PHPXRef 0.7 : MantisBT : /admin/check/check_paths

[Summary view] [Print] [Text view]
   1  <?php
   2  # MantisBT - A PHP based bugtracking system
   3  
   4  # MantisBT is free software: you can redistribute it and/or modify
   5  # it under the terms of the GNU General Public License as published by
   6  # the Free Software Foundation, either version 2 of the License, or
   7  # (at your option) any later version.
   8  #
   9  # MantisBT is distributed in the hope that it will be useful,
  10  # but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  # GNU General Public License for more details.
  13  #
  14  # You should have received a copy of the GNU General Public License
  15  # along with MantisBT.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  /**
  18   * @package MantisBT
  19   * @copyright Copyright (C) 2000 - 2002  Kenzaburo Ito - kenito@300baud.org
  20   * @copyright Copyright (C) 2002 - 2011  MantisBT Team - mantisbt-dev@lists.sourceforge.net
  21   * @link http://www.mantisbt.org
  22   *
  23   * @uses check_api.php
  24   * @uses config_api.php
  25   */
  26  
  27  if ( !defined( 'CHECK_PATHS_INC_ALLOW' ) ) {
  28      return;
  29  }
  30  
  31  /**
  32   * MantisBT Check API
  33   */
  34  require_once ( 'check_api.php' );
  35  require_api( 'config_api.php' );
  36  
  37  check_print_section_header_row( 'Paths' );
  38  
  39  $t_path_config_names = array(
  40      'absolute_path',
  41      'core_path',
  42      'class_path',
  43      'library_path',
  44      'language_path'
  45  );
  46  
  47  $t_paths = array();
  48  foreach( $t_path_config_names as $t_path_config_name ) {
  49      $t_new_path = array();
  50      $t_new_path['config_value'] = config_get_global( $t_path_config_name );
  51      $t_new_path['real_path'] = realpath( $t_new_path['config_value'] );
  52      $t_paths[$t_path_config_name] = $t_new_path;
  53  }
  54  
  55  foreach( $t_paths as $t_path_config_name => $t_path ) {
  56      check_print_test_row(
  57          $t_path_config_name . ' configuration option has a trailing directory separator',
  58          substr( $t_path['config_value'], -1, 1 ) == DIRECTORY_SEPARATOR,
  59          array( false => 'You must provide a trailing directory separator (' . DIRECTORY_SEPARATOR . ') to the end of the ' . $t_path_config_name . ' configuration value.' )
  60      );
  61  }
  62  
  63  foreach( $t_paths as $t_path_config_name => $t_path ) {
  64      check_print_test_row(
  65          $t_path_config_name . ' configuration option points to a valid directory',
  66          is_dir( $t_path['config_value'] ),
  67          array( false => 'The path specified by the ' . $t_path_config_name . ' configuration option does not point to a valid and accessible directory.' )
  68      );
  69  }
  70  
  71  if( $g_failed_test ) {
  72      return;
  73  }
  74  
  75  $t_moveable_paths = array(
  76      'core_path',
  77      'class_path',
  78      'library_path',
  79      'language_path'
  80  );
  81  
  82  if( $t_paths['absolute_path']['real_path'] !== false ) {
  83      $t_absolute_path_regex_safe = preg_quote( $t_paths['absolute_path']['real_path'], '/' );
  84  } else {
  85      $t_absolute_path_regex_safe = preg_quote( $t_paths['absolute_path']['config_value'], '/' );
  86  }
  87  foreach( $t_moveable_paths as $t_moveable_path ) {
  88      if( $t_paths[$t_moveable_path]['real_path'] !== false ) {
  89          $t_moveable_real_path = $t_paths[$t_moveable_path]['real_path'];
  90      } else {
  91          $t_moveable_real_path = $t_paths[$t_moveable_path]['config_value'];
  92      }
  93      check_print_test_warn_row(
  94          $t_moveable_path . ' configuration option is set to a path outside the web root',
  95          !preg_match( "/^$t_absolute_path_regex_safe/", $t_moveable_real_path ),
  96          array( false => 'For increased security it is recommended that you move the ' . $t_moveable_path . ' directory outside the web root.' )
  97      );
  98  }
  99  
 100  $t_removeable_directories = array(
 101      'doc',
 102  );
 103  
 104  foreach( $t_removeable_directories as $t_removeable_directory ) {
 105      check_print_test_warn_row(
 106          'Directory <em><a href="' . htmlentities( config_get_global( 'short_path' ) ) . $t_removeable_directory . '">' . $t_removeable_directory . '</a></em> does not need to exist within the MantisBT root',
 107          !is_dir( $t_paths['absolute_path']['config_value'] . $t_removeable_directory ),
 108          array( false => 'The ' . $t_removeable_directory . ' directory within the MantisBT root should be removed as it is not needed for the live operation of MantisBT.' )
 109      );
 110  }
 111  
 112  $t_developer_directories = array(
 113      'docbook',
 114      'packages',
 115      'scripts',
 116      'tests',
 117  );
 118  
 119  foreach( $t_developer_directories as $t_developer_directory ) {
 120      check_print_test_warn_row(
 121          'Directory <em><a href="' . htmlentities( config_get_global( 'short_path' ) ) . $t_developer_directory . '">' . $t_developer_directory . '</a></em> exists. These files are not included in MantisBT builds. For production use, please use a release build/snapshot, and not the developer git code.',
 122          !is_dir( $t_paths['absolute_path']['config_value'] . $t_developer_directory ),
 123          array( false => 'The ' . $t_developer_directory . ' directory within the MantisBT root is for development use and is not included in official releases of MantisBT.' )
 124      );
 125  }
 126  
 127  check_print_test_warn_row(
 128      'Directory <em><a href="' . htmlentities( config_get_global( 'short_path' ) ) . 'api">api</a></em> should be removed from the MantisBT root if you do not plan on using <a href="http://en.wikipedia.org/wiki/SOAP">SOAP</a>',
 129      !is_dir( $t_paths['absolute_path']['config_value'] . 'api' )
 130  );
PHP Cross Reference of MantisBT

/admin/check/ -> check_paths_inc.php (source)
