Issues (4069)

Security Analysis    not enabled

This project does not seem to handle request data directly as such no vulnerable execution paths were found.

  Cross-Site Scripting
Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.
  File Exposure
File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.
  File Manipulation
File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.
  Object Injection
Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.
  Code Injection
Code Injection enables an attacker to execute arbitrary code on the server.
  Response Splitting
Response Splitting can be used to send arbitrary responses.
  File Inclusion
File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.
  Command Injection
Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.
  SQL Injection
SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.
  XPath Injection
XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.
  LDAP Injection
LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.
  Header Injection
  Other Vulnerability
This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.
  Regex Injection
Regex Injection enables an attacker to execute arbitrary code in your PHP process.
  XML Injection
XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.
  Variable Injection
Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.
Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

modules/Administration/DiagnosticRun.php (2 issues)

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

1
<?php
2
if(!defined('sugarEntry') || !sugarEntry) die('Not A Valid Entry Point');
3
/*********************************************************************************
4
 * SugarCRM Community Edition is a customer relationship management program developed by
5
 * SugarCRM, Inc. Copyright (C) 2004-2013 SugarCRM Inc.
6
7
 * SuiteCRM is an extension to SugarCRM Community Edition developed by Salesagility Ltd.
8
 * Copyright (C) 2011 - 2014 Salesagility Ltd.
9
 *
10
 * This program is free software; you can redistribute it and/or modify it under
11
 * the terms of the GNU Affero General Public License version 3 as published by the
12
 * Free Software Foundation with the addition of the following permission added
13
 * to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED WORK
14
 * IN WHICH THE COPYRIGHT IS OWNED BY SUGARCRM, SUGARCRM DISCLAIMS THE WARRANTY
15
 * OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
16
 *
17
 * This program is distributed in the hope that it will be useful, but WITHOUT
18
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
19
 * FOR A PARTICULAR PURPOSE.  See the GNU Affero General Public License for more
20
 * details.
21
 *
22
 * You should have received a copy of the GNU Affero General Public License along with
23
 * this program; if not, see http://www.gnu.org/licenses or write to the Free
24
 * Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
25
 * 02110-1301 USA.
26
 *
27
 * You can contact SugarCRM, Inc. headquarters at 10050 North Wolfe Road,
28
 * SW2-130, Cupertino, CA 95014, USA. or at email address [email protected].
29
 *
30
 * The interactive user interfaces in modified source and object code versions
31
 * of this program must display Appropriate Legal Notices, as required under
32
 * Section 5 of the GNU Affero General Public License version 3.
33
 *
34
 * In accordance with Section 7(b) of the GNU Affero General Public License version 3,
35
 * these Appropriate Legal Notices must retain the display of the "Powered by
36
 * SugarCRM" logo and "Supercharged by SuiteCRM" logo. If the display of the logos is not
37
 * reasonably feasible for  technical reasons, the Appropriate Legal Notices must
38
 * display the words  "Powered by SugarCRM" and "Supercharged by SuiteCRM".
39
 ********************************************************************************/
40
41
42
43
44
require_once( 'include/utils/progress_bar_utils.php' );
45
require_once( 'include/utils/zip_utils.php' );
46
47
global $current_user;
48
49
50
if (!is_admin($current_user)) sugar_die("Unauthorized access to administration.");
51
if (isset($GLOBALS['sugar_config']['hide_admin_diagnostics']) && $GLOBALS['sugar_config']['hide_admin_diagnostics'])
52
{
53
    sugar_die("Unauthorized access to diagnostic tool.");
54
}
55
56
57
global $skip_md5_diff;
58
$skip_md5_diff = false;
59
60
set_time_limit(3600);
61
// get all needed globals
62
global $app_strings;
63
global $app_list_strings;
64
global $mod_strings;
65
66
global $theme;
67
68
69
global $db;
70
if(empty($db)) {
71
72
	$db = DBManagerFactory::getInstance();
73
}
74
75
global $current_user;
76
if(!is_admin($current_user)){
77
	die($mod_strings['LBL_DIAGNOSTIC_ACCESS']);
78
}
79
global $sugar_config;
80
global $beanFiles;
81
82
83
84
//get sugar version and flavor
85
global $sugar_version;
86
global $sugar_flavor;
87
88
89
//guid used for directory path
90
global $sod_guid;
91
$sod_guid = create_guid();
92
93
//GET CURRENT DATETIME STAMP TO USE IN FILENAME
94
global $curdatetime;
95
$curdatetime = date("Ymd-His");
96
97
98
global $progress_bar_percent;
99
$progress_bar_percent = 0;
100
global $totalweight;
101
$totalweight = 0;
102
global $totalitems;
103
$totalitems = 0;
104
global $currentitems;
105
$currentitems = 0;
106
define("CONFIG_WEIGHT", 1);
107
define("CUSTOM_DIR_WEIGHT", 1);
108
define("PHPINFO_WEIGHT", 1);
109
define("SQL_DUMPS_WEIGHT", 2);
110
define("SQL_SCHEMA_WEIGHT", 3);
111
define("SQL_INFO_WEIGHT", 1);
112
define("MD5_WEIGHT", 5);
113
define("BEANLISTBEANFILES_WEIGHT", 1);
114
define("SUGARLOG_WEIGHT", 2);
115
define("VARDEFS_WEIGHT", 2);
116
117
//THIS MUST CHANGE IF THE NUMBER OF DIRECTORIES TRAVERSED TO GET TO
118
//   THE DIAGNOSTIC CACHE DIR CHANGES
119
define("RETURN_FROM_DIAG_DIR", "../../../..");
120
121
global $getDumpsFrom;
122
$getDumpsFrom = Array();
123
124
global $cacheDir;
125
$cacheDir = "";
126
127
function sodUpdateProgressBar($itemweight){
128
    global $progress_bar_percent;
129
    global $totalweight;
130
    global $totalitems;
131
    global $currentitems;
132
133
    $currentitems++;
134
    if($currentitems == $totalitems)
135
      update_progress_bar("diagnostic", 100, 100);
136
    else
137
    {
138
      $progress_bar_percent += ($itemweight / $GLOBALS['totalweight'] * 100);
139
      update_progress_bar("diagnostic", $progress_bar_percent, 100);
140
    }
141
}
142
143
144
/**
145
 * Dump table as array
146
 * @param  $header string table header
147
 * @param  $values array list of values
148
 * @return string
149
 */
150
function array_as_table($header, $values)
151
{
152
    $contents = "<table border=\"0\" cellpadding=\"0\" class=\"tabDetailView\">";
153
    $keys = array();
154
    foreach($values as $field) {
155
        $keys = array_unique($keys + array_keys($field));
156
    }
157
    $cols = count($keys);
158
159
    $contents .= "<tr colspan=\"$cols\">$header</tr><tr>";
160
    foreach($keys as $key) {
161
       $contents .= "<th class=\"tabDetailViewDL\"><b>$key</b></th>";
162
    }
163
    $contents .= "</tr>";
164
    foreach($values as $field) {
165
        $contents .= "<tr>";
166
        foreach($field as $item) {
167
            if(is_array($item)) {
168
                $item = join(",", $item);
169
            }
170
            $contents .= "<td class=\"tabDetailViewDF\">$item</td>";
171
        }
172
        $contents .= "</tr>";
173
    }
174
    $contents .= "</table>";
175
    return $contents;
176
}
177
178
// expects a string containing the name of the table you would like to get the dump of
179
// expects there to already be a connection to the db and the 'use database_name' to be done
180
// returns a string containing (in html) the dump of all rows
181
function getFullTableDump($tableName){
182
183
	global $db;
184
185
    $cols = $db->get_columns($tableName);
186
    $indexes = $db->get_indices($tableName);
187
    $returnString = "";
188
    //setting up table header for each file
189
    $returnString .= array_as_table("{$db->dbName} $tableName Definitions:", $cols);
190
    $returnString .= array_as_table("{$db->dbName} $tableName Keys:", $indexes);
191
    $returnString .= "<BR><BR>";
192
193
    $def_count = count($cols);
194
195
	$td_result = $db->query("select * from ".$tableName);
196
    if(!$td_result) {
197
        return $db->lastError();
198
    }
199
    $returnString .= "<table border=\"0\" cellpadding=\"0\" class=\"tabDetailView\"><tr><th class=\"tabDetailViewDL\">#</th>";
200
    $fields = $db->getFieldsArray($td_result);
201
    foreach($fields as $field) {
202
        $returnString .= "<th class=\"tabDetailViewDL\">$field</th>";
203
204
    }
205
    $returnString .= "</tr>";
206
    $row_counter = 1;
207
	while($row = $db->fetchByAssoc($td_result))
208
	{
209
		$row = array_values($row);
210
		$returnString .= "<tr>";
211
		$returnString .= "<td class=\"tabDetailViewDL\">".$row_counter."</td>";
212
		for($counter = 0; $counter < $def_count; $counter++) {
213
            $replace_val = false;
214
			//perform this check when counter is set to two, which means it is on the 'value' column
215
			if($counter == 2) {
216
				//if the previous "name" column value was set to smtppass, set replace_val to true
217
				if(strcmp($row[$counter - 1], "smtppass") == 0  )
218
					$replace_val = true;
219
220
				//if the previous "name" column value was set to smtppass,
221
				//and the "category" value set to ldap, set replace_val to true
222
				if (strcmp($row[$counter - 2], "ldap") == 0 && strcmp($row[$counter - 1], "admin_password") == 0)
223
					$replace_val = true;
224
225
				//if the previous "name" column value was set to password,
226
				//and the "category" value set to proxy, set replace_val to true
227
				if(strcmp($row[$counter - 2], "proxy") == 0 && strcmp($row[$counter - 1], "password") == 0 )
228
					$replace_val = true;
229
			}
230
231
			if($replace_val) {
232
					$returnString .= "<td class=\"tabDetailViewDF\">********</td>";
233
            } else {
234
					$returnString .= "<td class=\"tabDetailViewDF\">".($row[$counter] == "" ? "&nbsp;" : $row[$counter])."</td>";
235
			}
236
	    }
237
        $row_counter++;
238
        $returnString .= "</tr>";
239
    }
240
	$returnString .= "</table>";
241
242
	return $returnString;
243
}
244
245
// Deletes the directory recursively
246
function deleteDir($dir)
247
{
248
   if (substr($dir, strlen($dir)-1, 1) != '/')
249
       $dir .= '/';
250
251
   if ($handle = opendir($dir))
252
   {
253
       while ($obj = readdir($handle))
254
       {
255
           if ($obj != '.' && $obj != '..')
256
           {
257
               if (is_dir($dir.$obj))
258
               {
259
                   if (!deleteDir($dir.$obj))
260
                       return false;
261
               }
262
               elseif (is_file($dir.$obj))
263
               {
264
                   if (!unlink($dir.$obj))
265
                       return false;
266
               }
267
           }
268
       }
269
270
       closedir($handle);
271
272
       if (!@rmdir($dir))
273
           return false;
274
       return true;
275
   }
276
   return false;
277
}
278
279
280
function prepareDiag()
281
{
282
	global $getDumpsFrom;
283
	global $cacheDir;
284
	global $curdatetime;
285
	global $progress_bar_percent;
286
	global $skip_md5_diff;
287
	global $sod_guid;
288
	global $mod_strings;
289
290
	echo getClassicModuleTitle(
291
        "Administration",
292
        array(
293
            "<a href='index.php?module=Administration&action=index'>{$mod_strings['LBL_MODULE_NAME']}</a>",
294
           translate('LBL_DIAGNOSTIC_TITLE')
295
           ),
296
        false
297
        );
298
	echo "<BR>";
299
	echo $mod_strings['LBL_DIAGNOSTIC_EXECUTING'];
300
	echo "<BR>";
301
302
303
	//determine if files.md5 exists or not
304
	if(file_exists('files.md5'))
305
		$skip_md5_diff = false;
306
	else
307
		$skip_md5_diff = true;
308
309
	// array of all tables that we need to pull rows from below
310
	$getDumpsFrom = array('config' => 'config',
311
	                      'fields_meta_data' => 'fields_meta_data',
312
	                      'upgrade_history' => 'upgrade_history',
313
	                      'versions' => 'versions',
314
	                      );
315
316
317
	//Creates the diagnostic directory in the cache directory
318
    $cacheDir = create_cache_directory("diagnostic/");
319
    $cacheDir = create_cache_directory("diagnostic/".$sod_guid);
320
    $cacheDir = create_cache_directory("diagnostic/".$sod_guid."/diagnostic".$curdatetime."/");
321
322
	display_progress_bar("diagnostic", $progress_bar_percent, 100);
323
324
	ob_flush();
325
}
326
327
function executesugarlog()
328
{
329
    //BEGIN COPY SUGARCRM.LOG
330
    //Copies the Sugarcrm log to our diagnostic directory
331
    global $cacheDir;
332
	require_once('include/SugarLogger/SugarLogger.php');
333
	$logger = new SugarLogger();
334
    if(!copy($logger->getLogFileNameWithPath(), $cacheDir.'/'.$logger->getLogFileName())) {
335
      echo "Couldn't copy suitecrm.log to cacheDir.<br>";
336
    }
337
    //END COPY SUGARCRM.LOG
338
339
    //UPDATING PROGRESS BAR
340
    sodUpdateProgressBar(SUGARLOG_WEIGHT);
341
}
342
343
function executephpinfo()
344
{
345
    //BEGIN GETPHPINFO
346
    //This gets phpinfo, writes to a buffer, then I write to phpinfo.html
347
    global $cacheDir;
348
349
    ob_start();
350
    phpinfo();
351
    $phpinfo = ob_get_contents();
352
    ob_clean();
353
354
    $handle = sugar_fopen($cacheDir."phpinfo.html", "w");
355
    if(fwrite($handle, $phpinfo) === FALSE){
356
      echo "Cannot write to file ".$cacheDir."phpinfo.html<br>";
357
    }
358
    fclose($handle);
359
    //END GETPHPINFO
360
361
    //UPDATING PROGRESS BAR
362
    sodUpdateProgressBar(PHPINFO_WEIGHT);
363
}
364
365
function executeconfigphp()
366
{
367
    //BEGIN COPY CONFIG.PHP
368
    //store db_password in temp var so we can get config.php w/o making anyone angry
369
    global $cacheDir;    global $sugar_config;
370
371
    $tempPass = $sugar_config['dbconfig']['db_password'];
372
    $sugar_config['dbconfig']['db_password'] = '********';
373
    //write config.php to a file
374
    write_array_to_file("Diagnostic", $sugar_config, $cacheDir."config.php");
375
    //restore db_password so everything still works
376
    $sugar_config['dbconfig']['db_password'] = $tempPass;
377
    //END COPY CONFIG.PHP
378
379
    //UPDATING PROGRESS BAR
380
    sodUpdateProgressBar(CONFIG_WEIGHT);
381
}
382
383
function execute_sql($getinfo, $getdumps, $getschema)
384
{
385
    //BEGIN GET DB INFO
386
    global $getDumpsFrom;
387
    global $curdatetime;
388
    global $sod_guid;
389
    global $db;
390
391
    $sqlInfoDir = create_cache_directory("diagnostic/".$sod_guid."/diagnostic".$curdatetime."/{$db->dbName}/");
392
393
394
    //create directory for table definitions
395
    if($getschema)
396
      $tablesSchemaDir = create_cache_directory("diagnostic/".$sod_guid."/diagnostic".$curdatetime."/{$db->dbName}/TableSchema/");
397
398
    //make sure they checked the box to get basic info
399
    if($getinfo)
400
    {
401
        $info = $db->getDbInfo();
402
        $content = '';
403
        if(!empty($info)) {
404
            foreach($info as $name => $value) {
405
                $content .= "$name: $value<BR>";
406
            }
407
        }
408
        if(!empty($content)) {
409
            file_put_contents($sqlInfoDir."{$db->dbName}-General-info.html", $content);
410
            sodUpdateProgressBar(SQL_INFO_WEIGHT);
411
        }
412
    }
413
414
    $style = '<style>
415
.tabDetailView
416
{
417
    border-bottom:2px solid;
418
    border-top:2px solid;
419
    margin-bottom:10px;
420
    margin-top:2px;
421
    border-bottom-color:#ABC3D7;
422
    border-top-color:#4E8CCF;
423
}
424
425
.tabDetailView td table td
426
{
427
    border: 0;
428
    background: white;
429
}
430
431
.tabDetailView tr.pagination td
432
{
433
    padding-top: 4px;
434
    padding-bottom: 4px;
435
    border-bottom:1px solid #CBDAE6;
436
}
437
438
.tabDetailView tr.pagination td table td
439
{
440
    border: none;
441
}
442
443
.tabDetailViewDL
444
{
445
    background-color:#F6F6F6;
446
    color:#000000;
447
    border-bottom:1px solid #CBDAE6;
448
    font-size:12px;
449
    padding:5px 6px;
450
    text-align:left;
451
    vertical-align:top;
452
}
453
454
.tabDetailViewDF
455
{
456
    background-color:#FFFFFF;
457
    color:#444444;
458
    border-bottom:1px solid #CBDAE6;
459
    font-size:12px;
460
    padding:5px 10px 5px 8px;
461
    vertical-align:top;
462
}
463
464
.listViewThS1
465
{
466
    background:#EBEBED none repeat scroll 0 0;
467
    border-color:#CCCCCC -moz-use-text-color;
468
    border-style:solid none;
469
    border-width:1px medium;
470
    font-size:11px;
471
    font-weight:bold;
472
    padding:4px 5px;
473
    text-align:left;
474
}
475
    </style>';
476
    if($getschema)
477
    {
478
        //BEGIN GET ALL TABLES SCHEMAS
479
        $all_tables = $db->getTablesArray();
480
481
        $contents = $style;
482
483
        foreach($all_tables as $tablename){
484
            $cols = $db->get_columns($tablename);
485
            $indexes = $db->get_indices($tablename);
486
			//setting up table header for each file
487
            $contents .= array_as_table("{$db->dbName} $tablename Definitions:", $cols);
488
            $contents .= array_as_table("{$db->dbName} $tablename Keys:", $indexes);
489
			$contents .= "<BR><BR>";
490
		}
491
492
        file_put_contents($tablesSchemaDir."{$db->dbName}TablesSchema.html", $contents);
493
		//END GET ALL TABLES SCHEMAS
494
		//BEGIN UPDATING PROGRESS BAR
495
		sodUpdateProgressBar(SQL_SCHEMA_WEIGHT);
496
		//END UPDATING PROGRESS BAR
497
    }
498
499
    if($getdumps)
500
    {
501
		//BEGIN GET TABLEDUMPS
502
		$tableDumpsDir = create_cache_directory("diagnostic/".$sod_guid."/diagnostic".$curdatetime."/{$db->dbName}/TableDumps/");
503
504
505
		foreach ($getDumpsFrom as $table)
506
		{
507
			//calling function defined above to get the string for dump
508
			$contents = $style .getFullTableDump($table);
509
            file_put_contents($tableDumpsDir.$table.".html", $contents);
510
		}
511
		//END GET TABLEDUMPS
512
		//BEGIN UPDATING PROGRESS BAR
513
		sodUpdateProgressBar(SQL_DUMPS_WEIGHT);
514
		//END UPDATING PROGRESS BAR
515
	}
516
    //END GET DB INFO
517
}
518
519
520
function executebeanlistbeanfiles()
521
{
522
    //BEGIN CHECK BEANLIST FILES ARE AVAILABLE
523
    global $cacheDir;
524
    global $beanList;
525
    global $beanFiles;
526
    global $mod_strings;
527
528
    ob_start();
529
530
    echo $mod_strings['LBL_DIAGNOSTIC_BEANLIST_DESC'];
531
    echo "<BR>";
532
    echo "<font color=green>";
533
    echo $mod_strings['LBL_DIAGNOSTIC_BEANLIST_GREEN'];
534
    echo "</font>";
535
    echo "<BR>";
536
    echo "<font color=orange>";
537
    echo $mod_strings['LBL_DIAGNOSTIC_BEANLIST_ORANGE'];
538
    echo "</font>";
539
    echo "<BR>";
540
    echo "<font color=red>";
541
    echo $mod_strings['LBL_DIAGNOSTIC_BEANLIST_RED'];
542
    echo "</font>";
543
    echo "<BR><BR>";
544
545
	foreach ($beanList as $beanz)
546
	{
547
		if(!isset($beanFiles[$beanz]))
548
		{
549
			echo "<font color=orange>NO! --- ".$beanz." is not an index in \$beanFiles</font><br>";
550
		}
551
		else
552
		{
553
			if(file_exists($beanFiles[$beanz]))
554
				echo "<font color=green>YES --- ".$beanz." file \"".$beanFiles[$beanz]."\" exists</font><br>";
555
			else
556
				echo "<font color=red>NO! --- ".$beanz." file \"".$beanFiles[$beanz]."\" does NOT exist</font><br>";
557
		}
558
	}
559
560
	$content = ob_get_contents();
561
	ob_clean();
562
563
	$handle = sugar_fopen($cacheDir."beanFiles.html", "w");
564
	if(fwrite($handle, $content) === FALSE){
565
    	echo "Cannot write to file ".$cacheDir."beanFiles.html<br>";
566
    }
567
    fclose($handle);
568
    //END CHECK BEANLIST FILES ARE AVAILABLE
569
    //BEGIN UPDATING PROGRESS BAR
570
    sodUpdateProgressBar(BEANLISTBEANFILES_WEIGHT);
571
    //END UPDATING PROGRESS BAR
572
}
573
574
function executecustom_dir()
575
{
576
    //BEGIN ZIP AND SAVE CUSTOM DIRECTORY
577
    global $cacheDir;
578
579
    zip_dir("custom", $cacheDir."custom_directory.zip");
580
    //END ZIP AND SAVE CUSTOM DIRECTORY
581
    //BEGIN UPDATING PROGRESS BAR
582
    sodUpdateProgressBar(CUSTOM_DIR_WEIGHT);
583
    //END UPDATING PROGRESS BAR
584
}
585
586
function executemd5($filesmd5, $md5calculated)
587
{
588
	//BEGIN ALL MD5 CHECKS
589
	global $curdatetime;
590
	global $skip_md5_diff;
591
	global $sod_guid;
592
	if(file_exists('files.md5'))
593
        include( 'files.md5');
594
	//create dir for md5s
595
	$md5_directory = create_cache_directory("diagnostic/".$sod_guid."/diagnostic".$curdatetime."/md5/");
596
597
	//skip this if the files.md5 didn't exist
598
	if(!$skip_md5_diff)
599
	{
600
		//make sure the files.md5
601
		if($filesmd5)
602
			if(!copy('files.md5', $md5_directory."files.md5"))
603
				echo "Couldn't copy files.md5 to ".$md5_directory."<br>Skipping md5 checks.<br>";
604
	}
605
606
	$md5_string_calculated = generateMD5array('./');
607
608
	if($md5calculated)
609
		write_array_to_file('md5_string_calculated', $md5_string_calculated, $md5_directory."md5_array_calculated.php");
610
611
612
	//if the files.md5 didn't exist, we can't do this
613
	if(!$skip_md5_diff)
614
	{
615
		$md5_string_diff = array_diff($md5_string_calculated, $md5_string);
0 ignored issues
show
The variable $md5_string does not exist. Did you mean $md5_string_calculated?

This check looks for variables that are accessed but have not been defined. It raises an issue if it finds another variable that has a similar name.

The variable may have been renamed without also renaming all references.

Loading history...
616
617
		write_array_to_file('md5_string_diff', $md5_string_diff, $md5_directory."md5_array_diff.php");
618
	}
619
	//END ALL MD5 CHECKS
620
    //BEGIN UPDATING PROGRESS BAR
621
    sodUpdateProgressBar(MD5_WEIGHT);
622
    //END UPDATING PROGRESS BAR
623
}
624
625
function executevardefs()
626
{
627
    //BEGIN DUMP OF SUGAR SCHEMA (VARDEFS)
628
629
    //END DUMP OF SUGAR SCHEMA (VARDEFS)
630
    //BEGIN UPDATING PROGRESS BAR
631
    //This gets the vardefs, writes to a buffer, then I write to vardefschema.html
632
    global $cacheDir;
633
    global $beanList;
634
    global $beanFiles;
635
    global $dictionary;
636
    global $sugar_version;
637
    global $sugar_db_version;
638
    global $sugar_flavor;
639
640
    ob_start();
641
    foreach ( $beanList as $beanz ) {
642
      // echo "Module: ".$beanz."<br>";
643
644
	$path_parts = pathinfo( $beanFiles[ $beanz ] );
645
	$vardefFileName = $path_parts[ 'dirname' ]."/vardefs.php";
646
	  if( file_exists( $vardefFileName )) {
0 ignored issues
show
This if statement is empty and can be removed.

This check looks for the bodies of if statements that have no statements or where all statements have been commented out. This may be the result of changes for debugging or the code may simply be obsolete.

These if bodies can be removed. If you have an empty if but statements in the else branch, consider inverting the condition.

if (rand(1, 6) > 3) {
//print "Check failed";
} else {
    print "Check succeeded";
}

could be turned into

if (rand(1, 6) <= 3) {
    print "Check succeeded";
}

This is much more concise to read.

Loading history...
647
	    // echo "<br>".$vardefFileName."<br>";
648
      }
649
      include_once( $vardefFileName );
650
    }
651
652
    echo "<html lang='en'>";
653
    echo "<BODY>";
654
    echo "<H1>Schema listing based on vardefs</H1>";
655
    echo "<P>Sugar version:  ".$sugar_version." / Sugar DB version:  ".$sugar_db_version." / Sugar flavor:  ".$sugar_flavor;
656
    echo "</P>";
657
658
    echo "<style> th { text-align: left; } </style>";
659
660
    $tables = array();
661
    foreach($dictionary as $vardef) {
662
	$tables[] = $vardef['table'];
663
	$fields[$vardef['table']] = $vardef['fields'];
664
	$comments[$vardef['table']] = $vardef['comment'];
665
    }
666
667
    asort($tables);
668
669
    foreach($tables as $t) {
670
	$name = $t;
671
	if ( $name == "does_not_exist" )
672
	  continue;
673
	$comment = $comments[$t];
674
	echo "<h2>Table: $t</h2>
675
		<p><i>{$comment}</i></p>";
676
	echo "<table border=\"0\" cellpadding=\"3\" class=\"tabDetailView\">";
677
	echo '<TR BGCOLOR="#DFDFDF">
678
		<TD NOWRAP ALIGN=left class=\"tabDetailViewDL\">Column</TD>
679
		<TD NOWRAP class=\"tabDetailViewDL\">Type</TD>
680
		<TD NOWRAP class=\"tabDetailViewDL\">Length</TD>
681
		<TD NOWRAP class=\"tabDetailViewDL\">Required</TD>
682
		<TD NOWRAP class=\"tabDetailViewDL\">Comment</TD>
683
	</TR>';
684
685
	ksort( $fields[ $t ] );
686
687
	foreach($fields[$t] as $k => $v) {
688
	  // we only care about physical tables ('source' can be 'non-db' or 'nondb' or 'function' )
689
	  if ( isset( $v[ 'source' ] ))
690
	    continue;
691
	  $columnname = $v[ 'name' ];
692
	  $columntype = $v[ 'type' ];
693
	  $columndbtype = $v[ 'dbType' ];
694
	  $columnlen = $v[ 'len' ];
695
	  $columncomment = $v[ 'comment' ];
696
	  $columnrequired = $v[ 'required' ];
697
698
	  if ( empty( $columnlen ) ) $columnlen = '<i>n/a</i>';
699
	  if ( empty( $columncomment ) ) $columncomment = '<i>(none)</i>';
700
	  if ( !empty( $columndbtype ) ) $columntype = $columndbtype;
701
	  if ( empty( $columnrequired ) || ( $columnrequired == false ))
702
	    $columndisplayrequired = 'no';
703
	  else
704
	    $columndisplayrequired = 'yes';
705
706
	  echo '<TR BGCOLOR="#FFFFFF" ALIGN=left>
707
			<TD ALIGN=left class=\"tabDetailViewDF\">'.$columnname.'</TD>
708
	  		<TD NOWRAP class=\"tabDetailViewDF\">'.$columntype.'</TD>
709
			<TD NOWRAP class=\"tabDetailViewDF\">'.$columnlen.'</TD>
710
			<TD NOWRAP class=\"tabDetailViewDF"\">'.$columndisplayrequired.'</TD>
711
			<TD WRAP class=\"tabDetailViewDF\">'.$columncomment.'</TD></TR>';
712
	}
713
714
	echo "</table></p>";
715
    }
716
717
    echo "</body></html>";
718
719
    $vardefFormattedOutput = ob_get_contents();
720
    ob_clean();
721
722
    $handle = sugar_fopen($cacheDir."vardefschema.html", "w");
723
    if(fwrite($handle, $vardefFormattedOutput) === FALSE){
724
      echo "Cannot write to file ".$cacheDir."vardefschema.html<br>";
725
    }
726
    fclose($handle);
727
    sodUpdateProgressBar(VARDEFS_WEIGHT);
728
    //END UPDATING PROGRESS BAR
729
}
730
731
function finishDiag(){
732
	//BEGIN ZIP ALL FILES AND EXTRACT IN CACHE ROOT
733
	global $cacheDir;
734
	global $curdatetime;
735
	global $sod_guid;
736
	global $mod_strings;
737
738
	chdir($cacheDir);
739
	zip_dir(".", "../diagnostic".$curdatetime.".zip");
740
	//END ZIP ALL FILES AND EXTRACT IN CACHE ROOT
741
	chdir(RETURN_FROM_DIAG_DIR);
742
743
	deleteDir($cacheDir);
744
	
745
	
746
	print "<a href=\"index.php?module=Administration&action=DiagnosticDownload&guid=$sod_guid&time=$curdatetime&to_pdf=1\">".$mod_strings['LBL_DIAGNOSTIC_DOWNLOADLINK']."</a><BR>";
747
748
	print "<a href=\"index.php?module=Administration&action=DiagnosticDelete&file=diagnostic".$curdatetime."&guid=".$sod_guid."\">".$mod_strings['LBL_DIAGNOSTIC_DELETELINK']."</a><br>";
749
750
}
751
752
//BEGIN check for what we are executing
753
$doconfigphp = ((empty($_POST['configphp']) || $_POST['configphp'] == 'off') ? false : true);
754
$docustom_dir = ((empty($_POST['custom_dir']) || $_POST['custom_dir'] == 'off') ? false : true);
755
$dophpinfo = ((empty($_POST['phpinfo']) || $_POST['phpinfo'] == 'off') ? false : true);
756
$domysql_dumps = ((empty($_POST['mysql_dumps']) || $_POST['mysql_dumps'] == 'off') ? false : true);
757
$domysql_schema = ((empty($_POST['mysql_schema']) || $_POST['mysql_schema'] == 'off') ? false : true);
758
$domysql_info = ((empty($_POST['mysql_info']) || $_POST['mysql_info'] == 'off') ? false : true);
759
$domd5 = ((empty($_POST['md5']) || $_POST['md5'] == 'off') ? false : true);
760
$domd5filesmd5 = ((empty($_POST['md5filesmd5']) || $_POST['md5filesmd5'] == 'off') ? false : true);
761
$domd5calculated = ((empty($_POST['md5calculated']) || $_POST['md5calculated'] == 'off') ? false : true);
762
$dobeanlistbeanfiles = ((empty($_POST['beanlistbeanfiles']) || $_POST['beanlistbeanfiles'] == 'off') ? false : true);
763
$dosugarlog = ((empty($_POST['sugarlog']) || $_POST['sugarlog'] == 'off') ? false : true);
764
$dovardefs = ((empty($_POST['vardefs']) || $_POST['vardefs'] == 'off') ? false : true);
765
//END check for what we are executing
766
767
768
//BEGIN items to calculate progress bar
769
$totalitems = 0;
770
$totalweight = 0;
771
if($doconfigphp) {$totalweight += CONFIG_WEIGHT; $totalitems++;}
772
if($docustom_dir) {$totalweight += CUSTOM_DIR_WEIGHT; $totalitems++;}
773
if($dophpinfo) {$totalweight += PHPINFO_WEIGHT; $totalitems++;}
774
if($domysql_dumps) {$totalweight += SQL_DUMPS_WEIGHT; $totalitems++;}
775
if($domysql_schema) {$totalweight += SQL_SCHEMA_WEIGHT; $totalitems++;}
776
if($domysql_info) {$totalweight += SQL_INFO_WEIGHT; $totalitems++;}
777
if($domd5) {$totalweight += MD5_WEIGHT; $totalitems++;}
778
if($dobeanlistbeanfiles) {$totalweight += BEANLISTBEANFILES_WEIGHT; $totalitems++;}
779
if($dosugarlog) {$totalweight += SUGARLOG_WEIGHT; $totalitems++;}
780
if($dovardefs) {$totalweight += VARDEFS_WEIGHT; $totalitems++;}
781
//END items to calculate progress bar
782
783
//prepare initial steps
784
prepareDiag();
785
786
787
if($doconfigphp)
788
{
789
  echo $mod_strings['LBL_DIAGNOSTIC_GETCONFPHP']."<BR>";
790
  executeconfigphp();
791
  echo $mod_strings['LBL_DIAGNOSTIC_DONE']."<BR><BR>";
792
}
793
if($docustom_dir)
794
{
795
  echo $mod_strings['LBL_DIAGNOSTIC_GETCUSTDIR']."<BR>";
796
  executecustom_dir();
797
  echo $mod_strings['LBL_DIAGNOSTIC_DONE']."<BR><BR>";
798
}
799
if($dophpinfo)
800
{
801
  echo $mod_strings['LBL_DIAGNOSTIC_GETPHPINFO']."<BR>";
802
  executephpinfo();
803
  echo $mod_strings['LBL_DIAGNOSTIC_DONE']."<BR><BR>";
804
}
805
if($domysql_info || $domysql_dumps || $domysql_schema)
806
{
807
  echo $mod_strings['LBL_DIAGNOSTIC_GETTING'].
808
                 ($domysql_info ? "... ".$mod_strings['LBL_DIAGNOSTIC_GETMYSQLINFO'] : " ").
809
                 ($domysql_dumps ? "... ".$mod_strings['LBL_DIAGNOSTIC_GETMYSQLTD'] : " ").
810
                 ($domysql_schema ? "... ".$mod_strings['LBL_DIAGNOSTIC_GETMYSQLTS'] : "...").
811
                 "<BR>";
812
  execute_sql($domysql_info, $domysql_dumps, $domysql_schema);
813
  echo $mod_strings['LBL_DIAGNOSTIC_DONE']."<BR><BR>";
814
}
815
if($domd5)
816
{
817
  echo $mod_strings['LBL_DIAGNOSTIC_GETMD5INFO']."<BR>";
818
  executemd5($domd5filesmd5, $domd5calculated);
819
  echo $mod_strings['LBL_DIAGNOSTIC_DONE']."<BR><BR>";
820
}
821
if($dobeanlistbeanfiles)
822
{
823
  echo $mod_strings['LBL_DIAGNOSTIC_GETBEANFILES']."<BR>";
824
  executebeanlistbeanfiles();
825
  echo $mod_strings['LBL_DIAGNOSTIC_DONE']."<BR><BR>";
826
}
827
if($dosugarlog)
828
{
829
  echo $mod_strings['LBL_DIAGNOSTIC_GETSUGARLOG']."<BR>";
830
  executesugarlog();
831
  echo $mod_strings['LBL_DIAGNOSTIC_DONE']."<BR><BR>";
832
}
833
if($dovardefs)
834
{
835
  echo $mod_strings['LBL_DIAGNOSTIC_VARDEFS']."<BR>";
836
  executevardefs();
837
  echo $mod_strings['LBL_DIAGNOSTIC_DONE']."<BR><BR>";
838
}
839
840
//finish up the last steps
841
finishDiag();
842
843
?>
844