1
|
|
|
<?php |
2
|
|
|
/** |
3
|
|
|
* /classes/DomainMOD/System.php |
4
|
|
|
* |
5
|
|
|
* This file is part of DomainMOD, an open source domain and internet asset manager. |
6
|
|
|
* Copyright (c) 2010-2018 Greg Chetcuti <[email protected]> |
7
|
|
|
* |
8
|
|
|
* Project: http://domainmod.org Author: http://chetcuti.com |
9
|
|
|
* |
10
|
|
|
* DomainMOD is free software: you can redistribute it and/or modify it under the terms of the GNU General Public |
11
|
|
|
* License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later |
12
|
|
|
* version. |
13
|
|
|
* |
14
|
|
|
* DomainMOD is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied |
15
|
|
|
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. |
16
|
|
|
* |
17
|
|
|
* You should have received a copy of the GNU General Public License along with DomainMOD. If not, see |
18
|
|
|
* http://www.gnu.org/licenses/. |
19
|
|
|
* |
20
|
|
|
*/ |
21
|
|
|
//@formatter:off |
22
|
|
|
namespace DomainMOD; |
23
|
|
|
|
24
|
|
|
class System |
25
|
|
|
{ |
26
|
|
|
public $deeb; |
27
|
|
|
public $log; |
28
|
|
|
public $layout; |
29
|
|
|
|
30
|
|
|
public function __construct() |
31
|
|
|
{ |
32
|
|
|
$this->deeb = Database::getInstance(); |
33
|
|
|
$this->log = new Log('class.system'); |
34
|
|
|
$this->layout = new Layout(); |
35
|
|
|
} |
36
|
|
|
|
37
|
|
|
public function getRequirements() |
38
|
|
|
{ |
39
|
|
|
// SERVER SOFTWARE |
40
|
|
|
$req_text .= 'Server Software: '; |
|
|
|
|
41
|
|
|
$req_html .= '<STRONG>Server Software</STRONG><BR>'; |
|
|
|
|
42
|
|
|
|
43
|
|
|
// PHP |
44
|
|
|
$software = 'PHP v5.3.2+'; |
45
|
|
|
$min_php_version = '5.3.2'; |
46
|
|
|
$installed_php_version = phpversion(); |
|
|
|
|
47
|
|
|
|
48
|
|
|
if ($installed_php_version >= $min_php_version) { |
49
|
|
|
|
50
|
|
|
$req_text .= $software . ': Pass, '; |
51
|
|
|
$req_html .= $software . ': ' . $this->layout->highlightText('green', 'Pass') . '<BR>'; |
52
|
|
|
|
53
|
|
|
} else { |
54
|
|
|
|
55
|
|
|
$req_text .= $software . ': Fail, '; |
56
|
|
|
$req_html .= $software . ': ' . $this->layout->highlightText('red', 'Fail') . '<BR>'; |
57
|
|
|
|
58
|
|
|
} |
59
|
|
|
|
60
|
|
|
// MySQL |
61
|
|
|
$software = 'MySQL'; |
62
|
|
|
if (extension_loaded('pdo_mysql')) { |
63
|
|
|
|
64
|
|
|
$req_text .= $software . ': Pass'; |
65
|
|
|
$req_html .= $software . ': ' . $this->layout->highlightText('green', 'Pass') . '<BR>'; |
66
|
|
|
|
67
|
|
|
} else { |
68
|
|
|
|
69
|
|
|
$req_text .= $software . ': Fail'; |
70
|
|
|
$req_html .= $software . ': ' . $this->layout->highlightText('red', 'Fail') . '<BR>'; |
71
|
|
|
|
72
|
|
|
} |
73
|
|
|
|
74
|
|
|
// PHP Extensions |
75
|
|
|
$req_text .= ' / PHP Extensions: '; |
76
|
|
|
$req_html .= '<BR><STRONG>PHP Extensions</STRONG><BR>'; |
77
|
|
|
|
78
|
|
|
$extensions = array('pdo_mysql' => 'PDO (MySQL)', |
79
|
|
|
'curl' => 'cURL', |
80
|
|
|
'openssl' => 'OpenSSL'); |
81
|
|
|
|
82
|
|
View Code Duplication |
foreach ($extensions as $key => $value) { |
83
|
|
|
|
84
|
|
|
if (extension_loaded($key)) { |
85
|
|
|
|
86
|
|
|
$req_text .= $value . ': Enabled, '; |
87
|
|
|
$req_html .= $value . ': ' . $this->layout->highlightText('green', 'Enabled') . '<BR>'; |
88
|
|
|
|
89
|
|
|
} else { |
90
|
|
|
|
91
|
|
|
$req_text .= $value . ': Disabled, '; |
92
|
|
|
$req_html .= $value . ': ' . $this->layout->highlightText('red', 'Disabled') . '<BR>'; |
93
|
|
|
|
94
|
|
|
} |
95
|
|
|
|
96
|
|
|
} |
97
|
|
|
|
98
|
|
|
$req_text = substr($req_text, 0, -2); |
99
|
|
|
|
100
|
|
|
// PHP SETTINGS |
101
|
|
|
$req_text .= ' / PHP Settings: '; |
102
|
|
|
$req_html .= '<BR><STRONG>PHP Settings</STRONG><BR>'; |
103
|
|
|
|
104
|
|
|
$settings = array('allow_url_fopen'); |
105
|
|
|
|
106
|
|
View Code Duplication |
foreach ($settings as $value) { |
107
|
|
|
|
108
|
|
|
if (ini_get($value)) { |
109
|
|
|
|
110
|
|
|
$req_text .= $value . ': Enabled, '; |
111
|
|
|
$req_html .= $value . ': ' . $this->layout->highlightText('green', 'Enabled') . '<BR>'; |
112
|
|
|
|
113
|
|
|
} else { |
114
|
|
|
|
115
|
|
|
$req_text .= $value . ': Disabled, '; |
116
|
|
|
$req_html .= $value . ': ' . $this->layout->highlightText('red', 'Disabled') . '<BR>'; |
117
|
|
|
|
118
|
|
|
} |
119
|
|
|
|
120
|
|
|
} |
121
|
|
|
|
122
|
|
|
$req_text = substr($req_text, 0, -2); |
123
|
|
|
|
124
|
|
|
return array($req_text, $req_html); |
125
|
|
|
} |
126
|
|
|
|
127
|
|
|
public function installMode() |
128
|
|
|
{ |
129
|
|
|
$result = $this->checkForSettingsTable(); |
130
|
|
|
$install_mode = !$result ? 1 : 0; |
131
|
|
|
return $install_mode; |
132
|
|
|
} |
133
|
|
|
|
134
|
|
|
public function checkForSettingsTable() |
135
|
|
|
{ |
136
|
|
|
return $this->deeb->cnxx->query("SHOW TABLES LIKE 'settings'")->fetchColumn(); |
137
|
|
|
} |
138
|
|
|
|
139
|
|
|
public function checkVersion($current_version) |
140
|
|
|
{ |
141
|
|
|
$pdo = $this->deeb->cnxx; |
142
|
|
|
$live_version = $this->getLiveVersion(); |
143
|
|
|
|
144
|
|
|
if ($current_version < $live_version && $live_version != '') { |
145
|
|
|
|
146
|
|
|
$pdo->query("UPDATE settings SET upgrade_available = '1'"); |
147
|
|
|
$_SESSION['s_system_upgrade_available'] = '1'; |
148
|
|
|
$message = $this->getUpgradeMessage(); |
149
|
|
|
|
150
|
|
|
} else { |
151
|
|
|
|
152
|
|
|
$pdo->query("UPDATE settings SET upgrade_available = '0'"); |
153
|
|
|
$_SESSION['s_system_upgrade_available'] = '0'; |
154
|
|
|
$message = 'No Upgrade Available'; |
155
|
|
|
|
156
|
|
|
} |
157
|
|
|
return $message; |
158
|
|
|
} |
159
|
|
|
|
160
|
|
|
public function getLiveVersion() |
161
|
|
|
{ |
162
|
|
|
$version_file = 'https://raw.githubusercontent.com/domainmod/domainmod/master/version.txt'; |
163
|
|
|
return $this->getFileContents('Get Live Version', 'error', $version_file); |
164
|
|
|
} |
165
|
|
|
|
166
|
|
|
public function getDbVersion() |
167
|
|
|
{ |
168
|
|
|
return $this->deeb->cnxx->query(" |
169
|
|
|
SELECT db_version |
170
|
|
|
FROM settings")->fetchColumn(); |
171
|
|
|
} |
172
|
|
|
|
173
|
|
|
public function getUpgradeMessage() |
174
|
|
|
{ |
175
|
|
|
return "A new version of DomainMOD is available for download. <a target=\"_blank\" |
176
|
|
|
href=\"http://domainmod.org/upgrade/\">Click here for upgrade instructions</a>.<BR>"; |
177
|
|
|
} |
178
|
|
|
|
179
|
|
|
public function pageTitle($page_title) |
180
|
|
|
{ |
181
|
|
|
return SOFTWARE_TITLE . ' :: ' . $page_title; |
182
|
|
|
} |
183
|
|
|
|
184
|
|
|
public function checkExistingAssets() |
185
|
|
|
{ |
186
|
|
|
$queryB = new QueryBuild(); |
187
|
|
|
|
188
|
|
|
$sql = $queryB->singleAsset('registrars'); |
189
|
|
|
$_SESSION['s_has_registrar'] = $this->checkForRows($sql); |
190
|
|
|
$sql = $queryB->singleAsset('registrar_accounts'); |
191
|
|
|
$_SESSION['s_has_registrar_account'] = $this->checkForRows($sql); |
192
|
|
|
$sql = $queryB->singleAsset('domains'); |
193
|
|
|
$_SESSION['s_has_domain'] = $this->checkForRows($sql); |
194
|
|
|
$sql = $queryB->singleAsset('ssl_providers'); |
195
|
|
|
$_SESSION['s_has_ssl_provider'] = $this->checkForRows($sql); |
196
|
|
|
$sql = $queryB->singleAsset('ssl_accounts'); |
197
|
|
|
$_SESSION['s_has_ssl_account'] = $this->checkForRows($sql); |
198
|
|
|
$sql = $queryB->singleAsset('ssl_certs'); |
199
|
|
|
$_SESSION['s_has_ssl_cert'] = $this->checkForRows($sql); |
200
|
|
|
} |
201
|
|
|
|
202
|
|
|
public function checkForRows($sql) |
203
|
|
|
{ |
204
|
|
|
$result = $this->deeb->cnxx->query($sql)->fetchColumn(); |
205
|
|
|
if (!$result) { |
206
|
|
|
return '0'; |
207
|
|
|
} else { |
208
|
|
|
return '1'; |
209
|
|
|
} |
210
|
|
|
} |
211
|
|
|
|
212
|
|
|
public function authCheck() |
213
|
|
|
{ |
214
|
|
|
if ($_SESSION['s_is_logged_in'] != 1) { |
215
|
|
|
$_SESSION['s_user_redirect'] = $_SERVER["REQUEST_URI"]; |
216
|
|
|
$_SESSION['s_message_danger'] .= 'You must be logged in to access this area<BR>'; |
217
|
|
|
header('Location: ' . WEB_ROOT . '/'); |
218
|
|
|
exit; |
219
|
|
|
} |
220
|
|
|
} |
221
|
|
|
|
222
|
|
|
public function installCheck() |
223
|
|
|
{ |
224
|
|
|
if ($this->installMode() === 0) { |
225
|
|
|
$_SESSION['s_message_danger'] .= SOFTWARE_TITLE . " is already installed<BR><BR>You should delete the /install/ folder<BR>"; |
226
|
|
|
header('Location: ' . WEB_ROOT . '/'); |
227
|
|
|
exit; |
228
|
|
|
} |
229
|
|
|
} |
230
|
|
|
|
231
|
|
|
public function readOnlyCheck($redirect_url) |
232
|
|
|
{ |
233
|
|
|
if ($_SESSION['s_read_only'] == '1') { |
234
|
|
|
$_SESSION['s_message_danger'] .= "You are not authorized to perform that action<BR>"; |
235
|
|
|
$temp_redirect_url = urlencode($redirect_url); |
236
|
|
|
header('Location: ' . $temp_redirect_url); |
237
|
|
|
exit; |
238
|
|
|
} |
239
|
|
|
} |
240
|
|
|
|
241
|
|
|
public function loginCheck() |
242
|
|
|
{ |
243
|
|
|
if ($_SESSION['s_is_logged_in'] == 1) { |
244
|
|
|
header('Location: ' . WEB_ROOT . '/dashboard/'); |
245
|
|
|
exit; |
246
|
|
|
} |
247
|
|
|
} |
248
|
|
|
|
249
|
|
|
public function checkAdminUser($is_admin) |
250
|
|
|
{ |
251
|
|
|
if ($is_admin !== 1) { |
252
|
|
|
header('Location: ' . WEB_ROOT . "/invalid.php"); |
253
|
|
|
exit; |
254
|
|
|
} |
255
|
|
|
} |
256
|
|
|
|
257
|
|
|
public function getDebugMode() |
258
|
|
|
{ |
259
|
|
|
$pdo = $this->deeb->cnxx; |
260
|
|
|
$result = $this->checkForSettingsTable(); |
261
|
|
|
if (!$result) return '0'; |
262
|
|
|
$stmt = $pdo->query("SHOW COLUMNS FROM `settings` LIKE 'debug_mode'"); |
263
|
|
|
if ($stmt === false) return '0'; |
264
|
|
|
$result = $stmt->fetchColumn(); |
265
|
|
|
if (!$result) { |
266
|
|
|
return '0'; |
267
|
|
|
} else { |
268
|
|
|
return $pdo->query("SELECT debug_mode FROM settings")->fetchColumn(); |
269
|
|
|
} |
270
|
|
|
} |
271
|
|
|
|
272
|
|
|
public function showMessageSuccess($result_message) |
273
|
|
|
{ |
274
|
|
|
ob_start(); ?> |
275
|
|
|
<BR> |
276
|
|
|
<div class="alert alert-success alert-dismissible"> |
277
|
|
|
<?php /* ?> |
278
|
|
|
<button type="button" class="close" data-dismiss="alert" aria-hidden="true">×</button> |
279
|
|
|
<?php */ ?> |
280
|
|
|
<h4><i class="icon fa fa-check"></i> Success</h4> |
281
|
|
|
<?php echo $result_message; ?> |
282
|
|
|
</div><?php |
283
|
|
|
return ob_get_clean(); |
284
|
|
|
} |
285
|
|
|
|
286
|
|
|
public function showMessageDanger($result_message) |
287
|
|
|
{ |
288
|
|
|
ob_start(); ?> |
289
|
|
|
<BR> |
290
|
|
|
<div class="alert alert-danger alert-dismissible"> |
291
|
|
|
<h4><i class="icon fa fa-exclamation-circle"></i> Alert!</h4> |
292
|
|
|
<?php echo $result_message; ?> |
293
|
|
|
</div><?php |
294
|
|
|
return ob_get_clean(); |
295
|
|
|
} |
296
|
|
|
|
297
|
|
|
public function showMaintenanceTable($result_message) |
298
|
|
|
{ |
299
|
|
|
ob_start(); ?> |
300
|
|
|
<BR> |
301
|
|
|
<div class="alert alert-warning alert-dismissible"> |
302
|
|
|
<h4><i class="icon fa fa-exclamation-triangle"></i> Attention Required!</h4> |
303
|
|
|
<?php echo $result_message; ?> |
304
|
|
|
</div><?php |
305
|
|
|
return ob_get_clean(); |
306
|
|
|
} |
307
|
|
|
|
308
|
|
|
public function showDebugTable($result_message) |
309
|
|
|
{ |
310
|
|
|
ob_start(); ?> |
311
|
|
|
<BR> |
312
|
|
|
<div class="alert alert-info alert-dismissible bg-aqua-active"> |
313
|
|
|
<h4><i class="icon fa fa-info-circle"></i> Info</h4> |
314
|
|
|
<?php echo $result_message; ?> |
315
|
|
|
</div><?php |
316
|
|
|
return ob_get_clean(); |
317
|
|
|
} |
318
|
|
|
|
319
|
|
View Code Duplication |
public function getCreationType($creation_type_id) |
320
|
|
|
{ |
321
|
|
|
$pdo = $this->deeb->cnxx; |
322
|
|
|
$stmt = $pdo->prepare(" |
323
|
|
|
SELECT `name` |
324
|
|
|
FROM creation_types |
325
|
|
|
WHERE id = :creation_type_id"); |
326
|
|
|
$stmt->bindValue('creation_type_id', $creation_type_id, \PDO::PARAM_INT); |
327
|
|
|
$stmt->execute(); |
328
|
|
|
$result = $stmt->fetchColumn(); |
329
|
|
|
|
330
|
|
|
if (!$result) { |
331
|
|
|
|
332
|
|
|
$log_message = 'Unable to retrieve creation type'; |
333
|
|
|
$log_extra = array('Creation Type ID' => $creation_type_id); |
334
|
|
|
$this->log->critical($log_message, $log_extra); |
335
|
|
|
return $log_message; |
336
|
|
|
|
337
|
|
|
} else { |
338
|
|
|
|
339
|
|
|
return $result; |
340
|
|
|
|
341
|
|
|
} |
342
|
|
|
} |
343
|
|
|
|
344
|
|
View Code Duplication |
public function getCreationTypeId($creation_type) |
345
|
|
|
{ |
346
|
|
|
$pdo = $this->deeb->cnxx; |
347
|
|
|
$stmt = $pdo->prepare(" |
348
|
|
|
SELECT id |
349
|
|
|
FROM creation_types |
350
|
|
|
WHERE `name` = :creation_type"); |
351
|
|
|
$stmt->bindValue('creation_type', $creation_type, \PDO::PARAM_STR); |
352
|
|
|
$stmt->execute(); |
353
|
|
|
$result = $stmt->fetchColumn(); |
354
|
|
|
|
355
|
|
|
if (!$result) { |
356
|
|
|
|
357
|
|
|
$log_message = 'Unable to retrieve creation type ID'; |
358
|
|
|
$log_extra = array('Creation Type' => $creation_type, 'Result' => $result); |
359
|
|
|
$this->log->critical($log_message, $log_extra); |
360
|
|
|
return $log_message; |
361
|
|
|
|
362
|
|
|
} else { |
363
|
|
|
|
364
|
|
|
return $result; |
365
|
|
|
|
366
|
|
|
} |
367
|
|
|
} |
368
|
|
|
|
369
|
|
|
public function getFileContents($file_title, $log_severity, $filename) |
370
|
|
|
{ |
371
|
|
|
|
372
|
|
|
if (ini_get('allow_url_fopen') && extension_loaded('openssl')) { |
373
|
|
|
|
374
|
|
|
$context = stream_context_create(array('https' => array('header' => 'Connection: close\r\n'))); |
375
|
|
|
$get_file_contents = file_get_contents($filename, false, $context); |
376
|
|
|
$file_contents = $get_file_contents; |
377
|
|
|
|
378
|
|
|
} elseif (extension_loaded('curl')) { |
379
|
|
|
|
380
|
|
|
$handle = curl_init(); |
381
|
|
|
curl_setopt($handle, CURLOPT_RETURNTRANSFER, true); |
382
|
|
|
curl_setopt($handle, CURLOPT_SSL_VERIFYHOST, false); |
383
|
|
|
curl_setopt($handle, CURLOPT_SSL_VERIFYPEER, false); |
384
|
|
|
curl_setopt($handle, CURLOPT_URL, $filename); |
385
|
|
|
$result = curl_exec($handle); |
386
|
|
|
curl_close($handle); |
387
|
|
|
$file_contents = $result; |
388
|
|
|
|
389
|
|
|
} else { |
390
|
|
|
|
391
|
|
|
$log_message = 'Unable to get file contents'; |
392
|
|
|
list($requirements, $null) = $this->getRequirements(); |
393
|
|
|
$log_extra = array('File Title' => $file_title, 'Requirements' => $requirements); |
394
|
|
|
$this->log->{$log_severity}($log_message, $log_extra); |
395
|
|
|
$file_contents = ''; |
396
|
|
|
|
397
|
|
|
} |
398
|
|
|
|
399
|
|
|
return $file_contents; |
400
|
|
|
} |
401
|
|
|
|
402
|
|
|
} //@formatter:on |
403
|
|
|
|
This error can happen if you refactor code and forget to move the variable initialization.
Let’s take a look at a simple example:
The above code is perfectly fine. Now imagine that we re-order the statements:
In that case,
$x
would be read before it is initialized. This was a very basic example, however the principle is the same for the found issue.