admin/health.php

   1 <?php  // $Id$
   2
   3     require_once('../config.php');
   4
   5     define('SEVERITY_NOTICE',      'notice');
   6     define('SEVERITY_ANNOYANCE',   'annoyance');
   7     define('SEVERITY_SIGNIFICANT', 'significant');
   8     define('SEVERITY_CRITICAL',    'critical');
   9
  10     require_login();
  11     if (!isadmin()) {
  12         error('Only the admin can use this page');
  13     }
  14
  15     $site = get_site();
  16     $stradmin         = get_string('administration');
  17     $strhealthcenter  = get_string('healthcenter');
  18
  19     print_header($site->shortname.': '.$strhealthcenter, $site->fullname,
  20                   '<a href="index.php">'.$stradmin.'</a> -> '.$strhealthcenter);
  21
  22 echo <<<STYLES
  23 <style type="text/css">
  24 div#healthnoproblemsfound {
  25     width: 60%;
  26     margin: auto;
  27     padding: 1em;
  28     border: 1px black solid;
  29     -moz-border-radius: 6px;
  30 }
  31 dl.healthissues {
  32     width: 60%;
  33     margin: auto;
  34 }
  35 dl.critical dt, dl.critical dd {
  36     background-color: #a71501;
  37 }
  38 dl.significant dt, dl.significant dd {
  39     background-color: #d36707;
  40 }
  41 dl.annoyance dt, dl.annoyance dd {
  42     background-color: #dba707;
  43 }
  44 dl.notice dt, dl.notice dd {
  45     background-color: #e5db36;
  46 }
  47 dt.solution, dd.solution, div#healthnoproblemsfound {
  48     background-color: #5BB83E !important;
  49 }
  50 dl.healthissues dt, dl.healthissues dd {
  51     margin: 0px;
  52     padding: 1em;
  53     border: 1px black solid;
  54 }
  55 dl.healthissues dt {
  56     font-weight: bold;
  57     border-bottom: none;
  58     padding-bottom: 0.5em;
  59 }
  60 dl.healthissues dd {
  61     border-top: none;
  62     padding-top: 0.5em;
  63     margin-bottom: 10px;
  64 }
  65 dl.healthissues dd form {
  66     margin-top: 0.5em;
  67     text-align: right;
  68 }
  69 form#healthformreturn {
  70     text-align: center;
  71     margin: 2em;
  72 }
  73 dd.solution p {
  74     padding: 0px;
  75     margin: 1em 0px;
  76 }
  77 dd.solution li {
  78     margin-top: 1em;
  79 }
  80
  81 </style>
  82 STYLES;
  83
  84     $solution = optional_param('solution', NULL);
  85
  86     if(!empty($solution) && class_exists($solution)) {
  87         health_print_solution($solution);
  88     }
  89     else {
  90         health_find_problems();
  91     }
  92
  93
  94     print_footer();
  95
  96
  97 function health_find_problems() {
  98
  99     print_heading(get_string('healthcenter'));
 100
 101     $issues   = array(
 102         SEVERITY_CRITICAL    => array(),
 103         SEVERITY_SIGNIFICANT => array(),
 104         SEVERITY_ANNOYANCE   => array(),
 105         SEVERITY_NOTICE      => array(),
 106     );
 107     $problems = 0;
 108
 109     for($i = 1; $i < 1000000; ++$i) {
 110         $classname = sprintf('problem_%06d', $i);
 111         if(!class_exists($classname)) {
 112             break;
 113         }
 114         $problem = new $classname;
 115         if($problem->exists()) {
 116             $severity = $problem->severity();
 117             $issues[$severity][$classname] = array(
 118                 'severity'    => $severity,
 119                 'description' => $problem->description(),
 120                 'title'       => $problem->title()
 121             );
 122             ++$problems;
 123         }
 124         unset($problem);
 125     }
 126
 127     if($problems == 0) {
 128         echo '<div id="healthnoproblemsfound">';
 129         echo get_string('healthnoproblemsfound');
 130         echo '</div>';
 131     }
 132     else {
 133         print_heading(get_string('healthproblemsdetected'));
 134         $severities = array(SEVERITY_CRITICAL, SEVERITY_SIGNIFICANT, SEVERITY_ANNOYANCE, SEVERITY_NOTICE);
 135         foreach($severities as $severity) {
 136             if(!empty($issues[$severity])) {
 137                 echo '<dl class="healthissues '.$severity.'">';
 138                 foreach($issues[$severity] as $classname => $data) {
 139                     echo '<dt id="'.$classname.'">'.$data['title'].'</dt>';
 140                     echo '<dd>'.$data['description'];
 141                     echo '<form action="health.php#solution" method="get">';
 142                     echo '<input type="hidden" name="solution" value="'.$classname.'" /><input type="submit" value="'.get_string('viewsolution').'" />';
 143                     echo '</form></dd>';
 144                 }
 145                 echo '</dl>';
 146             }
 147         }
 148     }
 149 }
 150
 151 function health_print_solution($classname) {
 152     $problem = new $classname;
 153     $data = array(
 154         'title'       => $problem->title(),
 155         'severity'    => $problem->severity(),
 156         'description' => $problem->description(),
 157         'solution'    => $problem->solution()
 158     );
 159
 160     print_heading(get_string('healthcenter'));
 161     print_heading(get_string('healthproblemsolution'));
 162     echo '<dl class="healthissues '.$data['severity'].'">';
 163     echo '<dt>'.$data['title'].'</dt>';
 164     echo '<dd>'.$data['description'].'</dd>';
 165     echo '<dt id="solution" class="solution">'.get_string('healthsolution').'</dt>';
 166     echo '<dd class="solution">'.$data['solution'].'</dd></dl>';
 167     echo '<form id="healthformreturn" action="health.php#'.$classname.'" method="get">';
 168     echo '<input type="submit" value="'.get_string('healthreturntomain').'" />';
 169     echo '</form>';
 170 }
 171
 172 class problem_base {
 173     function exists() {
 174         return false;
 175     }
 176     function title() {
 177         return '???';
 178     }
 179     function severity() {
 180         return SEVERITY_NOTICE;
 181     }
 182     function description() {
 183         return '';
 184     }
 185     function solution() {
 186         return '';
 187     }
 188 }
 189
 190 class problem_000001 extends problem_base {
 191     function title() {
 192         return 'Invalid value for $CFG->dirroot';
 193     }
 194     function exists() {
 195         global $CFG;
 196         $dirroot = dirname(realpath('../index.php'));
 197         if (!empty($dirroot) && $dirroot != $CFG->dirroot) {
 198             return true;
 199         }
 200         return false;
 201     }
 202     function severity() {
 203         return SEVERITY_CRITICAL;
 204     }
 205     function description() {
 206         global $CFG;
 207         return 'Your <strong>config.php</strong> file contains the setting <strong>$CFG-&gt;dirroot = "'.$CFG->dirroot.'"</strong>, which is incorrect. Unless you correct this problem, Moodle will not function correctly, if at all.';
 208     }
 209     function solution() {
 210         global $CFG;
 211         $dirroot = dirname(realpath('../index.php'));
 212         return 'You need to edit your <strong>config.php</strong> file. Find the line which reads <pre>$CFG->dirroot = \''.$CFG->dirroot.'\';</pre> and change it to read <pre>$CFG->dirroot = \''.$dirroot.'\'</pre>';
 213     }
 214 }
 215
 216 class problem_000002 extends problem_base {
 217     function title() {
 218         return 'Extra characters at the end of config.php';
 219     }
 220     function exists() {
 221         // [pj] When the requirements are raised to PHP 4.3.0 this will be file_get_contents()
 222         if($fp = @fopen('../config.php', 'r')) {
 223             $contents = fread($fp, 16384); // 16K should be enough
 224             $ending = substr($contents, -2);
 225             unset($contents);
 226             if($ending == '?>') {
 227                 return false;
 228             }
 229             fclose($fp);
 230         }
 231         return true;
 232     }
 233     function severity() {
 234         return SEVERITY_SIGNIFICANT;
 235     }
 236     function description() {
 237         return 'Your Moodle configuration file, config.php, contains some characters after the closing PHP tag (?>). This could cause Moodle to exhibit several kinds of problems and should be fixed.';
 238     }
 239     function solution() {
 240         global $CFG;
 241         return 'You need to edit <strong>'.$CFG->dirroot.'/config.php</strong> and remove all characters (including spaces and returns) after the ending ?> tag. These two characters should be the very last in that file.';
 242     }
 243 }
 244
 245 class problem_000003 extends problem_base {
 246     function title() {
 247         return '$CFG->dataroot does not exist or does not have write permissions';
 248     }
 249     function exists() {
 250         global $CFG;
 251         if(!is_dir($CFG->dataroot) || !is_writable($CFG->dataroot)) {
 252             return true;
 253         }
 254         return false;
 255     }
 256     function severity() {
 257         return SEVERITY_SIGNIFICANT;
 258     }
 259     function description() {
 260         global $CFG;
 261         return 'Your <strong>config.php</strong> says that your "data root" directory is <strong>'.$CFG->dataroot.'</strong>. However, this directory either does not exist or cannot be written to by Moodle. This means that a variety of problems will be present, such as users not being able to log in and not being able to upload any files. It is imperative that you address this problem for Moodle to work correctly.';
 262     }
 263     function solution() {
 264         global $CFG;
 265         return 'First of all, make sure that the directory <strong>'.$CFG->dataroot.'</strong> exists. If the directory does exist, then you must make sure that Moodle is able to write to it. Contact your web server administrator and request that he gives write permissions for that directory to the user that the web server process is running as.';
 266     }
 267 }
 268
 269 class problem_000004 extends problem_base {
 270     function title() {
 271         return 'cron.php is not set up to run automatically';
 272     }
 273     function exists() {
 274         global $CFG;
 275         $lastcron = get_field_sql('SELECT max(lastcron) FROM '.$CFG->prefix.'modules');
 276         return (time() - $lastcron > 3600 * 24);
 277     }
 278     function severity() {
 279         return SEVERITY_SIGNIFICANT;
 280     }
 281     function description() {
 282         return 'The cron.php mainenance script has not been run in the past 24 hours. This probably means that your server is not configured to automatically run this script in regular time intervals. If this is the case, then Moodle will mostly work as it should but some operations (notably sending email to users) will not be carried out at all.';
 283     }
 284     function solution() {
 285         global $CFG;
 286         return 'For detailed instructions on how to enable cron, see <a href="'.$CFG->wwwroot.'/doc/?file=install.html#cron">this section</a> of the installation manual.';
 287     }
 288 }
 289
 290 class problem_000005 extends problem_base {
 291     function title() {
 292         return 'PHP: session.auto_start is enabled';
 293     }
 294     function exists() {
 295         return ini_get_bool('session.auto_start');
 296     }
 297     function severity() {
 298         return SEVERITY_CRITICAL;
 299     }
 300     function description() {
 301         return 'Your PHP configuration includes an enabled setting, session.auto_start, that <strong>must be disabled</strong> in order for Moodle to work correctly. Notable symptoms arising from this misconfiguration include fatal errors and/or blank pages when trying to log in.';
 302     }
 303     function solution() {
 304         global $CFG;
 305         return '<p>There are two ways you can solve this problem:</p><ol><li>If you have access to your main <strong>php.ini</strong> file, then find the line that looks like this: <pre>session.auto_start = 1</pre> and change it to <pre>session.auto_start = 0</pre> and then restart your web server. Be warned that this, as any other PHP setting change, might affect other web applications running on the server.</li><li>Finally, you may be able to change this setting just for your site by creating or editing the file <strong>'.$CFG->dirroot.'/.htaccess</strong> to contain this line: <pre>php_value session.auto_start "0"</pre></li></ol>';
 306     }
 307 }
 308
 309 class problem_000006 extends problem_base {
 310     function title() {
 311         return 'PHP: magic_quotes_runtime is enabled';
 312     }
 313     function exists() {
 314         return (ini_get_bool('magic_quotes_runtime'));
 315     }
 316     function severity() {
 317         return SEVERITY_SIGNIFICANT;
 318     }
 319     function description() {
 320         return 'Your PHP configuration includes an enabled setting, magic_quotes_runtime, that <strong>must be disabled</strong> in order for Moodle to work correctly. Notable symptoms arising from this misconfiguration include strange display errors whenever a text field that includes single or double quotes is processed.';
 321     }
 322     function solution() {
 323         global $CFG;
 324         return '<p>There are two ways you can solve this problem:</p><ol><li>If you have access to your main <strong>php.ini</strong> file, then find the line that looks like this: <pre>magic_quotes_runtime = On</pre> and change it to <pre>magic_quotes_runtime = Off</pre> and then restart your web server. Be warned that this, as any other PHP setting change, might affect other web applications running on the server.</li><li>Finally, you may be able to change this setting just for your site by creating or editing the file <strong>'.$CFG->dirroot.'/.htaccess</strong> to contain this line: <pre>php_value magic_quotes_runtime "Off"</pre></li></ol>';
 325     }
 326 }
 327
 328 class problem_000007 extends problem_base {
 329     function title() {
 330         return 'PHP: file_uploads is disabled';
 331     }
 332     function exists() {
 333         return !ini_get_bool('file_uploads');
 334     }
 335     function severity() {
 336         return SEVERITY_SIGNIFICANT;
 337     }
 338     function description() {
 339         return 'Your PHP configuration includes a disabled setting, file_uploads, that <strong>must be enabled</strong> to let Moodle offer its full functionality. Until this setting is enabled, it will not be possible to upload any files into Moodle. This includes, for example, course content and user pictures.';
 340     }
 341     function solution() {
 342         global $CFG;
 343         return '<p>There are two ways you can solve this problem:</p><ol><li>If you have access to your main <strong>php.ini</strong> file, then find the line that looks like this: <pre>file_uploads = Off</pre> and change it to <pre>file_uploads = On</pre> and then restart your web server. Be warned that this, as any other PHP setting change, might affect other web applications running on the server.</li><li>Finally, you may be able to change this setting just for your site by creating or editing the file <strong>'.$CFG->dirroot.'/.htaccess</strong> to contain this line: <pre>php_value file_uploads "On"</pre></li></ol>';
 344     }
 345 }
 346
 347 class problem_000008 extends problem_base {
 348     function title() {
 349         return 'PHP: memory_limit cannot be controlled by Moodle';
 350     }
 351     function exists() {
 352         $memlimit = @ini_get('memory_limit');
 353         if(empty($memlimit)) {
 354             // PHP not compiled with memory limits, this means that it's
 355             // probably limited to 8M so we have a problem...
 356             return true;
 357         }
 358         // Otherwise, raise_memory_limit in setup.php will do the trick
 359         return false;
 360     }
 361     function severity() {
 362         return SEVERITY_ANNOYANCE;
 363     }
 364     function description() {
 365         return 'The settings for PHP on your server do not allow a script to request more memory during its execution. This means that most likely there is a hard limit of 8MB for each script. It is possible that certain operations within Moodle will require more than this amount in order to complete successfully, especially if there are lots of data to be processed. Therefore, it is recommended that you contact your server administrator to address this issue.';
 366     }
 367     function solution() {
 368         global $CFG;
 369         return 'We need a good solution here. Enabling memory limit control means recompiling PHP... maybe this should be SEVERITY_NOTICE instead of SEVERITY_ANNOYANCE?';
 370     }
 371 }
 372
 373 class problem_000009 extends problem_base {
 374     function title() {
 375         return 'SQL: using account without password';
 376     }
 377     function exists() {
 378         global $CFG;
 379         return empty($CFG->dbpass);
 380     }
 381     function severity() {
 382         return SEVERITY_CRITICAL;
 383     }
 384     function description() {
 385         global $CFG;
 386         return 'The user account your are connecting to the database server with is set up without a password. This is a very big security risk and is only somewhat lessened if your database is configured to not accept connections from any hosts other than the server Moodle is running on. Unless you use a strong password to connect to the database, you risk unauthorized access to and manipulation of your data.'.($CFG->dbuser != 'root'?'':' <strong>This is especially alarming because such access to the database would be as the superuser (root)!</strong>');
 387     }
 388     function solution() {
 389         global $CFG;
 390         return 'You should change the password of the user <strong>'.$CFG->dbuser.'</strong> both in your database and in your Moodle <strong>config.php</strong> immediately!'.($CFG->dbuser != 'root'?'':' It would also be a good idea to change the user account from root to something else, because this would lessen the impact in the event that your database is compromised anyway.');
 391     }
 392 }
 393
 394 class problem_000010 extends problem_base {
 395     function title() {
 396         return 'Uploaded files: slasharguments disabled or not working';
 397     }
 398     function exists() {
 399         if (!$this->is_enabled()) {
 400             return true;
 401         }
 402         if ($this->status() < 1) {
 403             return true;
 404         }
 405         return false;
 406     }
 407     function severity() {
 408         if ($this->is_enabled() and $this->status() == 0) {
 409             return SEVERITY_SIGNIFICANT;
 410         } else {
 411             return SEVERITY_ANNOYANCE;
 412         }
 413     }
 414     function description() {
 415         global $CFG;
 416         $desc = 'Slasharguments are needed for relative linking in uploaded resources:<ul>';
 417         if (!$this->is_enabled()) {
 418             $desc .= '<li>slasharguments are <strong>disabled</strong> in Moodle configuration</li>';
 419         } else {
 420             $desc .= '<li>slasharguments are enabled in Moodle configuration</li>';
 421         }
 422         if ($this->status() == -1) {
 423             $desc .= '<li>can not run automatic test, you can verify it <a href="'.$CFG->wwwroot.'/file.php/testslasharguments" target="_blank">here</a></li>';
 424         } else if ($this->status() == 0) {
 425             $desc .= '<li>slashargument test <strong>failed</strong>, please check server configuration</li>';
 426         } else {
 427             $desc .= '<li>slashargument test passed</li>';
 428         }
 429         $desc .= '</ul>';
 430         return $desc;
 431     }
 432     function solution() {
 433         global $CFG;
 434         $enabled = $this->is_enabled();
 435         $status = $this->status();
 436         $solution = '';
 437         if ($enabled and ($status == 0)) {
 438             $solution .= 'Slasharguments are enabled, but the test failed. Please disable slasharguments in Moodle configuration or fix the server configuration.<hr />';
 439         } else if ((!$enabled) and ($status == 0)) {
 440             $solution .= 'Slasharguments are disabled and the test failed. You may try to fix the server configuration.<hr />';
 441         } else if ($enabled and ($status == -1)) {
 442             $solution .= 'Slasharguments are enabled, <a href="'.$CFG->wwwroot.'/file.php/testslasharguments">automatic testing</a> not possible.<hr />';
 443         } else if ((!$enabled) and ($status == -1)) {
 444             $solution .= 'Slasharguments are disabled, <a href="'.$CFG->wwwroot.'/file.php/testslasharguments">automatic testing</a> not possible.<hr />';
 445         } else if ((!$enabled) and ($status > 0)) {
 446             $solution .= 'Slasharguments are disabled though the iternal test is OK. You should enable slasharguments in Moodle configuration.';
 447         } else if ($enabled and ($status > 0)) {
 448             $solution .= 'Congratulations - everything seems OK now :-D';
 449         }
 450         if ($status < 1) {
 451             $solution .= '<p>IIS:<ul><li>try to add <code>cgi.fix_pathinfo=1</code> to php.ini</li><li>do NOT enable AllowPathInfoForScriptMappings !!!</li><li>slasharguments may not work when using ISAPI and PHP 4.3.10 and older</li></ul></p>';
 452             $solution .= '<p>Apache 1:<ul><li>try to add <code>cgi.fix_pathinfo=1</code> to php.ini</li></ul></p>';
 453             $solution .= '<p>Apache 2:<ul><li>you must add <code>AcceptPathInfo on</code> to php.ini or .htaccess</li><li>try to add <code>cgi.fix_pathinfo=1</code> to php.ini</li></ul></p>';
 454         }
 455         return $solution;
 456     }
 457     function is_enabled() {
 458         global $CFG;
 459         return !empty($CFG->slasharguments);
 460     }
 461     function status() {
 462         global $CFG;
 463         $handle = @fopen($CFG->wwwroot.'/file.php?file=/testslasharguments', "r");
 464         $contents = trim(@fread($handle, 7));
 465         @fclose($handle);
 466         if ($contents != 'test -1') {
 467             return -1;
 468         }
 469         $handle = @fopen($CFG->wwwroot.'/file.php/testslasharguments', "r");
 470         $contents = trim(@fread($handle, 6));
 471         @fclose($handle);
 472         switch ($contents) {
 473             case 'test 1': return 1;
 474             case 'test 2': return 2;
 475             default:  return 0;
 476         }
 477     }
 478 }
 479
 480 class problem_000011 extends problem_base {
 481     function title() {
 482         return 'Session errors detected';
 483     }
 484     function exists() {
 485         global $CFG;
 486         return isset($CFG->session_error_counter);
 487     }
 488     function severity() {
 489         return SEVERITY_ANNOYANCE;
 490     }
 491     function description() {
 492         global $CFG;
 493         if (isset($CFG->session_error_counter)) {
 494             return 'Session problems were detected. Total count: '.$CFG->session_error_counter;
 495         } else {
 496             return 'No session errors detected.';
 497         }
 498     }
 499     function solution() {
 500         global $CFG;
 501         if (isset($_GET['resetsesserrorcounter'])) {
 502             if (get_field('config', 'name', 'name', 'session_error_counter')) {
 503                 delete_records('config', 'name', 'session_error_counter');
 504             }
 505             return 'Error counter was cleared.';
 506         } else {
 507             return '<p>Session errors can be caused by:<ul><li>unresolved problem in server software (aka random switching of users),</li><li>blocked or modified cookies,</li><li>deleting of active session files.</li></ul></p><p><a href="'.me().'&resetsesserrorcounter=1">Reset counter.</a></p>';
 508         }
 509     }
 510 }
 511
 512
 513 class problem_00000x extends problem_base {
 514     function title() {
 515         return '';
 516     }
 517     function exists() {
 518         return false;
 519     }
 520     function severity() {
 521         return SEVERITY_SIGNIFICANT;
 522     }
 523     function description() {
 524         return '';
 525     }
 526     function solution() {
 527         global $CFG;
 528         return '';
 529     }
 530 }
 531
 532 /*
 533
 534 TODO:
 535
 536     session.save_path -- it doesn't really matter because we are already IN a session, right?
 537
 538 */
 539
 540 ?>