report/security/index.php

   1 <?php
   2 // This file is part of Moodle - http://moodle.org/
   3 //
   4 // Moodle is free software: you can redistribute it and/or modify
   5 // it under the terms of the GNU General Public License as published by
   6 // the Free Software Foundation, either version 3 of the License, or
   7 // (at your option) any later version.
   8 //
   9 // Moodle is distributed in the hope that it will be useful,
  10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12 // GNU General Public License for more details.
  13 //
  14 // You should have received a copy of the GNU General Public License
  15 // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16
  17 /**
  18  * Security overview report
  19  *
  20  * @package    report
  21  * @subpackage security
  22  * @copyright  2008 petr Skoda
  23  * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  24  */
  25
  26 define('NO_OUTPUT_BUFFERING', true);
  27
  28 require('../../config.php');
  29 require_once($CFG->dirroot.'/report/security/locallib.php');
  30 require_once($CFG->libdir.'/adminlib.php');
  31
  32 require_login();
  33
  34 $issue = optional_param('issue', '', PARAM_ALPHANUMEXT); // show detailed info about one issue only
  35
  36 $issues = report_security_get_issue_list();
  37
  38 // test if issue valid string
  39 if (array_search($issue, $issues, true) === false) {
  40     $issue = '';
  41 }
  42
  43 // we may need a bit more memory and this may take a long time to process
  44 raise_memory_limit(MEMORY_EXTRA);
  45 core_php_time_limit::raise();
  46
  47 // Print the header.
  48 admin_externalpage_setup('reportsecurity', '', null, '', array('pagelayout'=>'report'));
  49 echo $OUTPUT->header();
  50
  51 echo $OUTPUT->heading(get_string('pluginname', 'report_security'));
  52
  53 echo '<div id="timewarning">'.get_string('timewarning', 'report_security').'</div>';
  54
  55 $strok       = '<span class="statusok">'.get_string('statusok', 'report_security').'</span>';
  56 $strinfo     = '<span class="statusinfo">'.get_string('statusinfo', 'report_security').'</span>';
  57 $strwarning  = '<span class="statuswarning">'.get_string('statuswarning', 'report_security').'</span>';
  58 $strserious  = '<span class="statusserious">'.get_string('statusserious', 'report_security').'</span>';
  59 $strcritical = '<span class="statuscritical">'.get_string('statuscritical', 'report_security').'</span>';
  60
  61 $strissue    = get_string('issue', 'report_security');
  62 $strstatus   = get_string('status', 'report_security');
  63 $strdesc     = get_string('description', 'report_security');
  64 $strconfig   = get_string('configuration', 'report_security');
  65
  66 $statusarr = array(REPORT_SECURITY_OK       => $strok,
  67                    REPORT_SECURITY_INFO     => $strinfo,
  68                    REPORT_SECURITY_WARNING  => $strwarning,
  69                    REPORT_SECURITY_SERIOUS  => $strserious,
  70                    REPORT_SECURITY_CRITICAL => $strcritical);
  71
  72 $url = "$CFG->wwwroot/report/security/index.php";
  73
  74 if ($issue and ($result = $issue(true))) {
  75     report_security_hide_timearning();
  76
  77     $table = new html_table();
  78     $table->head  = array($strissue, $strstatus, $strdesc, $strconfig);
  79     $table->rowclasses = array('leftalign issue', 'leftalign status', 'leftalign desc', 'leftalign config');
  80     $table->attributes = array('class'=>'admintable securityreport generaltable');
  81     $table->id = 'securityissuereporttable';
  82     $table->data  = array();
  83
  84     // print detail of one issue only
  85     $row = array();
  86     $row[0] = report_security_doc_link($issue, $result->name);
  87     $row[1] = $statusarr[$result->status];
  88     $row[2] = $result->info;
  89     $row[3] = is_null($result->link) ? '&nbsp;' : $result->link;
  90
  91     $PAGE->set_docs_path('report/security/' . $issue);
  92
  93     $table->data[] = $row;
  94
  95     echo html_writer::table($table);
  96
  97     echo $OUTPUT->box($result->details, 'generalbox boxwidthnormal boxaligncenter'); // TODO: add proper css
  98
  99     echo $OUTPUT->continue_button($url);
 100
 101 } else {
 102     report_security_hide_timearning();
 103
 104     $table = new html_table();
 105     $table->head  = array($strissue, $strstatus, $strdesc);
 106     $table->colclasses = array('leftalign issue', 'leftalign status', 'leftalign desc');
 107     $table->attributes = array('class'=>'admintable securityreport generaltable');
 108     $table->id = 'securityreporttable';
 109     $table->data  = array();
 110
 111     foreach ($issues as $issue) {
 112         $result = $issue(false);
 113         if (!$result) {
 114             // ignore this test
 115             continue;
 116         }
 117         $row = array();
 118         $row[0] = "<a href='$url?issue=$result->issue'>$result->name</a>";
 119         $row[1] = $statusarr[$result->status];
 120         $row[2] = $result->info;
 121
 122         $table->data[] = $row;
 123     }
 124     echo html_writer::table($table);
 125 }
 126
 127 echo $OUTPUT->footer();