Follow-up to feature #12001: Add checks from t3lib_BEfunc::displayWarningMessages...
[Packages/TYPO3.CMS.git] / typo3 / sysext / reports / reports / status / class.tx_reports_reports_status_installtoolstatus.php
1 <?php
2 /***************************************************************
3 * Copyright notice
4 *
5 * (c) 2009 Ingo Renner <ingo@typo3.org>
6 * All rights reserved
7 *
8 * This script is part of the TYPO3 project. The TYPO3 project is
9 * free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * The GNU General Public License can be found at
15 * http://www.gnu.org/copyleft/gpl.html.
16 *
17 * This script is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
21 *
22 * This copyright notice MUST APPEAR in all copies of the script!
23 ***************************************************************/
24
25
26 /**
27 * Performs some checks about the install tool protection status
28 *
29 * @author Ingo Renner <ingo@typo3.org>
30 * @package TYPO3
31 * @subpackage reports
32 */
33 class tx_reports_reports_status_InstallToolStatus implements tx_reports_StatusProvider {
34
35 /**
36 * Determines the Install Tool's status, mainly concerning its protection.
37 *
38 * @see typo3/sysext/reports/interfaces/tx_reports_StatusProvider::getStatus()
39 */
40 public function getStatus() {
41 $this->executeAdminCommand();
42
43 return array(
44 'installToolEnabled' => $this->getInstallToolProtectionStatus(),
45 'installToolPassword' => $this->getInstallToolPasswordStatus(),
46 'adminUserAccount' => $this->getAdminAccountStatus()
47 );
48 }
49
50 /**
51 * Executes commands like removing the Install Tool enable file.
52 *
53 * @return void
54 */
55 protected function executeAdminCommand() {
56 $command = t3lib_div::_GET('adminCmd');
57
58 switch($command) {
59 case 'remove_ENABLE_INSTALL_TOOL':
60 unlink(PATH_site . 'typo3conf/ENABLE_INSTALL_TOOL');
61 break;
62 }
63 }
64
65 /**
66 * Checks whether the Install Tool password is set to its default value.
67 *
68 * @return tx_reports_reports_status_Status An tx_reports_reports_status_Status object representing the security of the install tool password
69 */
70 protected function getInstallToolPasswordStatus() {
71 $value = $GLOBALS['LANG']->getLL('status_ok');
72 $message = '';
73 $severity = tx_reports_reports_status_Status::OK;
74
75 if ($GLOBALS['TYPO3_CONF_VARS']['BE']['installToolPassword'] == md5('joh316')) {
76 $value = $GLOBALS['LANG']->getLL('status_insecure');
77 $severity = tx_reports_reports_status_Status::ERROR;
78
79 $changeInstallToolPasswordUrl = 'install/index.php?redirect_url=index.php'
80 . urlencode('?TYPO3_INSTALL[type]=about');
81
82 $message = sprintf(
83 $GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_core.xml:warning.install_password'),
84 '<a href="' . $changeInstallToolPasswordUrl . '">',
85 '</a>'
86 );
87 }
88
89 return t3lib_div::makeInstance('tx_reports_reports_status_Status',
90 'Install Tool Password', $value, $message, $severity
91 );
92 }
93
94 /**
95 * Checks whether a an BE user account named admin with default password exists.
96 *
97 * @return tx_reports_reports_status_Status An tx_reports_reports_status_Status object representing whether a default admin account exists
98 */
99 protected function getAdminAccountStatus() {
100 $value = $GLOBALS['LANG']->getLL('status_ok');
101 $message = '';
102 $severity = tx_reports_reports_status_Status::OK;
103
104 $whereClause = 'username = ' . $GLOBALS['TYPO3_DB']->fullQuoteStr('admin', 'be_users')
105 . ' AND password = ' . $GLOBALS['TYPO3_DB']->fullQuoteStr('5f4dcc3b5aa765d61d8327deb882cf99', 'be_users')
106 . t3lib_BEfunc::deleteClause('be_users');
107 $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
108 'uid, username, password',
109 'be_users',
110 $whereClause
111 );
112 if ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
113 $value = $GLOBALS['LANG']->getLL('status_insecure');
114 $severity = tx_reports_reports_status_Status::ERROR;
115
116 $editUserAccountUrl = 'alt_doc.php?returnUrl=index.php&edit[be_users][' . $row['uid'] . ']=edit';
117 $message = sprintf(
118 $GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_core.xml:warning.backend_admin'),
119 '<a href="' . $editUserAccountUrl . '">',
120 '</a>'
121 );
122 }
123 $GLOBALS['TYPO3_DB']->sql_free_result($res);
124
125 return t3lib_div::makeInstance('tx_reports_reports_status_Status',
126 'Admin User Account', $value, $message, $severity
127 );
128 }
129
130 /**
131 * Checks for the existance of the ENABLE_INSTALL_TOOL file.
132 *
133 * @return tx_reports_reports_status_Status An tx_reports_reports_status_Status object representing whether ENABLE_INSTALL_TOOL exists
134 */
135 protected function getInstallToolProtectionStatus() {
136 $enableInstallToolFile = PATH_site . 'typo3conf/ENABLE_INSTALL_TOOL';
137 $value = $GLOBALS['LANG']->getLL('status_disabled');
138 $message = '';
139 $severity = tx_reports_reports_status_Status::OK;
140
141 $enableInstallToolFileExists = is_file($enableInstallToolFile);
142
143 if ($enableInstallToolFileExists || ($enableInstallToolFileExists && trim(file_get_contents($enableInstallToolFile)) === 'KEEP_FILE')) {
144 $value = $GLOBALS['LANG']->getLL('status_enabled');
145 $severity = tx_reports_reports_status_Status::WARNING;
146
147 $disableInstallToolUrl = t3lib_div::getIndpEnv('TYPO3_REQUEST_URL')
148 . '&adminCmd=remove_ENABLE_INSTALL_TOOL';
149
150 $message = sprintf(
151 $GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_core.xml:warning.install_enabled'),
152 '<span style="white-space: nowrap;">' . $enableInstallToolFile . '</span>');
153 $message .= ' <a href="' . $disableInstallToolUrl . '">'
154 . $GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_core.xml:warning.install_enabled_cmd')
155 . '</a>';
156 }
157
158 return t3lib_div::makeInstance('tx_reports_reports_status_Status',
159 'Install Tool', $value, $message, $severity
160 );
161 }
162 }
163
164
165 if (defined('TYPO3_MODE') && $TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['ext/reports/reports/status/class.tx_reports_reports_status_installtoolstatus.php']) {
166 include_once($TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['ext/reports/reports/status/class.tx_reports_reports_status_installtoolstatus.php']);
167 }
168
169 ?>