tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Change some code for the future fixed in PHP about the try catch in the includes. TICKET: #1791 (still open thanks PHP)

This commit is contained in:
mdtrooper 2015-03-17 16:48:29 +01:00
parent e0e531bf05
commit 5f57ca716b
5 changed files with 131 additions and 102 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
pandora_console/general/header.php
View File

@ -17,12 +17,6 @@
require_once ("include/functions_messages.php"); require_once ("include/functions_messages.php");
require_once ('include/functions_servers.php'); require_once ('include/functions_servers.php');
$msg_cnt = 0;
$alert_cnt = 0;
$config["alert_cnt"] = 0;
$_SESSION["alert_msg"] = "";
// Check permissions // Check permissions
// Global errors/warnings checking. // Global errors/warnings checking.
@ -45,8 +39,9 @@ config_check();
} }
$logo_title = 'Pandora FMS Enterprise'; $logo_title = 'Pandora FMS Enterprise';
} }
echo html_print_image($custom_logo, true, array("alt" => $logo_title, "border" => '0')); echo html_print_image($custom_logo, true,
array("alt" => $logo_title, "border" => '0'));
?> ?>
</a> </a>
</td> </td>

36
pandora_console/include/functions.php
View File

@ -2253,13 +2253,13 @@ function validate_double_auth_code ($user, $code) {
global $config; global $config;
require_once ($config['homedir'].'/include/auth/GAuth/Auth.php'); require_once ($config['homedir'].'/include/auth/GAuth/Auth.php');
$result = false; $result = false;
if (empty($user) || empty($code)) { if (empty($user) || empty($code)) {
$result = -1; $result = -1;
} }
else { else {
$secret = db_get_value('secret', 'tuser_double_auth', 'id_user', $user); $secret = db_get_value('secret', 'tuser_double_auth', 'id_user', $user);
if ($secret === false) { if ($secret === false) {
$result = -1; $result = -1;
} }
@ -2267,7 +2267,8 @@ function validate_double_auth_code ($user, $code) {
try { try {
$gAuth = new \GAuth\Auth($secret); $gAuth = new \GAuth\Auth($secret);
$result = $gAuth->validateCode($code); $result = $gAuth->validateCode($code);
} catch (Exception $e) { }
catch (Exception $e) {
$result = -1; $result = -1;
} }
} }
@ -2288,4 +2289,33 @@ function is_double_auth_enabled ($user) {
return $result; return $result;
} }
function clear_pandora_error_for_header() {
global $config;
$config["alert_cnt"] = 0;
$_SESSION["alert_msg"] = "";
}
function set_pandora_error_for_header($message, $title = null) {
global $config;
if (!isset($config["alert_cnt"])) {
$config["alert_cnt"] = 0;
}
if (!isset($_SESSION["alert_msg"])) {
$_SESSION["alert_msg"] = "";
}
$message_config = array();
if (isset($title))
$message_config['title'] = $title;
$message_config['message'] = $message;
$message_config['no_close'] = true;
$config["alert_cnt"]++;
$_SESSION["alert_msg"] .= ui_print_error_message($message_config,
'', true);
}
?> ?>

143
pandora_console/include/functions_config.php
View File

@ -1327,26 +1327,23 @@ function config_check () {
if ($is_admin) { if ($is_admin) {
$hashpass = db_get_sql ("SELECT password $hashpass = db_get_sql ("SELECT password
FROM tusuario WHERE id_user = 'admin'"); FROM tusuario WHERE id_user = 'admin'");
if ($hashpass == "1da7ee7d45b96d0e1f45ee4ee23da560"){ if ($hashpass == "1da7ee7d45b96d0e1f45ee4ee23da560") {
$config["alert_cnt"]++; set_pandora_error_for_header(
$_SESSION["alert_msg"] .= ui_print_error_message( __('Default password for "Admin" user has not been changed.'),
array('message' => __('Default password for "Admin" user has not been changed.').'</h3>'.'<p>'.__('Please change the default password because is a common vulnerability reported.'), __('Please change the default password because is a common vulnerability reported.'));
'no_close' => true, 'force_style' => 'color: #000000 !important'), '', true);
} }
} }
if (isset ($config['license_expired'])) { if (isset ($config['license_expired'])) {
$config["alert_cnt"]++; set_pandora_error_for_header(
$_SESSION["alert_msg"] .= ui_print_error_message( __('You can not get updates until you renew the license.'),
array('message' => __('<strong style="font-size: 11pt">This license has expired.</strong> <br><br>You can not get updates until you renew the license.').'</h3>', __('This license has expired.'));
'no_close' => true, 'force_style' => 'color: #000000 !important'), '', true);
} }
if (!is_writable ("attachment")) { if (!is_writable ("attachment")) {
$config["alert_cnt"]++; set_pandora_error_for_header(
$_SESSION["alert_msg"] .= ui_print_error_message( __('Please check that the web server has write rights on the {HOMEDIR}/attachment directory'),
array('message' => __('Attachment directory is not writable by HTTP Server').'</h3>'.'<p>'.__('Please check that the web server has write rights on the {HOMEDIR}/attachment directory'), __('Attachment directory is not writable by HTTP Server'));
'no_close' => true, 'force_style' => 'color: #000000 !important'), '', true);
} }
// Get remote file dir. // Get remote file dir.
@ -1356,29 +1353,22 @@ function config_check () {
if (enterprise_installed()) { if (enterprise_installed()) {
if (!is_readable ($remote_config)) { if (!is_readable ($remote_config)) {
$config["alert_cnt"]++; set_pandora_error_for_header(
$_SESSION["alert_msg"] .= ui_print_error_message( __('Remote configuration directory is not readble for the console') .
array('message' => __('Remote configuration directory is not readble for the console') . ' - ' . $remote_config);
' -' . $remote_config,
'no_close' => true, 'force_style' => 'color: #000000 !important'), '', true);
} }
$remote_config_conf = $remote_config . "/conf"; $remote_config_conf = $remote_config . "/conf";
if (!is_writable ($remote_config_conf)) { if (!is_writable ($remote_config_conf)) {
$config["alert_cnt"]++; set_pandora_error_for_header(__('Remote configuration directory is not writtable for the console') .
$_SESSION["alert_msg"] .= ui_print_error_message( ' - ' . $remote_config . '/conf');
array('message' => __('Remote configuration directory is not writtable for the console') .
' - ' . $remote_config . '/conf',
'no_close' => true, 'force_style' => 'color: #000000 !important'), '', true);
} }
$remote_config_col = $remote_config . "/collections"; $remote_config_col = $remote_config . "/collections";
if (!is_writable ($remote_config_col)) { if (!is_writable ($remote_config_col)) {
$config["alert_cnt"]++; set_pandora_error_for_header(
$_SESSION["alert_msg"] .= ui_print_error_message( __('Remote configuration directory is not writtable for the console') .
array('message' => __('Remote configuration directory is not writtable for the console') . ' - ' . $remote_config . '/collections');
' - ' . $remote_config . '/collections',
'no_close' => true, 'force_style' => 'color: #000000 !important'), '', true);
} }
} }
@ -1387,69 +1377,58 @@ function config_check () {
$filecount = count(glob($config["homedir"]."/attachment/*")); $filecount = count(glob($config["homedir"]."/attachment/*"));
// N temporal files of trash should be enough for most people. // N temporal files of trash should be enough for most people.
if ($filecount > $config['num_files_attachment']) { if ($filecount > $config['num_files_attachment']) {
$config["alert_cnt"]++; set_pandora_error_for_header(
$_SESSION["alert_msg"] .= ui_print_error_message( __("There are too much files in attachment directory. This is not fatal, but you should consider cleaning up your attachment directory manually"). " ( $filecount ". __("files") . " )",
array('title' => __('Too much files in your tempora/attachment directory'), __('Too much files in your tempora/attachment directory'));
'message' => __("There are too much files in attachment directory. This is not fatal, but you should consider cleaning up your attachment directory manually"). " ( $filecount ". __("files") . " )",
'no_close' => true, 'force_style' => 'color: #000000 !important'), '', true);
} }
// Check database maintance // Check database maintance
$db_maintance = db_get_value_filter ('value', 'tconfig', array('token' => 'db_maintance')); $db_maintance = db_get_value_filter('value', 'tconfig',
array('token' => 'db_maintance'));
// If never was executed, it means we are in the first Pandora FMS execution. Set current timestamp // If never was executed, it means we are in the first Pandora FMS execution. Set current timestamp
if(empty($db_maintance)) { if (empty($db_maintance)) {
config_update_value ('db_maintance', date("U")); config_update_value ('db_maintance', date("U"));
} }
$last_maintance = date("U") - $db_maintance; $last_maintance = date("U") - $db_maintance;
// ~ about 50 hr // ~ about 50 hr
if ($last_maintance > 190000){ if ($last_maintance > 190000) {
$config["alert_cnt"]++; set_pandora_error_for_header(
$_SESSION["alert_msg"] .= ui_print_error_message( __('Your database is not well maintained. Seems that it have more than 48hr without a proper maintance. Please review Pandora FMS documentation about how to execute this maintance process (pandora_db.pl) and enable it as soon as possible'),
array('title' => __("Database maintance problem"), __("Database maintance problem"));
'message' => __('Your database is not well maintained. Seems that it have more than 48hr without a proper maintance. Please review Pandora FMS documentation about how to execute this maintance process (pandora_db.pl) and enable it as soon as possible'),
'no_close' => true, 'force_style' => 'color: #000000 !important'), '', true);
} }
$fontpath = db_get_value_filter('value', 'tconfig', array('token' => 'fontpath')); $fontpath = db_get_value_filter('value', 'tconfig', array('token' => 'fontpath'));
if (($fontpath == "") OR (!file_exists ($fontpath))) { if (($fontpath == "") OR (!file_exists ($fontpath))) {
$config["alert_cnt"]++; set_pandora_error_for_header(
$_SESSION["alert_msg"] .= ui_print_error_message( __('Your defined font doesnt exist or is not defined. Please check font parameters in your config'),
array('title' => __("Default font doesnt exist"), __("Default font doesnt exist"));
'message' => __('Your defined font doesnt exist or is not defined. Please check font parameters in your config'),
'no_close' => true, 'force_style' => 'color: #000000 !important'), '', true);
} }
global $develop_bypass; global $develop_bypass;
if ($develop_bypass == 1){ if ($develop_bypass == 1) {
$config["alert_cnt"]++; set_pandora_error_for_header(
$_SESSION["alert_msg"] .= ui_print_error_message( __('Your Pandora FMS has the "develop_bypass" mode enabled. This is a developer mode and should be disabled in a production system. This value is written in the main index.php file'),
array('title' => __("Developer mode is enabled"), __("Developer mode is enabled"));
'message' => __('Your Pandora FMS has the "develop_bypass" mode enabled. This is a developer mode and should be disabled in a production system. This value is written in the main index.php file'),
'no_close' => true, 'force_style' => 'color: #000000 !important'), '', true);
} }
if (isset($_SESSION['new_update'])) { if (isset($_SESSION['new_update'])) {
if (!empty($_SESSION['return_installation_open'])) { if (!empty($_SESSION['return_installation_open'])) {
if (!$_SESSION['return_installation_open']['return']) { if (!$_SESSION['return_installation_open']['return']) {
foreach ($_SESSION['return_installation_open']['text'] as $message) { foreach ($_SESSION['return_installation_open']['text'] as $message) {
$config["alert_cnt"]++; set_pandora_error_for_header(
$_SESSION["alert_msg"] .= ui_print_error_message( $message,
array('title' => __("Error first setup Open update"), __("Error first setup Open update"));
'message' => $message,
'no_close' => true, 'force_style' => 'color: #000000 !important'), '', true);
} }
} }
} }
if ($_SESSION['new_update'] == 'new') { if ($_SESSION['new_update'] == 'new') {
$config["alert_cnt"]++; set_pandora_error_for_header(
$_SESSION["alert_msg"] .= ui_print_info_message( __('There is a new update please go to menu Administration and into extensions <a style="font-weight:bold;" href="index.php?sec=gsetup&sec2=godmode/update_manager/update_manager&tab=online">go to Update Manager</a> for more details.'),
array('title' => __("New update of Pandora Console"), __("New update of Pandora Console"));
'message' => __('There is a new update please go to menu Administration and into extensions <a style="font-weight:bold;" href="index.php?sec=gsetup&sec2=godmode/update_manager/update_manager&tab=online">go to Update Manager</a> for more details.'),
'no_close' => true, 'force_style' => 'color: #000000 !important'), '', true);
} }
} }
@ -1461,47 +1440,37 @@ function config_check () {
$PHPsafe_mode = ini_get('safe_mode'); $PHPsafe_mode = ini_get('safe_mode');
if ($PHPsafe_mode === '1') { if ($PHPsafe_mode === '1') {
$config["alert_cnt"]++; set_pandora_error_for_header(
$_SESSION["alert_msg"] .= ui_print_info_message( __('To disable, change it on your PHP configuration file (php.ini) and put safe_mode = Off (Dont forget restart apache process after changes)'),
array('title' => sprintf(__("PHP safe mode is enabled. Some features may not properly work.")), sprintf(__("PHP safe mode is enabled. Some features may not properly work.")));
'message' => '<br><br>' . __('To disable, change it on your PHP configuration file (php.ini) and put safe_mode = Off (Dont forget restart apache process after changes)'),
'no_close' => true, 'force_style' => 'color: #000000 !important'), '', true);
} }
if ($PHPmax_input_time !== '-1') { if ($PHPmax_input_time !== '-1') {
$config["alert_cnt"]++; set_pandora_error_for_header(
$_SESSION["alert_msg"] .= ui_print_info_message( sprintf(__('Recommended value is %s'), '-1 (' . __('Unlimited') . ')') . '<br><br>' . __('Please, change it on your PHP configuration file (php.ini) or contact with administrator (Dont forget restart apache process after changes)'),
array('title' => sprintf(__("Not recommended '%s' value in PHP configuration"), 'max_input_time'), sprintf(__("Not recommended '%s' value in PHP configuration"), 'max_input_time'));
'message' => sprintf(__('Recommended value is %s'), '-1 (' . __('Unlimited') . ')') . '<br><br>' . __('Please, change it on your PHP configuration file (php.ini) or contact with administrator (Dont forget restart apache process after changes)'),
'no_close' => true, 'force_style' => 'color: #000000 !important'), '', true);
} }
if ($PHPmax_execution_time !== '0') { if ($PHPmax_execution_time !== '0') {
$config["alert_cnt"]++; set_pandora_error_for_header(
$_SESSION["alert_msg"] .= ui_print_info_message( sprintf(__('Recommended value is: %s'), '0 (' . __('Unlimited') . ')') . '<br><br>' . __('Please, change it on your PHP configuration file (php.ini) or contact with administrator (Dont forget restart apache process after changes)'),
array('title' => sprintf(__("Not recommended '%s' value in PHP configuration"), 'max_execution_time'), sprintf(__("Not recommended '%s' value in PHP configuration"), 'max_execution_time'));
'message' => sprintf(__('Recommended value is: %s'), '0 (' . __('Unlimited') . ')') . '<br><br>' . __('Please, change it on your PHP configuration file (php.ini) or contact with administrator (Dont forget restart apache process after changes)'),
'no_close' => true, 'force_style' => 'color: #000000 !important'), '', true);
} }
$PHPupload_max_filesize_min = config_return_in_bytes('800M'); $PHPupload_max_filesize_min = config_return_in_bytes('800M');
if ($PHPupload_max_filesize < $PHPupload_max_filesize_min) { if ($PHPupload_max_filesize < $PHPupload_max_filesize_min) {
$config["alert_cnt"]++; set_pandora_error_for_header(
$_SESSION["alert_msg"] .= ui_print_info_message( sprintf(__('Recommended value is: %s'), sprintf(__('%s or greater'), '800M')) . '<br><br>' . __('Please, change it on your PHP configuration file (php.ini) or contact with administrator (Dont forget restart apache process after changes)'),
array('title' => sprintf(__("Not recommended '%s' value in PHP configuration"), 'upload_max_filesize'), sprintf(__("Not recommended '%s' value in PHP configuration"), 'upload_max_filesize'));
'message' => sprintf(__('Recommended value is: %s'), sprintf(__('%s or greater'), '800M')) . '<br><br>' . __('Please, change it on your PHP configuration file (php.ini) or contact with administrator (Dont forget restart apache process after changes)'),
'no_close' => true, 'force_style' => 'color: #000000 !important'), '', true);
} }
$PHPmemory_limit_min = config_return_in_bytes('500M'); $PHPmemory_limit_min = config_return_in_bytes('500M');
if ($PHPmemory_limit < $PHPmemory_limit_min && $PHPmemory_limit !== '-1') { if ($PHPmemory_limit < $PHPmemory_limit_min && $PHPmemory_limit !== '-1') {
$config["alert_cnt"]++; set_pandora_error_for_header(
$_SESSION["alert_msg"] .= ui_print_info_message( sprintf(__('Recommended value is: %s'), sprintf(__('%s or greater'), '500M')) . '<br><br>' . __('Please, change it on your PHP configuration file (php.ini) or contact with administrator'),
array('title' => sprintf(__("Not recommended '%s' value in PHP configuration"), 'memory_limit'), sprintf(__("Not recommended '%s' value in PHP configuration"), 'memory_limit'));
'message' => sprintf(__('Recommended value is: %s'), sprintf(__('%s or greater'), '500M')) . '<br><br>' . __('Please, change it on your PHP configuration file (php.ini) or contact with administrator'),
'no_close' => true, 'force_style' => 'color: #000000 !important'), '', true);
} }
} }

35
pandora_console/include/functions_extensions.php
View File

@ -291,13 +291,42 @@ function extensions_get_extension_info() {
* *
* @param array $extensions * @param array $extensions
*/ */
function extensions_load_extensions ($extensions) { function extensions_load_extensions ($process_login) {
global $config; global $config;
global $extension_file; global $extension_file;
foreach ($extensions as $extension) { foreach ($config['extensions'] as $extension) {
$extension_file = $extension['file']; $extension_file = $extension['file'];
require_once (realpath ($extension['dir'] . "/" . $extension_file)); $path_extension = realpath ($extension['dir'] . "/" . $extension_file);
//--------------------------------------------------------------
//
// PHP BUG
//
// #66518 need some exceptions for php's include or require
//
// https://bugs.php.net/bug.php?id=66518
//--------------------------------------------------------------
//~ if ($process_login) {
//~ //Check the syntax for avoid PHP errors
//~ $output = null;
//~ $return_var = null;
//~ exec('php -l ' . $path_extension, $output, $return_code);
//~ if ($return_code !== 0) {
//~ // There is a error.
//~
//~ set_pandora_error_for_header(
//~ __('There are some errors in the PHP file of extension %s .', $extension_file));
//~ }
//~ else {
//~ require_once($path_extension);
//~ }
//~ }
//~ else {
require_once($path_extension);
//~ }
} }
} }

8
pandora_console/index.php
View File

@ -484,13 +484,18 @@ if (isset ($_GET["bye"])) {
exit ("</html>"); exit ("</html>");
} }
clear_pandora_error_for_header();
//----------------------------------------------------------------------
// EXTENSIONS
//----------------------------------------------------------------------
/** /**
* Load the basic configurations of extension and add extensions into menu. * Load the basic configurations of extension and add extensions into menu.
* Load here, because if not, some extensions not load well, I don't why. * Load here, because if not, some extensions not load well, I don't why.
*/ */
$config['logged'] = false; $config['logged'] = false;
extensions_load_extensions ($config['extensions']); extensions_load_extensions ($process_login);
if ($process_login) { if ($process_login) {
/* Call all extensions login function */ /* Call all extensions login function */
extensions_call_login_function (); extensions_call_login_function ();
@ -517,6 +522,7 @@ if ($process_login) {
$config['logged'] = true; $config['logged'] = true;
} }
//----------------------------------------------------------------------
//Get old parameters before navigation. //Get old parameters before navigation.
$old_sec = ''; $old_sec = '';