1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
|
<?php // $Id: health.php,v 1.7.2.6 2006/07/14 20:56:16 skodak Exp $
ob_start(); //for whitespace test
require_once('../config.php');
// extra whitespace test - intentionally breaks cookieless mode
$extraws = '';
while (true) {
$extraws .= ob_get_contents();
if (!@ob_end_clean()) { //
break;
}
}
define('SEVERITY_NOTICE', 'notice');
define('SEVERITY_ANNOYANCE', 'annoyance');
define('SEVERITY_SIGNIFICANT', 'significant');
define('SEVERITY_CRITICAL', 'critical');
$solution = optional_param('solution', 0, PARAM_SAFEDIR); //in fact it is class name alhanumeric and _
require_login();
if (!isadmin()) {
error('Only the admin can use this page');
}
$site = get_site();
$stradmin = get_string('administration');
$strhealthcenter = get_string('healthcenter');
$strmisc = get_string('miscellaneous');
print_header($site->shortname.': '.$strhealthcenter, $site->fullname,
'<a href="index.php">'.$stradmin.'</a> -> <a href="misc.php">'.$strmisc.'</a> ->'.
$strhealthcenter);
echo <<<STYLES
<style type="text/css">
div#healthnoproblemsfound {
width: 60%;
margin: auto;
padding: 1em;
border: 1px black solid;
-moz-border-radius: 6px;
}
dl.healthissues {
width: 60%;
margin: auto;
}
dl.critical dt, dl.critical dd {
background-color: #a71501;
}
dl.significant dt, dl.significant dd {
background-color: #d36707;
}
dl.annoyance dt, dl.annoyance dd {
background-color: #dba707;
}
dl.notice dt, dl.notice dd {
background-color: #e5db36;
}
dt.solution, dd.solution, div#healthnoproblemsfound {
background-color: #5BB83E !important;
}
dl.healthissues dt, dl.healthissues dd {
margin: 0px;
padding: 1em;
border: 1px black solid;
}
dl.healthissues dt {
font-weight: bold;
border-bottom: none;
padding-bottom: 0.5em;
}
dl.healthissues dd {
border-top: none;
padding-top: 0.5em;
margin-bottom: 10px;
}
dl.healthissues dd form {
margin-top: 0.5em;
text-align: right;
}
form#healthformreturn {
text-align: center;
margin: 2em;
}
dd.solution p {
padding: 0px;
margin: 1em 0px;
}
dd.solution li {
margin-top: 1em;
}
</style>
STYLES;
if(strpos($solution, 'problem_') === 0 && class_exists($solution)) {
health_print_solution($solution);
}
else {
health_find_problems();
}
print_footer();
function health_find_problems() {
print_heading(get_string('healthcenter'));
$issues = array(
SEVERITY_CRITICAL => array(),
SEVERITY_SIGNIFICANT => array(),
SEVERITY_ANNOYANCE => array(),
SEVERITY_NOTICE => array(),
);
$problems = 0;
for($i = 1; $i < 1000000; ++$i) {
$classname = sprintf('problem_%06d', $i);
if(!class_exists($classname)) {
break;
}
$problem = new $classname;
if($problem->exists()) {
$severity = $problem->severity();
$issues[$severity][$classname] = array(
'severity' => $severity,
'description' => $problem->description(),
'title' => $problem->title()
);
++$problems;
}
unset($problem);
}
if($problems == 0) {
echo '<div id="healthnoproblemsfound">';
echo get_string('healthnoproblemsfound');
echo '</div>';
}
else {
print_heading(get_string('healthproblemsdetected'));
$severities = array(SEVERITY_CRITICAL, SEVERITY_SIGNIFICANT, SEVERITY_ANNOYANCE, SEVERITY_NOTICE);
foreach($severities as $severity) {
if(!empty($issues[$severity])) {
echo '<dl class="healthissues '.$severity.'">';
foreach($issues[$severity] as $classname => $data) {
echo '<dt id="'.$classname.'">'.$data['title'].'</dt>';
echo '<dd>'.$data['description'];
echo '<form action="health.php#solution" method="get">';
echo '<input type="hidden" name="solution" value="'.$classname.'" /><input type="submit" value="'.get_string('viewsolution').'" />';
echo '</form></dd>';
}
echo '</dl>';
}
}
}
}
function health_print_solution($classname) {
$problem = new $classname;
$data = array(
'title' => $problem->title(),
'severity' => $problem->severity(),
'description' => $problem->description(),
'solution' => $problem->solution()
);
print_heading(get_string('healthcenter'));
print_heading(get_string('healthproblemsolution'));
echo '<dl class="healthissues '.$data['severity'].'">';
echo '<dt>'.$data['title'].'</dt>';
echo '<dd>'.$data['description'].'</dd>';
echo '<dt id="solution" class="solution">'.get_string('healthsolution').'</dt>';
echo '<dd class="solution">'.$data['solution'].'</dd></dl>';
echo '<form id="healthformreturn" action="health.php#'.$classname.'" method="get">';
echo '<input type="submit" value="'.get_string('healthreturntomain').'" />';
echo '</form>';
}
class problem_base {
function exists() {
return false;
}
function title() {
return '???';
}
function severity() {
return SEVERITY_NOTICE;
}
function description() {
return '';
}
function solution() {
return '';
}
}
class problem_000001 extends problem_base {
function title() {
return 'Invalid value for $CFG->dirroot';
}
function exists() {
global $CFG;
$dirroot = dirname(realpath('../index.php'));
if (!empty($dirroot) && $dirroot != $CFG->dirroot) {
return true;
}
return false;
}
function severity() {
return SEVERITY_CRITICAL;
}
function description() {
global $CFG;
return 'Your <strong>config.php</strong> file contains the setting <strong>$CFG->dirroot = "'.$CFG->dirroot.'"</strong>, which is incorrect. Unless you correct this problem, Moodle will not function correctly, if at all.';
}
function solution() {
global $CFG;
$dirroot = dirname(realpath('../index.php'));
return 'You need to edit your <strong>config.php</strong> file. Find the line which reads <pre>$CFG->dirroot = \''.$CFG->dirroot.'\';</pre> and change it to read <pre>$CFG->dirroot = \''.$dirroot.'\'</pre>';
}
}
class problem_000002 extends problem_base {
function title() {
return 'Extra characters at the end of config.php or other library function';
}
function exists() {
global $extraws;
if($extraws === '') {
return false;
}
return true;
}
function severity() {
return SEVERITY_SIGNIFICANT;
}
function description() {
return 'Your Moodle configuration file config.php or another library file, contains some characters after the closing PHP tag (?>). This causes Moodle to exhibit several kinds of problems (such as broken downloaded files) and must be fixed.';
}
function solution() {
global $CFG;
return 'You need to edit <strong>'.$CFG->dirroot.'/config.php</strong> and remove all characters (including spaces and returns) after the ending ?> tag. These two characters should be the very last in that file. The extra trailing whitespace may be also present in other PHP files that are included from lib/setup.php.';
}
}
class problem_000003 extends problem_base {
function title() {
return '$CFG->dataroot does not exist or does not have write permissions';
}
function exists() {
global $CFG;
if(!is_dir($CFG->dataroot) || !is_writable($CFG->dataroot)) {
return true;
}
return false;
}
function severity() {
return SEVERITY_SIGNIFICANT;
}
function description() {
global $CFG;
return 'Your <strong>config.php</strong> says that your "data root" directory is <strong>'.$CFG->dataroot.'</strong>. However, this directory either does not exist or cannot be written to by Moodle. This means that a variety of problems will be present, such as users not being able to log in and not being able to upload any files. It is imperative that you address this problem for Moodle to work correctly.';
}
function solution() {
global $CFG;
return 'First of all, make sure that the directory <strong>'.$CFG->dataroot.'</strong> exists. If the directory does exist, then you must make sure that Moodle is able to write to it. Contact your web server administrator and request that he gives write permissions for that directory to the user that the web server process is running as.';
}
}
class problem_000004 extends problem_base {
function title() {
return 'cron.php is not set up to run automatically';
}
function exists() {
global $CFG;
$lastcron = get_field_sql('SELECT max(lastcron) FROM '.$CFG->prefix.'modules');
return (time() - $lastcron > 3600 * 24);
}
function severity() {
return SEVERITY_SIGNIFICANT;
}
function description() {
return 'The cron.php mainenance script has not been run in the past 24 hours. This probably means that your server is not configured to automatically run this script in regular time intervals. If this is the case, then Moodle will mostly work as it should but some operations (notably sending email to users) will not be carried out at all.';
}
function solution() {
global $CFG;
return 'For detailed instructions on how to enable cron, see <a href="'.$CFG->wwwroot.'/doc/?file=install.html#cron">this section</a> of the installation manual.';
}
}
class problem_000005 extends problem_base {
function title() {
return 'PHP: session.auto_start is enabled';
}
function exists() {
return ini_get_bool('session.auto_start');
}
function severity() {
return SEVERITY_CRITICAL;
}
function description() {
return 'Your PHP configuration includes an enabled setting, session.auto_start, that <strong>must be disabled</strong> in order for Moodle to work correctly. Notable symptoms arising from this misconfiguration include fatal errors and/or blank pages when trying to log in.';
}
function solution() {
global $CFG;
return '<p>There are two ways you can solve this problem:</p><ol><li>If you have access to your main <strong>php.ini</strong> file, then find the line that looks like this: <pre>session.auto_start = 1</pre> and change it to <pre>session.auto_start = 0</pre> and then restart your web server. Be warned that this, as any other PHP setting change, might affect other web applications running on the server.</li><li>Finally, you may be able to change this setting just for your site by creating or editing the file <strong>'.$CFG->dirroot.'/.htaccess</strong> to contain this line: <pre>php_value session.auto_start "0"</pre></li></ol>';
}
}
class problem_000006 extends problem_base {
function title() {
return 'PHP: magic_quotes_runtime is enabled';
}
function exists() {
return (ini_get_bool('magic_quotes_runtime'));
}
function severity() {
return SEVERITY_SIGNIFICANT;
}
function description() {
return 'Your PHP configuration includes an enabled setting, magic_quotes_runtime, that <strong>must be disabled</strong> in order for Moodle to work correctly. Notable symptoms arising from this misconfiguration include strange display errors whenever a text field that includes single or double quotes is processed.';
}
function solution() {
global $CFG;
return '<p>There are two ways you can solve this problem:</p><ol><li>If you have access to your main <strong>php.ini</strong> file, then find the line that looks like this: <pre>magic_quotes_runtime = On</pre> and change it to <pre>magic_quotes_runtime = Off</pre> and then restart your web server. Be warned that this, as any other PHP setting change, might affect other web applications running on the server.</li><li>Finally, you may be able to change this setting just for your site by creating or editing the file <strong>'.$CFG->dirroot.'/.htaccess</strong> to contain this line: <pre>php_value magic_quotes_runtime "Off"</pre></li></ol>';
}
}
class problem_000007 extends problem_base {
function title() {
return 'PHP: file_uploads is disabled';
}
function exists() {
return !ini_get_bool('file_uploads');
}
function severity() {
return SEVERITY_SIGNIFICANT;
}
function description() {
return 'Your PHP configuration includes a disabled setting, file_uploads, that <strong>must be enabled</strong> to let Moodle offer its full functionality. Until this setting is enabled, it will not be possible to upload any files into Moodle. This includes, for example, course content and user pictures.';
}
function solution() {
global $CFG;
return '<p>There are two ways you can solve this problem:</p><ol><li>If you have access to your main <strong>php.ini</strong> file, then find the line that looks like this: <pre>file_uploads = Off</pre> and change it to <pre>file_uploads = On</pre> and then restart your web server. Be warned that this, as any other PHP setting change, might affect other web applications running on the server.</li><li>Finally, you may be able to change this setting just for your site by creating or editing the file <strong>'.$CFG->dirroot.'/.htaccess</strong> to contain this line: <pre>php_value file_uploads "On"</pre></li></ol>';
}
}
class problem_000008 extends problem_base {
function title() {
return 'PHP: memory_limit cannot be controlled by Moodle';
}
function exists() {
$oldmemlimit = @ini_get('memory_limit');
if(empty($oldmemlimit)) {
// PHP not compiled with memory limits, this means that it's
// probably limited to 8M or in case of Windows not at all.
// We can ignore it for now - there is not much to test anyway
// TODO: add manual test that fills memory??
return false;
}
$oldmemlimit = get_real_size($oldmemlimit);
//now lets change the memory limit to something unique below 128M==134217728
@ini_set('memory_limit', 134217720);
$testmemlimit = get_real_size(@ini_get('memory_limit'));
//verify the change had any effect at all
if ($oldmemlimit == $testmemlimit) {
//memory limit can not be changed - is it big enough then?
if ($oldmemlimit < get_real_size('128M')) {
return true;
} else {
return false;
}
}
@ini_set('memory_limit', $oldmemlimit);
return false;
}
function severity() {
return SEVERITY_NOTICE;
}
function description() {
return 'The settings for PHP on your server do not allow a script to request more memory during its execution. '.
'This means that there is a hard limit of '.@ini_get('memory_limit').' for each script. '.
'It is possible that certain operations within Moodle will require more than this amount in order '.
'to complete successfully, especially if there are lots of data to be processed.';
}
function solution() {
return 'It is recommended that you contact your web server administrator to address this issue.';
}
}
class problem_000009 extends problem_base {
function title() {
return 'SQL: using account without password';
}
function exists() {
global $CFG;
return empty($CFG->dbpass);
}
function severity() {
return SEVERITY_CRITICAL;
}
function description() {
global $CFG;
return 'The user account your are connecting to the database server with is set up without a password. This is a very big security risk and is only somewhat lessened if your database is configured to not accept connections from any hosts other than the server Moodle is running on. Unless you use a strong password to connect to the database, you risk unauthorized access to and manipulation of your data.'.($CFG->dbuser != 'root'?'':' <strong>This is especially alarming because such access to the database would be as the superuser (root)!</strong>');
}
function solution() {
global $CFG;
return 'You should change the password of the user <strong>'.$CFG->dbuser.'</strong> both in your database and in your Moodle <strong>config.php</strong> immediately!'.($CFG->dbuser != 'root'?'':' It would also be a good idea to change the user account from root to something else, because this would lessen the impact in the event that your database is compromised anyway.');
}
}
class problem_000010 extends problem_base {
function title() {
return 'Uploaded files: slasharguments disabled or not working';
}
function exists() {
if (!$this->is_enabled()) {
return true;
}
if ($this->status() < 1) {
return true;
}
return false;
}
function severity() {
if ($this->is_enabled() and $this->status() == 0) {
return SEVERITY_SIGNIFICANT;
} else {
return SEVERITY_ANNOYANCE;
}
}
function description() {
global $CFG;
$desc = 'Slasharguments are needed for relative linking in uploaded resources:<ul>';
if (!$this->is_enabled()) {
$desc .= '<li>slasharguments are <strong>disabled</strong> in Moodle configuration</li>';
} else {
$desc .= '<li>slasharguments are enabled in Moodle configuration</li>';
}
if ($this->status() == -1) {
$desc .= '<li>can not run automatic test, you can verify it <a href="'.$CFG->wwwroot.'/file.php/testslasharguments" target="_blank">here</a> manually</li>';
} else if ($this->status() == 0) {
$desc .= '<li>slashargument test <strong>failed</strong>, please check server configuration</li>';
} else {
$desc .= '<li>slashargument test passed</li>';
}
$desc .= '</ul>';
return $desc;
}
function solution() {
global $CFG;
$enabled = $this->is_enabled();
$status = $this->status();
$solution = '';
if ($enabled and ($status == 0)) {
$solution .= 'Slasharguments are enabled, but the test failed. Please disable slasharguments in Moodle configuration or fix the server configuration.<hr />';
} else if ((!$enabled) and ($status == 0)) {
$solution .= 'Slasharguments are disabled and the test failed. You may try to fix the server configuration.<hr />';
} else if ($enabled and ($status == -1)) {
$solution .= 'Slasharguments are enabled, <a href="'.$CFG->wwwroot.'/file.php/testslasharguments">automatic testing</a> not possible.<hr />';
} else if ((!$enabled) and ($status == -1)) {
$solution .= 'Slasharguments are disabled, <a href="'.$CFG->wwwroot.'/file.php/testslasharguments">automatic testing</a> not possible.<hr />';
} else if ((!$enabled) and ($status > 0)) {
$solution .= 'Slasharguments are disabled though the iternal test is OK. You should enable slasharguments in Moodle configuration.';
} else if ($enabled and ($status > 0)) {
$solution .= 'Congratulations - everything seems OK now :-D';
}
if ($status < 1) {
$solution .= '<p>IIS:<ul><li>try to add <code>cgi.fix_pathinfo=1</code> to php.ini</li><li>do NOT enable AllowPathInfoForScriptMappings !!!</li><li>slasharguments may not work when using ISAPI and PHP 4.3.10 and older</li></ul></p>';
$solution .= '<p>Apache 1:<ul><li>try to add <code>cgi.fix_pathinfo=1</code> to php.ini</li></ul></p>';
$solution .= '<p>Apache 2:<ul><li>you must add <code>AcceptPathInfo on</code> to php.ini or .htaccess</li><li>try to add <code>cgi.fix_pathinfo=1</code> to php.ini</li></ul></p>';
}
return $solution;
}
function is_enabled() {
global $CFG;
return !empty($CFG->slasharguments);
}
function status() {
global $CFG;
$handle = @fopen($CFG->wwwroot.'/file.php?file=/testslasharguments', "r");
$contents = @trim(fread($handle, 10));
@fclose($handle);
if ($contents != 'test -1') {
return -1;
}
$handle = @fopen($CFG->wwwroot.'/file.php/testslasharguments', "r");
$contents = trim(@fread($handle, 10));
@fclose($handle);
switch ($contents) {
case 'test 1': return 1;
case 'test 2': return 2;
default: return 0;
}
}
}
class problem_000011 extends problem_base {
function title() {
return 'Session errors detected';
}
function exists() {
global $CFG;
return isset($CFG->session_error_counter);
}
function severity() {
return SEVERITY_ANNOYANCE;
}
function description() {
global $CFG;
if (isset($CFG->session_error_counter)) {
return 'Session problems were detected. Total count: '.$CFG->session_error_counter;
} else {
return 'No session errors detected.';
}
}
function solution() {
global $CFG;
if (optional_param('resetsesserrorcounter', 0, PARAM_BOOL)) {
if (get_field('config', 'name', 'name', 'session_error_counter')) {
delete_records('config', 'name', 'session_error_counter');
}
return 'Error counter was cleared.';
} else {
return '<p>Session errors can be caused by:<ul><li>unresolved problem in server software (aka random switching of users),</li><li>blocked or modified cookies,</li><li>deleting of active session files.</li></ul></p><p><a href="'.me().'&resetsesserrorcounter=1">Reset counter.</a></p>';
}
}
}
class problem_00000x extends problem_base {
function title() {
return '';
}
function exists() {
return false;
}
function severity() {
return SEVERITY_SIGNIFICANT;
}
function description() {
return '';
}
function solution() {
global $CFG;
return '';
}
}
/*
TODO:
session.save_path -- it doesn't really matter because we are already IN a session, right?
detect unsupported characters in $CFG->wwwroot - see bug Bug #6091 - relative vs absolute path during backup/restore process
*/
?>
|
