admin/health.php

   1 <?php  // $Id$
   2
   3     require_once('../config.php');
   4
   5     define('SEVERITY_NOTICE',      'notice');
   6     define('SEVERITY_ANNOYANCE',   'annoyance');
   7     define('SEVERITY_SIGNIFICANT', 'significant');
   8     define('SEVERITY_CRITICAL',    'critical');
   9
  10     $resetsesserrorcounter = optional_param('resetsesserrorcounter', 0, PARAM_BOOL);
  11     $solution              = optional_param('solution', 0, PARAM_SAFEDIR); //in fact it is class name alhanumeric and _
  12
  13     require_login();
  14     if (!isadmin()) {
  15         error('Only the admin can use this page');
  16     }
  17
  18     $site = get_site();
  19     $stradmin         = get_string('administration');
  20     $strhealthcenter  = get_string('healthcenter');
  21
  22     print_header($site->shortname.': '.$strhealthcenter, $site->fullname,
  23                   '<a href="index.php">'.$stradmin.'</a> -> '.$strhealthcenter);
  24
  25 echo <<<STYLES
  26 <style type="text/css">
  27 div#healthnoproblemsfound {
  28     width: 60%;
  29     margin: auto;
  30     padding: 1em;
  31     border: 1px black solid;
  32     -moz-border-radius: 6px;
  33 }
  34 dl.healthissues {
  35     width: 60%;
  36     margin: auto;
  37 }
  38 dl.critical dt, dl.critical dd {
  39     background-color: #a71501;
  40 }
  41 dl.significant dt, dl.significant dd {
  42     background-color: #d36707;
  43 }
  44 dl.annoyance dt, dl.annoyance dd {
  45     background-color: #dba707;
  46 }
  47 dl.notice dt, dl.notice dd {
  48     background-color: #e5db36;
  49 }
  50 dt.solution, dd.solution, div#healthnoproblemsfound {
  51     background-color: #5BB83E !important;
  52 }
  53 dl.healthissues dt, dl.healthissues dd {
  54     margin: 0px;
  55     padding: 1em;
  56     border: 1px black solid;
  57 }
  58 dl.healthissues dt {
  59     font-weight: bold;
  60     border-bottom: none;
  61     padding-bottom: 0.5em;
  62 }
  63 dl.healthissues dd {
  64     border-top: none;
  65     padding-top: 0.5em;
  66     margin-bottom: 10px;
  67 }
  68 dl.healthissues dd form {
  69     margin-top: 0.5em;
  70     text-align: right;
  71 }
  72 form#healthformreturn {
  73     text-align: center;
  74     margin: 2em;
  75 }
  76 dd.solution p {
  77     padding: 0px;
  78     margin: 1em 0px;
  79 }
  80 dd.solution li {
  81     margin-top: 1em;
  82 }
  83
  84 </style>
  85 STYLES;
  86
  87     if(strpos($solution, 'problem_') === 0 && class_exists($solution)) {
  88         health_print_solution($solution);
  89     }
  90     else {
  91         health_find_problems();
  92     }
  93
  94
  95     print_footer();
  96
  97
  98 function health_find_problems() {
  99
 100     print_heading(get_string('healthcenter'));
 101
 102     $issues   = array(
 103         SEVERITY_CRITICAL    => array(),
 104         SEVERITY_SIGNIFICANT => array(),
 105         SEVERITY_ANNOYANCE   => array(),
 106         SEVERITY_NOTICE      => array(),
 107     );
 108     $problems = 0;
 109
 110     for($i = 1; $i < 1000000; ++$i) {
 111         $classname = sprintf('problem_%06d', $i);
 112         if(!class_exists($classname)) {
 113             break;
 114         }
 115         $problem = new $classname;
 116         if($problem->exists()) {
 117             $severity = $problem->severity();
 118             $issues[$severity][$classname] = array(
 119                 'severity'    => $severity,
 120                 'description' => $problem->description(),
 121                 'title'       => $problem->title()
 122             );
 123             ++$problems;
 124         }
 125         unset($problem);
 126     }
 127
 128     if($problems == 0) {
 129         echo '<div id="healthnoproblemsfound">';
 130         echo get_string('healthnoproblemsfound');
 131         echo '</div>';
 132     }
 133     else {
 134         print_heading(get_string('healthproblemsdetected'));
 135         $severities = array(SEVERITY_CRITICAL, SEVERITY_SIGNIFICANT, SEVERITY_ANNOYANCE, SEVERITY_NOTICE);
 136         foreach($severities as $severity) {
 137             if(!empty($issues[$severity])) {
 138                 echo '<dl class="healthissues '.$severity.'">';
 139                 foreach($issues[$severity] as $classname => $data) {
 140                     echo '<dt id="'.$classname.'">'.$data['title'].'</dt>';
 141                     echo '<dd>'.$data['description'];
 142                     echo '<form action="health.php#solution" method="get">';
 143                     echo '<input type="hidden" name="solution" value="'.$classname.'" /><input type="submit" value="'.get_string('viewsolution').'" />';
 144                     echo '</form></dd>';
 145                 }
 146                 echo '</dl>';
 147             }
 148         }
 149     }
 150 }
 151
 152 function health_print_solution($classname) {
 153     $problem = new $classname;
 154     $data = array(
 155         'title'       => $problem->title(),
 156         'severity'    => $problem->severity(),
 157         'description' => $problem->description(),
 158         'solution'    => $problem->solution()
 159     );
 160
 161     print_heading(get_string('healthcenter'));
 162     print_heading(get_string('healthproblemsolution'));
 163     echo '<dl class="healthissues '.$data['severity'].'">';
 164     echo '<dt>'.$data['title'].'</dt>';
 165     echo '<dd>'.$data['description'].'</dd>';
 166     echo '<dt id="solution" class="solution">'.get_string('healthsolution').'</dt>';
 167     echo '<dd class="solution">'.$data['solution'].'</dd></dl>';
 168     echo '<form id="healthformreturn" action="health.php#'.$classname.'" method="get">';
 169     echo '<input type="submit" value="'.get_string('healthreturntomain').'" />';
 170     echo '</form>';
 171 }
 172
 173 class problem_base {
 174     function exists() {
 175         return false;
 176     }
 177     function title() {
 178         return '???';
 179     }
 180     function severity() {
 181         return SEVERITY_NOTICE;
 182     }
 183     function description() {
 184         return '';
 185     }
 186     function solution() {
 187         return '';
 188     }
 189 }
 190
 191 class problem_000001 extends problem_base {
 192     function title() {
 193         return 'Invalid value for $CFG->dirroot';
 194     }
 195     function exists() {
 196         global $CFG;
 197         $dirroot = dirname(realpath('../index.php'));
 198         if (!empty($dirroot) && $dirroot != $CFG->dirroot) {
 199             return true;
 200         }
 201         return false;
 202     }
 203     function severity() {
 204         return SEVERITY_CRITICAL;
 205     }
 206     function description() {
 207         global $CFG;
 208         return 'Your <strong>config.php</strong> file contains the setting <strong>$CFG-&gt;dirroot = "'.$CFG->dirroot.'"</strong>, which is incorrect. Unless you correct this problem, Moodle will not function correctly, if at all.';
 209     }
 210     function solution() {
 211         global $CFG;
 212         $dirroot = dirname(realpath('../index.php'));
 213         return 'You need to edit your <strong>config.php</strong> file. Find the line which reads <pre>$CFG->dirroot = \''.$CFG->dirroot.'\';</pre> and change it to read <pre>$CFG->dirroot = \''.$dirroot.'\'</pre>';
 214     }
 215 }
 216
 217 class problem_000002 extends problem_base {
 218     function title() {
 219         return 'Extra characters at the end of config.php';
 220     }
 221     function exists() {
 222         // [pj] When the requirements are raised to PHP 4.3.0 this will be file_get_contents()
 223         if($fp = @fopen('../config.php', 'r')) {
 224             $contents = fread($fp, 16384); // 16K should be enough
 225             $ending = substr($contents, -2);
 226             unset($contents);
 227             if($ending == '?>') {
 228                 return false;
 229             }
 230             fclose($fp);
 231         }
 232         return true;
 233     }
 234     function severity() {
 235         return SEVERITY_SIGNIFICANT;
 236     }
 237     function description() {
 238         return 'Your Moodle configuration file, config.php, contains some characters after the closing PHP tag (?>). This could cause Moodle to exhibit several kinds of problems and should be fixed.';
 239     }
 240     function solution() {
 241         global $CFG;
 242         return 'You need to edit <strong>'.$CFG->dirroot.'/config.php</strong> and remove all characters (including spaces and returns) after the ending ?> tag. These two characters should be the very last in that file.';
 243     }
 244 }
 245
 246 class problem_000003 extends problem_base {
 247     function title() {
 248         return '$CFG->dataroot does not exist or does not have write permissions';
 249     }
 250     function exists() {
 251         global $CFG;
 252         if(!is_dir($CFG->dataroot) || !is_writable($CFG->dataroot)) {
 253             return true;
 254         }
 255         return false;
 256     }
 257     function severity() {
 258         return SEVERITY_SIGNIFICANT;
 259     }
 260     function description() {
 261         global $CFG;
 262         return 'Your <strong>config.php</strong> says that your "data root" directory is <strong>'.$CFG->dataroot.'</strong>. However, this directory either does not exist or cannot be written to by Moodle. This means that a variety of problems will be present, such as users not being able to log in and not being able to upload any files. It is imperative that you address this problem for Moodle to work correctly.';
 263     }
 264     function solution() {
 265         global $CFG;
 266         return 'First of all, make sure that the directory <strong>'.$CFG->dataroot.'</strong> exists. If the directory does exist, then you must make sure that Moodle is able to write to it. Contact your web server administrator and request that he gives write permissions for that directory to the user that the web server process is running as.';
 267     }
 268 }
 269
 270 class problem_000004 extends problem_base {
 271     function title() {
 272         return 'cron.php is not set up to run automatically';
 273     }
 274     function exists() {
 275         global $CFG;
 276         $lastcron = get_field_sql('SELECT max(lastcron) FROM '.$CFG->prefix.'modules');
 277         return (time() - $lastcron > 3600 * 24);
 278     }
 279     function severity() {
 280         return SEVERITY_SIGNIFICANT;
 281     }
 282     function description() {
 283         return 'The cron.php mainenance script has not been run in the past 24 hours. This probably means that your server is not configured to automatically run this script in regular time intervals. If this is the case, then Moodle will mostly work as it should but some operations (notably sending email to users) will not be carried out at all.';
 284     }
 285     function solution() {
 286         global $CFG;
 287         return 'For detailed instructions on how to enable cron, see <a href="'.$CFG->wwwroot.'/doc/?file=install.html#cron">this section</a> of the installation manual.';
 288     }
 289 }
 290
 291 class problem_000005 extends problem_base {
 292     function title() {
 293         return 'PHP: session.auto_start is enabled';
 294     }
 295     function exists() {
 296         return ini_get_bool('session.auto_start');
 297     }
 298     function severity() {
 299         return SEVERITY_CRITICAL;
 300     }
 301     function description() {
 302         return 'Your PHP configuration includes an enabled setting, session.auto_start, that <strong>must be disabled</strong> in order for Moodle to work correctly. Notable symptoms arising from this misconfiguration include fatal errors and/or blank pages when trying to log in.';
 303     }
 304     function solution() {
 305         global $CFG;
 306         return '<p>There are two ways you can solve this problem:</p><ol><li>If you have access to your main <strong>php.ini</strong> file, then find the line that looks like this: <pre>session.auto_start = 1</pre> and change it to <pre>session.auto_start = 0</pre> and then restart your web server. Be warned that this, as any other PHP setting change, might affect other web applications running on the server.</li><li>Finally, you may be able to change this setting just for your site by creating or editing the file <strong>'.$CFG->dirroot.'/.htaccess</strong> to contain this line: <pre>php_value session.auto_start "0"</pre></li></ol>';
 307     }
 308 }
 309
 310 class problem_000006 extends problem_base {
 311     function title() {
 312         return 'PHP: magic_quotes_runtime is enabled';
 313     }
 314     function exists() {
 315         return (ini_get_bool('magic_quotes_runtime'));
 316     }
 317     function severity() {
 318         return SEVERITY_SIGNIFICANT;
 319     }
 320     function description() {
 321         return 'Your PHP configuration includes an enabled setting, magic_quotes_runtime, that <strong>must be disabled</strong> in order for Moodle to work correctly. Notable symptoms arising from this misconfiguration include strange display errors whenever a text field that includes single or double quotes is processed.';
 322     }
 323     function solution() {
 324         global $CFG;
 325         return '<p>There are two ways you can solve this problem:</p><ol><li>If you have access to your main <strong>php.ini</strong> file, then find the line that looks like this: <pre>magic_quotes_runtime = On</pre> and change it to <pre>magic_quotes_runtime = Off</pre> and then restart your web server. Be warned that this, as any other PHP setting change, might affect other web applications running on the server.</li><li>Finally, you may be able to change this setting just for your site by creating or editing the file <strong>'.$CFG->dirroot.'/.htaccess</strong> to contain this line: <pre>php_value magic_quotes_runtime "Off"</pre></li></ol>';
 326     }
 327 }
 328
 329 class problem_000007 extends problem_base {
 330     function title() {
 331         return 'PHP: file_uploads is disabled';
 332     }
 333     function exists() {
 334         return !ini_get_bool('file_uploads');
 335     }
 336     function severity() {
 337         return SEVERITY_SIGNIFICANT;
 338     }
 339     function description() {
 340         return 'Your PHP configuration includes a disabled setting, file_uploads, that <strong>must be enabled</strong> to let Moodle offer its full functionality. Until this setting is enabled, it will not be possible to upload any files into Moodle. This includes, for example, course content and user pictures.';
 341     }
 342     function solution() {
 343         global $CFG;
 344         return '<p>There are two ways you can solve this problem:</p><ol><li>If you have access to your main <strong>php.ini</strong> file, then find the line that looks like this: <pre>file_uploads = Off</pre> and change it to <pre>file_uploads = On</pre> and then restart your web server. Be warned that this, as any other PHP setting change, might affect other web applications running on the server.</li><li>Finally, you may be able to change this setting just for your site by creating or editing the file <strong>'.$CFG->dirroot.'/.htaccess</strong> to contain this line: <pre>php_value file_uploads "On"</pre></li></ol>';
 345     }
 346 }
 347
 348 class problem_000008 extends problem_base {
 349     function title() {
 350         return 'PHP: memory_limit cannot be controlled by Moodle';
 351     }
 352     function exists() {
 353         $memlimit = @ini_get('memory_limit');
 354         if(empty($memlimit)) {
 355             // PHP not compiled with memory limits, this means that it's
 356             // probably limited to 8M so we have a problem...
 357             return true;
 358         }
 359         // Otherwise, raise_memory_limit in setup.php will do the trick
 360         return false;
 361     }
 362     function severity() {
 363         return SEVERITY_ANNOYANCE;
 364     }
 365     function description() {
 366         return 'The settings for PHP on your server do not allow a script to request more memory during its execution. This means that most likely there is a hard limit of 8MB for each script. It is possible that certain operations within Moodle will require more than this amount in order to complete successfully, especially if there are lots of data to be processed. Therefore, it is recommended that you contact your server administrator to address this issue.';
 367     }
 368     function solution() {
 369         global $CFG;
 370         return 'We need a good solution here. Enabling memory limit control means recompiling PHP... maybe this should be SEVERITY_NOTICE instead of SEVERITY_ANNOYANCE?';
 371     }
 372 }
 373
 374 class problem_000009 extends problem_base {
 375     function title() {
 376         return 'SQL: using account without password';
 377     }
 378     function exists() {
 379         global $CFG;
 380         return empty($CFG->dbpass);
 381     }
 382     function severity() {
 383         return SEVERITY_CRITICAL;
 384     }
 385     function description() {
 386         global $CFG;
 387         return 'The user account your are connecting to the database server with is set up without a password. This is a very big security risk and is only somewhat lessened if your database is configured to not accept connections from any hosts other than the server Moodle is running on. Unless you use a strong password to connect to the database, you risk unauthorized access to and manipulation of your data.'.($CFG->dbuser != 'root'?'':' <strong>This is especially alarming because such access to the database would be as the superuser (root)!</strong>');
 388     }
 389     function solution() {
 390         global $CFG;
 391         return 'You should change the password of the user <strong>'.$CFG->dbuser.'</strong> both in your database and in your Moodle <strong>config.php</strong> immediately!'.($CFG->dbuser != 'root'?'':' It would also be a good idea to change the user account from root to something else, because this would lessen the impact in the event that your database is compromised anyway.');
 392     }
 393 }
 394
 395 class problem_000010 extends problem_base {
 396     function title() {
 397         return 'Uploaded files: slasharguments disabled or not working';
 398     }
 399     function exists() {
 400         if (!$this->is_enabled()) {
 401             return true;
 402         }
 403         if ($this->status() < 1) {
 404             return true;
 405         }
 406         return false;
 407     }
 408     function severity() {
 409         if ($this->is_enabled() and $this->status() == 0) {
 410             return SEVERITY_SIGNIFICANT;
 411         } else {
 412             return SEVERITY_ANNOYANCE;
 413         }
 414     }
 415     function description() {
 416         global $CFG;
 417         $desc = 'Slasharguments are needed for relative linking in uploaded resources:<ul>';
 418         if (!$this->is_enabled()) {
 419             $desc .= '<li>slasharguments are <strong>disabled</strong> in Moodle configuration</li>';
 420         } else {
 421             $desc .= '<li>slasharguments are enabled in Moodle configuration</li>';
 422         }
 423         if ($this->status() == -1) {
 424             $desc .= '<li>can not run automatic test, you can verify it <a href="'.$CFG->wwwroot.'/file.php/testslasharguments" target="_blank">here</a></li>';
 425         } else if ($this->status() == 0) {
 426             $desc .= '<li>slashargument test <strong>failed</strong>, please check server configuration</li>';
 427         } else {
 428             $desc .= '<li>slashargument test passed</li>';
 429         }
 430         $desc .= '</ul>';
 431         return $desc;
 432     }
 433     function solution() {
 434         global $CFG;
 435         $enabled = $this->is_enabled();
 436         $status = $this->status();
 437         $solution = '';
 438         if ($enabled and ($status == 0)) {
 439             $solution .= 'Slasharguments are enabled, but the test failed. Please disable slasharguments in Moodle configuration or fix the server configuration.<hr />';
 440         } else if ((!$enabled) and ($status == 0)) {
 441             $solution .= 'Slasharguments are disabled and the test failed. You may try to fix the server configuration.<hr />';
 442         } else if ($enabled and ($status == -1)) {
 443             $solution .= 'Slasharguments are enabled, <a href="'.$CFG->wwwroot.'/file.php/testslasharguments">automatic testing</a> not possible.<hr />';
 444         } else if ((!$enabled) and ($status == -1)) {
 445             $solution .= 'Slasharguments are disabled, <a href="'.$CFG->wwwroot.'/file.php/testslasharguments">automatic testing</a> not possible.<hr />';
 446         } else if ((!$enabled) and ($status > 0)) {
 447             $solution .= 'Slasharguments are disabled though the iternal test is OK. You should enable slasharguments in Moodle configuration.';
 448         } else if ($enabled and ($status > 0)) {
 449             $solution .= 'Congratulations - everything seems OK now :-D';
 450         }
 451         if ($status < 1) {
 452             $solution .= '<p>IIS:<ul><li>try to add <code>cgi.fix_pathinfo=1</code> to php.ini</li><li>do NOT enable AllowPathInfoForScriptMappings !!!</li><li>slasharguments may not work when using ISAPI and PHP 4.3.10 and older</li></ul></p>';
 453             $solution .= '<p>Apache 1:<ul><li>try to add <code>cgi.fix_pathinfo=1</code> to php.ini</li></ul></p>';
 454             $solution .= '<p>Apache 2:<ul><li>you must add <code>AcceptPathInfo on</code> to php.ini or .htaccess</li><li>try to add <code>cgi.fix_pathinfo=1</code> to php.ini</li></ul></p>';
 455         }
 456         return $solution;
 457     }
 458     function is_enabled() {
 459         global $CFG;
 460         return !empty($CFG->slasharguments);
 461     }
 462     function status() {
 463         global $CFG;
 464         $handle = @fopen($CFG->wwwroot.'/file.php?file=/testslasharguments', "r");
 465         $contents = trim(@fread($handle, 7));
 466         @fclose($handle);
 467         if ($contents != 'test -1') {
 468             return -1;
 469         }
 470         $handle = @fopen($CFG->wwwroot.'/file.php/testslasharguments', "r");
 471         $contents = trim(@fread($handle, 6));
 472         @fclose($handle);
 473         switch ($contents) {
 474             case 'test 1': return 1;
 475             case 'test 2': return 2;
 476             default:  return 0;
 477         }
 478     }
 479 }
 480
 481 class problem_000011 extends problem_base {
 482     function title() {
 483         return 'Session errors detected';
 484     }
 485     function exists() {
 486         global $CFG;
 487         return isset($CFG->session_error_counter);
 488     }
 489     function severity() {
 490         return SEVERITY_ANNOYANCE;
 491     }
 492     function description() {
 493         global $CFG;
 494         if (isset($CFG->session_error_counter)) {
 495             return 'Session problems were detected. Total count: '.$CFG->session_error_counter;
 496         } else {
 497             return 'No session errors detected.';
 498         }
 499     }
 500     function solution() {
 501         global $CFG;
 502         if (!empty($resetsesserrorcounter)) {
 503             if (get_field('config', 'name', 'name', 'session_error_counter')) {
 504                 delete_records('config', 'name', 'session_error_counter');
 505             }
 506             return 'Error counter was cleared.';
 507         } else {
 508             return '<p>Session errors can be caused by:<ul><li>unresolved problem in server software (aka random switching of users),</li><li>blocked or modified cookies,</li><li>deleting of active session files.</li></ul></p><p><a href="'.me().'&resetsesserrorcounter=1">Reset counter.</a></p>';
 509         }
 510     }
 511 }
 512
 513
 514 class problem_00000x extends problem_base {
 515     function title() {
 516         return '';
 517     }
 518     function exists() {
 519         return false;
 520     }
 521     function severity() {
 522         return SEVERITY_SIGNIFICANT;
 523     }
 524     function description() {
 525         return '';
 526     }
 527     function solution() {
 528         global $CFG;
 529         return '';
 530     }
 531 }
 532
 533 /*
 534
 535 TODO:
 536
 537     session.save_path -- it doesn't really matter because we are already IN a session, right?
 538
 539 */
 540
 541 ?>