Changeset View
Changeset View
Standalone View
Standalone View
src/applications/config/check/PhabricatorPHPConfigSetupCheck.php
Show All 15 Lines | protected function executeChecks() { | ||||
if (empty($_SERVER['REMOTE_ADDR'])) { | if (empty($_SERVER['REMOTE_ADDR'])) { | ||||
$doc_href = PhabricatorEnv::getDoclink('Configuring a Preamble Script'); | $doc_href = PhabricatorEnv::getDoclink('Configuring a Preamble Script'); | ||||
$summary = pht( | $summary = pht( | ||||
'You likely need to fix your preamble script so '. | 'You likely need to fix your preamble script so '. | ||||
'REMOTE_ADDR is no longer empty.'); | 'REMOTE_ADDR is no longer empty.'); | ||||
$message = pht( | $message = pht( | ||||
'No REMOTE_ADDR is available, so Phabricator cannot determine the '. | 'No REMOTE_ADDR is available, so this server cannot determine the '. | ||||
'origin address for requests. This will prevent Phabricator from '. | 'origin address for requests. This will prevent the software from '. | ||||
'performing important security checks. This most often means you '. | 'performing important security checks. This most often means you '. | ||||
'have a mistake in your preamble script. Consult the documentation '. | 'have a mistake in your preamble script. Consult the documentation '. | ||||
'(%s) and double-check that the script is written correctly.', | '(%s) and double-check that the script is written correctly.', | ||||
phutil_tag( | phutil_tag( | ||||
'a', | 'a', | ||||
array( | array( | ||||
'href' => $doc_href, | 'href' => $doc_href, | ||||
'target' => '_blank', | 'target' => '_blank', | ||||
Show All 37 Lines | if (!extension_loaded('mysqli')) { | ||||
$summary = pht( | $summary = pht( | ||||
'Install the MySQLi extension to improve database behavior.'); | 'Install the MySQLi extension to improve database behavior.'); | ||||
$message = pht( | $message = pht( | ||||
'PHP is currently using the very old "mysql" extension to interact '. | 'PHP is currently using the very old "mysql" extension to interact '. | ||||
'with the database. You should install the newer "mysqli" extension '. | 'with the database. You should install the newer "mysqli" extension '. | ||||
'to improve behaviors (like error handling and query timeouts).'. | 'to improve behaviors (like error handling and query timeouts).'. | ||||
"\n\n". | "\n\n". | ||||
'Phabricator will work with the older extension, but upgrading to the '. | 'This software will work with the older extension, but upgrading to '. | ||||
'newer extension is recommended.'. | 'the newer extension is recommended.'. | ||||
"\n\n". | "\n\n". | ||||
'You may be able to install the extension with a command like: %s', | 'You may be able to install the extension with a command like: %s', | ||||
// NOTE: We're intentionally telling you to install "mysqlnd" here; on | // NOTE: We're intentionally telling you to install "mysqlnd" here; on | ||||
// Ubuntu, there's no separate "mysqli" package. | // Ubuntu, there's no separate "mysqli" package. | ||||
phutil_tag('tt', array(), 'sudo apt-get install php5-mysqlnd')); | phutil_tag('tt', array(), 'sudo apt-get install php5-mysqlnd')); | ||||
$this->newIssue('php.mysqli') | $this->newIssue('php.mysqli') | ||||
->setName(pht('MySQLi Extension Not Available')) | ->setName(pht('MySQLi Extension Not Available')) | ||||
->setSummary($summary) | ->setSummary($summary) | ||||
->setMessage($message); | ->setMessage($message); | ||||
} else if (!defined('MYSQLI_ASYNC')) { | } else if (!defined('MYSQLI_ASYNC')) { | ||||
$summary = pht( | $summary = pht( | ||||
'Configure the MySQL Native Driver to improve database behavior.'); | 'Configure the MySQL Native Driver to improve database behavior.'); | ||||
$message = pht( | $message = pht( | ||||
'PHP is currently using the older MySQL external driver instead of '. | 'PHP is currently using the older MySQL external driver instead of '. | ||||
'the newer MySQL native driver. The older driver lacks options and '. | 'the newer MySQL native driver. The older driver lacks options and '. | ||||
'features (like support for query timeouts) which allow Phabricator '. | 'features (like support for query timeouts) which allow this server '. | ||||
'to interact better with the database.'. | 'to interact better with the database.'. | ||||
"\n\n". | "\n\n". | ||||
'Phabricator will work with the older driver, but upgrading to the '. | 'This software will work with the older driver, but upgrading to the '. | ||||
'native driver is recommended.'. | 'native driver is recommended.'. | ||||
"\n\n". | "\n\n". | ||||
'You may be able to install the native driver with a command like: %s', | 'You may be able to install the native driver with a command like: %s', | ||||
phutil_tag('tt', array(), 'sudo apt-get install php5-mysqlnd')); | phutil_tag('tt', array(), 'sudo apt-get install php5-mysqlnd')); | ||||
$this->newIssue('php.myqlnd') | $this->newIssue('php.myqlnd') | ||||
->setName(pht('MySQL Native Driver Not Available')) | ->setName(pht('MySQL Native Driver Not Available')) | ||||
Show All 18 Lines | if (ini_get($infile_key)) { | ||||
'it connects to for the content of any local file.'. | 'it connects to for the content of any local file.'. | ||||
"\n\n". | "\n\n". | ||||
'This capability supports MySQL "LOAD DATA LOCAL INFILE" queries, but '. | 'This capability supports MySQL "LOAD DATA LOCAL INFILE" queries, but '. | ||||
'allows a malicious MySQL server read access to the local disk: the '. | 'allows a malicious MySQL server read access to the local disk: the '. | ||||
'server can ask the client to send the content of any local file, '. | 'server can ask the client to send the content of any local file, '. | ||||
'and the client will comply.'. | 'and the client will comply.'. | ||||
"\n\n". | "\n\n". | ||||
'Although it is normally difficult for an attacker to convince '. | 'Although it is normally difficult for an attacker to convince '. | ||||
'Phabricator to connect to a malicious MySQL server, you should '. | 'this software to connect to a malicious MySQL server, you should '. | ||||
'disable this option: this capability is unnecessary and inherently '. | 'disable this option: this capability is unnecessary and inherently '. | ||||
'dangerous.'. | 'dangerous.'. | ||||
"\n\n". | "\n\n". | ||||
'To disable this option, set: %s', | 'To disable this option, set: %s', | ||||
phutil_tag('tt', array(), pht('%s = 0', $infile_key))); | phutil_tag('tt', array(), pht('%s = 0', $infile_key))); | ||||
$this->newIssue('php.'.$infile_key) | $this->newIssue('php.'.$infile_key) | ||||
->setName(pht('Unsafe PHP "Local Infile" Configuration')) | ->setName(pht('Unsafe PHP "Local Infile" Configuration')) | ||||
->setSummary($summary) | ->setSummary($summary) | ||||
->setMessage($message) | ->setMessage($message) | ||||
->addPHPConfig($infile_key); | ->addPHPConfig($infile_key); | ||||
} | } | ||||
} | } | ||||
} | } |