2011-06-27 Sancho Lerena <slerena@artica.es>

* include/functions_config.php: Added a new function to do
        global system wide checks with a notification icon in the header.

        * general/header.php: Implemented changes on global checks.




git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@4488 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
This commit is contained in:
slerena 2011-06-27 15:27:19 +00:00
parent 287f4c256a
commit 4336870cf0
3 changed files with 94 additions and 20 deletions

View File

@ -1,3 +1,10 @@
2011-06-27 Sancho Lerena <slerena@artica.es>
* include/functions_config.php: Added a new function to do global
system wide checks with a notification icon in the header.
* general/header.php: Implemented changes on global checks.
2011-06-27 Junichi Satoh <junichi@rworks.jp> 2011-06-27 Junichi Satoh <junichi@rworks.jp>
* include/functions_ui.php: Added a new function to show max/min * include/functions_ui.php: Added a new function to show max/min

View File

@ -20,27 +20,13 @@ require_once ('include/functions_servers.php');
$msg_cnt = 0; $msg_cnt = 0;
$alert_cnt = 0; $alert_cnt = 0;
$config["alert_cnt"] = 0;
$_SESSION["alert_msg"] = ""; $_SESSION["alert_msg"] = "";
// Check permissions // Check permissions
// Global error checking. // Global errors/warnings checking.
config_check();
if (!is_writable ("attachment")){
$alert_cnt++;
// At this first version I'm passing errors using session variables, because the error management
// is done by an AJAX request. Better solutions could be implemented in the future :-)
$_SESSION["alert_msg"] .= '<h3 class="error">'.__('Attachment directory is not writable by HTTP Server').'</h3>'.'<p>'.__('Please check that the web server has write rights on the {HOMEDIR}/attachment directory').'</p>';
}
// Check default password for "admin"
$hashpass = db_get_sql ("SELECT password FROM tusuario WHERE id_user = 'admin'");
if ($hashpass == "1da7ee7d45b96d0e1f45ee4ee23da560"){
$alert_cnt++;
$_SESSION["alert_msg"] .= '<h3 class="error">'.__('Default password for "Admin" user has not been changed.').'</h3>'.'<p>'.__('Please change the default password because is a common vulnerability reported.').'</p>';
}
?> ?>
<table width="100%" cellpadding="0" cellspacing="0" style="margin:0px; padding:0px;" border="0"> <table width="100%" cellpadding="0" cellspacing="0" style="margin:0px; padding:0px;" border="0">
@ -84,7 +70,7 @@ if ($hashpass == "1da7ee7d45b96d0e1f45ee4ee23da560"){
} }
} }
if ($alert_cnt > 0){ if ($config["alert_cnt"] > 0){
echo '<div id="alert_messages" style="display: none"></div>'; echo '<div id="alert_messages" style="display: none"></div>';
ui_require_css_file ('dialog'); ui_require_css_file ('dialog');
ui_require_jquery_file ('ui.core'); ui_require_jquery_file ('ui.core');
@ -92,7 +78,7 @@ if ($hashpass == "1da7ee7d45b96d0e1f45ee4ee23da560"){
echo '<a href="ajax.php?page=operation/system_alert" title="'.__("System alerts detected - Please fix as soon as possible").'" id="show_systemalert_dialog">'; echo '<a href="ajax.php?page=operation/system_alert" title="'.__("System alerts detected - Please fix as soon as possible").'" id="show_systemalert_dialog">';
html_print_image ("images/error.png", false, html_print_image ("images/error.png", false,
array ("title" => __('You have %d warning(s)', $alert_cnt), "id" => "yougotalert", "class" => "bot")); array ("title" => __('You have %d warning(s)', $config["alert_cnt"]), "id" => "yougotalert", "class" => "bot"));
echo '</a>'; echo '</a>';
echo "&nbsp;"; echo "&nbsp;";
echo "&nbsp;"; echo "&nbsp;";
@ -214,7 +200,7 @@ $(document).ready (function () {
<?php if ($msg_cnt > 0): ?> <?php if ($msg_cnt > 0): ?>
$("#yougotmail").pulsate (); $("#yougotmail").pulsate ();
<?php endif; ?> <?php endif; ?>
<?php if ($alert_cnt > 0): ?> <?php if ($config["alert_cnt"] > 0): ?>
$("#yougotalert").pulsate (); $("#yougotalert").pulsate ();
<?php endif; ?> <?php endif; ?>
<?php if ($config["refr"]): ?> <?php if ($config["refr"]): ?>

View File

@ -653,4 +653,85 @@ function config_process_config () {
/* Finally, check if any value was overwritten in a form */ /* Finally, check if any value was overwritten in a form */
config_update_config(); config_update_config();
} }
function config_check (){
global $config;
// At this first version I'm passing errors using session variables, because the error management
// is done by an AJAX request. Better solutions could be implemented in the future :-)
// Check default password for "admin"
$hashpass = db_get_sql ("SELECT password FROM tusuario WHERE id_user = 'admin'");
if ($hashpass == "1da7ee7d45b96d0e1f45ee4ee23da560"){
$config["alert_cnt"]++;
$_SESSION["alert_msg"] .= '<h3 class="error">'.__('Default password for "Admin" user has not been changed.').'</h3>'.'<p>'.__('Please change the default password because is a common vulnerability reported.').'</p>';
}
if (!is_writable ("attachment")){
$config["alert_cnt"]++;
$_SESSION["alert_msg"] .= '<h3 class="error">'.__('Attachment directory is not writable by HTTP Server').'</h3>'.'<p>'.__('Please check that the web server has write rights on the {HOMEDIR}/attachment directory').'</p>';
}
// Get remote file dir.
$remote_config = db_get_sql ("SELECT `value` FROM tconfig WHERE `token` = 'remote_config'");
if (defined ('PANDORA_ENTERPRISE')){
if (!is_writable ($remote_config)){
$config["alert_cnt"]++;
$_SESSION["alert_msg"] .= '<h3 class="error">'.__('Remote configuration directory is not writtable for the console').' - $remote_config</h3>';
}
$remote_config = $remote_config . "/conf";
if (!is_writable ($remote_config)){
$config["alert_cnt"]++;
$_SESSION["alert_msg"] .= '<h3 class="error">'.__('Remote configuration directory is not writtable for the console').' - $remote_config</h3>';
}
$remote_config = $remote_config . "/collections";
if (!is_writable ($remote_config)){
$config["alert_cnt"]++;
$_SESSION["alert_msg"] .= '<h3 class="error">'.__('Remote configuration directory is not writtable for the console').' - $remote_config</h3>';
}
}
// Check attachment directory (too much files?)
$filecount = count(glob($config["homedir"]."/attachment/*"));
// 100 temporal files of trash should be enough for most people.
if ($filecount > 100){
$config["alert_cnt"]++;
$_SESSION["alert_msg"] .= '<h3 class="error">'.__('Too much files in your tempora/attachment directory').'</h3>';
$_SESSION["alert_msg"] .= __("There are too much files in attachment directory. This is not fatal, but you should consider cleaning up your attachment directory manually"). " ( $filecount ". __("files") . " )";
}
// Check database maintance
$db_maintance = db_get_sql ("SELECT `value` FROM tconfig WHERE `token` = 'db_maintance'");
$now = date("U");
$resta = $now - $db_maintance;
// ~ about 50 hr
if (($db_maintance == "") OR ($resta > 190000)){
$config["alert_cnt"]++;
$_SESSION["alert_msg"] .= '<h3 class="error">'.__("Database maintance problem").'</h3>';
$_SESSION["alert_msg"] .= __('Your database is not well maintained. Seems that it have more than 48hr without a proper maintance. Please review Pandora FMS documentation about how to execute this maintance process (pandora_db.pl) and enable it as soon as possible').'</h3>';
}
$fontpath = db_get_sql ("SELECT `value` FROM tconfig WHERE `token` = 'fontpath'");
if (($fontpath == "") OR (!file_exists ($fontpath))) {
$config["alert_cnt"]++;
$_SESSION["alert_msg"] .= '<h3 class="error">'.__("Default font doesnt exist").'</h3>';
$_SESSION["alert_msg"] .= __('Your defined fonr doesnt exist or is not defined. Please check font parameters in your config').'</h3>';
}
global $develop_bypass;
if ($develop_bypass == 1){
$config["alert_cnt"]++;
$_SESSION["alert_msg"] .= '<h3 class="error">'.__("Developer mode is enabled").'</h3>';
$_SESSION["alert_msg"] .= __('Your Pandora FMS has the "develop_bypass" mode enabled. This is a developer mode and should be disabled in a production system. This value is written in the main index.php file').'</h3>';
}
}
?> ?>