC 2': case '1.7.0 RC 3': case 'DB 1.1': case 'DB 1.2': $result['msg'] = $upgrade_msg; break; case 'DB 1.3': case 'DB 1.4': case 'DB 1.5': case 'DB 1.6': case 'DB 1.9.8': case 'DB 1.9.10': case 'DB 1.9.11': case 'DB 1.9.12': case 'DB 1.9.13': case 'DB 1.9.14': case 'DB 1.9.15': case 'DB 1.9.16': case 'DB 1.9.17': case 'DB 1.9.18': $result['msg'] = $manualop_msg; break; case $latest_version: $result['status'] = tl::OK; $result['kill_session'] = 'false'; break; default: $result['msg'] = "Unknown Schema version " . trim($myrow['version']) . ", please upgrade your Testlink Database to " . $latest_version; break; } /* It will be better for debug if this message will be written to a log file if($result['status'] != tl::OK) { } */ return $result; } /* function: checkEmailConfig args : returns: */ function checkEmailConfig() { $common[] = lang_get('check_email_config'); $msg = null; $idx = 1; $key2get = array('tl_admin_email','from_email','return_path_email','smtp_host'); foreach($key2get as $cfg_key) { $cfg_param = config_get($cfg_key); if(trim($cfg_param) == "" || strpos($cfg_param,'not_configured') > 0 ) { $msg[$idx++] = $cfg_key; } } return is_null($msg) ? null : $common+$msg; } /** * checking register global = OFF (doesn't cause error') * @param integer &$errCounter reference to error counter * @return string html table row */ function check_php_settings(&$errCounter) { $max_execution_time_recommended = 120; $max_execution_time = ini_get('max_execution_time'); $memory_limit_recommended = 64; $memory_limit = intval(str_ireplace('M','',ini_get('memory_limit'))); $final_msg = 'Checking max. execution time (Parameter max_execution_time)'; if($max_execution_time < $max_execution_time_recommended) { $final_msg .= "{$max_execution_time} seconds - " . "We suggest {$max_execution_time_recommended} " . "seconds in order to manage hundred of test cases (edit php.ini)"; } else { $final_msg .= 'OK ('.$max_execution_time.' seconds)'; } $final_msg .= "Checking maximal allowed memory (Parameter memory_limit)"; if($memory_limit < $memory_limit_recommended) { $final_msg .= "$memory_limit MegaBytes - " . "We suggest {$memory_limit_recommended} MB" . " in order to manage hundred of test cases"; } else { $final_msg .= 'OK ('.$memory_limit.' MegaBytes)'; } $final_msg .= "Checking if Register Globals is disabled"; if(ini_get('register_globals')) { $final_msg .= "Failed! is enabled - " . "Please change the setting in your php.ini file"; } else { $final_msg .= "OK\n"; } return ($final_msg); } /** * Check availability of PHP extensions * * @param integer &$errCounter pointer to error counter * @return string html table rows * @author Martin Havlat * @todo martin: Do we require "Checking DOM XML support"? It seems that we use internal library. * if (function_exists('domxml_open_file')) */ function checkPhpExtensions(&$errCounter) { $cannot_use='cannot be used'; $td_ok = "OK\n"; $td_failed = 'Failed! %s %s.'; $msg_support='Checking %s '; $checks=array(); // Database extensions $checks[]=array('extension' => 'pgsql', 'msg' => array('feedback' => 'Postgres Database', 'ok' => $td_ok, 'ko' => 'cannot be used') ); $mysqlExt = 'mysql'; if( version_compare(phpversion(), "5.5.0", ">=") ) { $mysqlExt = 'mysqli'; } $checks[]=array('extension' => $mysqlExt, 'msg' => array('feedback' => 'MySQL Database', 'ok' => $td_ok, 'ko' => 'cannot be used') ); // ---------------------------------------------------------------------------- // special check for MSSQL $isPHPGTE7 = version_compare(phpversion(), "7.0.0", ">="); $extid = 'mssql'; if(PHP_OS == 'WINNT' || $isPHPGTE7 ) { // Faced this problem when testing XAMPP 1.7.7 on Windows 7 with MSSQL 2008 Express // From PHP MANUAL - reganding mssql_* functions // These functions allow you to access MS SQL Server database. // This extension is not available anymore on Windows with PHP 5.3 or later. // SQLSRV, an alternative driver for MS SQL is available from Microsoft: // http://msdn.microsoft.com/en-us/sqlserver/ff657782.aspx. // // Second Time: (2018) // When using PHP 7 or up // Help from Bitnami // PHP 7 does not support mssql anymore. // The PECL extension recommended is to use the "sqlsrv" module // but you will need to compile it on your own. // // // PHP_VERSION_ID is available as of PHP 5.2.7 if ( defined('PHP_VERSION_ID') && PHP_VERSION_ID >= 50300 ) { $extid = 'sqlsrv'; } if ( $isPHPGTE7 ) { $extid = 'sqlsrv'; } } $checks[] = array('extension' => $extid, 'msg' => array('feedback' => 'MSSQL Database', 'ok' => $td_ok, 'ko' => 'cannot be used') ); // --------------------------------------------------------------------------------------------------------- $checks[]=array('extension' => 'gd', 'msg' => array('feedback' => 'GD Graphic library', 'ok' => $td_ok, 'ko' => " not enabled.
Graph rendering requires it. This feature will be disabled." . " It's recommended to install it.") ); $checks[]=array('extension' => 'ldap', 'msg' => array('feedback' => 'LDAP library', 'ok' => $td_ok, 'ko' => " not enabled. LDAP authentication cannot be used. " . "(default internal authentication will works)")); $checks[]=array('extension' => 'json', 'msg' => array('feedback' => 'JSON library', 'ok' => $td_ok, 'ko' => " not enabled. You MUST install it to use EXT-JS tree component. ")); $checks[]=array('extension' => 'curl', 'msg' => array('feedback' => 'cURL library', 'ok' => $td_ok, 'ko' => " not enabled. You MUST install it to use REST Integration with issue trackers. ")); $out=''; foreach($checks as $test) { $out .= sprintf($msg_support,$test['msg']['feedback']); if( extension_loaded($test['extension']) ) { $msg=$test['msg']['ok']; } else { $msg=sprintf($td_failed,$test['msg']['feedback'],$test['msg']['ko']); } $out .= $msg; } return $out; } /** * Check if web server support session data * * @param integer &$errCounter reference to error counter * @return string html row with result */ function check_session(&$errCounter) { $out = "Checking if sessions are properly configured"; if( !isset($_SESSION) ) { session_start(); } if( $_SESSION['session_test'] != 1 ) { $color = 'success'; $msg = 'OK'; } else { $color = 'error'; $msg = 'Failed!'; $errCounter++; } $out .= "$msg\n"; return ($out); } //function end /** * check PHP defined timeout * * @param integer &$errCounter reference to error counter * @return string html row with result */ function check_timeout(&$errCounter) { $out = 'Maximum Session Idle Time before Timeout'; $timeout = ini_get("session.gc_maxlifetime"); $gc_maxlifetime_min = floor($timeout/60); $gc_maxlifetime_sec = $timeout % 60; if ($gc_maxlifetime_min > 30) { $color = 'success'; $res = 'OK'; } else if ($gc_maxlifetime_min > 10){ $color = 'warning'; $res = 'Short. Consider to extend.'; } else { $color = 'error'; $res = 'Too short. It must be extended!'; $errCounter++; } $out .= "".$gc_maxlifetime_min . " minutes and $gc_maxlifetime_sec seconds - ($res)\n"; return $out; } /** * check Database type * * @param integer &$errCounter reference to error counter * @param string $type valid PHP database type label * * @return string html row with result */ function checkDbType(&$errCounter, $type) { $out = 'Database type'; switch ($type) { case 'mysql': case 'mysqli': case 'mssql': case 'postgres': $out .= ''.$type.''; break; default: $out .= 'Unsupported type: '.$type. '. MySQL,Postgres and MSSQL are supported DB types. Of course' . ' you can use also other ones without migration support.'; break; } return $out; } /** * Display Operating System * * @return string html table row */ function checkServerOs() { $final_msg = 'Server Operating System (no constrains)'; $final_msg .= ''.PHP_OS.''; return $final_msg; } /** * check minimal required PHP version * * @param integer &$errCounter pointer to error counter * @return string html row with result */ function checkPhpVersion(&$errCounter) { $min_version = '5.5.0'; $my_version = phpversion(); // version_compare: // -1 if left is less, 0 if equal, +1 if left is higher $php_ver_comp = version_compare($my_version, $min_version); $final_msg = 'PHP version'; if($php_ver_comp < 0) { $final_msg .= "Failed! - You are running on PHP " . $my_version . ", and TestLink requires PHP " . $min_version . ' or greater. ' . 'This is fatal problem. You must upgrade it.'; $errCounter += 1; } else { $final_msg .= "OK ( {$min_version} [minimum version] "; $final_msg .= ($php_ver_comp == 0 ? " = " : " <= "); $final_msg .= $my_version . " [your version] " ; $final_msg .= " ) "; } return $final_msg; } /** * verify that files are writable/readable * OK result is for state: * a) installation - writable * b) installed - readable * * @param integer &$errCounter pointer to error counter * @return string html row with result * @author Martin Havlat */ function check_file_permissions(&$errCounter, $inst_type, $checked_filename, $isCritical=FALSE) { $checked_path = realpath(dirname(__FILE__) . DIRECTORY_SEPARATOR . '..' . DIRECTORY_SEPARATOR . '..'); $checked_file = $checked_path.DIRECTORY_SEPARATOR.$checked_filename; $out = 'Access to file ('.$checked_file.')'; if ($inst_type == 'new') { if(file_exists($checked_file)) { if (is_writable($checked_file)) { $out .= "OK (writable)\n"; } else { if ($isCritical) { $out .= "Failed! Please fix the file " . $checked_file . " permissions and reload the page."; $errCounter += 1; } else { $out .= "Not writable! Please fix the file " . $checked_file . " permissions."; } } } else { if (is_writable($checked_path)) { $out .= "OK\n"; } else { if ($isCritical) { $out .= "Directory is not writable! Please fix " . $checked_path . " permissions and reload the page."; $errCounter += 1; } else { $out .= "Directory is not writable! Please fix " . $checked_path . " permissions."; } } } } else { if(file_exists($checked_file)) { if (!is_writable($checked_file)) { $out .= "OK (read only)\n"; } else { $out .= "It's recommended to have read only permission for security reason."; } } else { if ($isCritical) { $out .= "Failed! The file is not on place."; $errCounter += 1; } else { $out .= "The file is not on place."; } } } return($out); } /** * Check read/write permissions for directories * based on check_with_feedback($dirs_to_check); * * @param integer &$errCounter pointer to error counter * @return string html row with result * @author Martin Havlat */ function check_dir_permissions(&$errCounter) { $dirs_to_check = array('gui' . DIRECTORY_SEPARATOR . 'templates_c' => null, 'logs' => 'log_path','upload_area' => 'repositoryPath'); $final_msg = ''; $msg_ko = "Failed!"; $msg_ok = "OK"; $checked_path_base = realpath(dirname(__FILE__) . DIRECTORY_SEPARATOR . '..' . DIRECTORY_SEPARATOR . '..'); $final_msg .= "For security reasons we suggest that directories tagged with [S]" . " on following messages, will be made UNREACHEABLE from browser.
" . "Give a look to README file, section 'Installation & SECURITY' " . " to understand how to change the defaults." . ""; foreach ($dirs_to_check as $the_d => $how) { if( is_null($how) ) { // Correct relative path for installer. $needsLock = ''; $the_d = $checked_path_base . DIRECTORY_SEPARATOR . $the_d; } else { $needsLock = '[S] '; $the_d = config_get($how); } $final_msg .= "Checking if {$the_d} directory exists {$needsLock}"; if(!file_exists($the_d)) { $errCounter += 1; $final_msg .= $msg_ko; } else { $final_msg .= $msg_ok; $final_msg .= "Checking if {$the_d} directory is writable (by user used to run webserver process) "; if(!is_writable($the_d)) { $errCounter += 1; $final_msg .= $msg_ko; } else { $final_msg .= $msg_ok; } } } return($final_msg); } /** * Print table with checking www browser support * * @param integer &$errCounter pointer to error counter * @author Martin Havlat **/ function reportCheckingBrowser(&$errCounter) { $browser = strtolower($_SERVER['HTTP_USER_AGENT']); echo "\n".'
Browser compliance
'."\n"; echo '
'.$browser.'
'; echo ''; if (strpos($browser, 'firefox') === false || strpos($browser, 'msie') === false) { echo ""; } else { echo ""; } echo ''; echo '
Browser supported OK
Unsupported: {$_SERVER['HTTP_USER_AGENT']}
Javascript availability ' . ''. '' . '
'; } /** * print table with system checking results * * @param integer &$errCounter reference to error counter * @author Martin Havlat **/ function reportCheckingSystem(&$errCounter) { echo '
System requirements
'; echo checkServerOs(); echo checkPhpVersion($errCounter); echo '
'; } /** * print table with database checking * * @param integer &$errCounter reference to error counter * @author Martin Havlat **/ function reportCheckingDatabase(&$errCounter, $type = null) { if (checkInstallStatus()) { $type = DB_TYPE; } if (!is_null($type)) { echo '
Database checking
'; echo checkDbType($errCounter, $type); echo "
\n"; } } /** * print table with system checking results * * @param integer &$errCounter reference to error counter * @author Martin Havlat **/ function reportCheckingWeb(&$errCounter) { echo '
Web and PHP configuration
'; echo check_timeout($errCounter); echo check_php_settings($errCounter); echo checkPhpExtensions($errCounter); echo '
'; } /** * print table with system checking results * * @param integer &$errCounter pointer to error counter * @param string installationType: useful when this function is used on installer * * @author Martin Havlat **/ function reportCheckingPermissions(&$errCounter,$installationType='none') { echo '
Read/write permissions
'; echo check_dir_permissions($errCounter); // for $installationType='upgrade' existence of config_db.inc.php is not needed $blockingCheck=$installationType=='upgrade' ? FALSE : TRUE; if($installationType=='new') { echo check_file_permissions($errCounter,$installationType,'config_db.inc.php', $blockingCheck); } echo '
'; }

Browser supported	OK
Unsupported: {$_SERVER['HTTP_USER_AGENT']}
Javascript availability	' . ''. '' . '