Debug the security page
This commit is contained in:
Laurent Destailleur
parent
7294a47ef5
commit
38d88ced0b
@ -153,7 +153,7 @@ if (ini_get('safe_mode') && !empty($conf->global->MAIN_ANTIVIRUS_COMMAND))
|
||||
dol_syslog("safe_mode is on, basedir is ".$basedir.", safe_mode_exec_dir is ".ini_get('safe_mode_exec_dir'), LOG_WARNING);
|
||||
}
|
||||
}
|
||||
print '<input type="text" name="MAIN_ANTIVIRUS_COMMAND" class="minwidth500imp" value="'.(!empty($conf->global->MAIN_ANTIVIRUS_COMMAND) ?dol_escape_htmltag($conf->global->MAIN_ANTIVIRUS_COMMAND) : '').'">';
|
||||
print '<input type="text" '.(defined('MAIN_ANTIVIRUS_COMMAND') ? 'disabled' : '').' name="MAIN_ANTIVIRUS_COMMAND" class="minwidth500imp" value="'.(!empty($conf->global->MAIN_ANTIVIRUS_COMMAND) ?dol_escape_htmltag($conf->global->MAIN_ANTIVIRUS_COMMAND) : '').'">';
|
||||
if (defined('MAIN_ANTIVIRUS_COMMAND')) {
|
||||
print '<br><span class="opacitymedium">'.$langs->trans("ValueIsForcedBySystem").'</span>';
|
||||
}
|
||||
|
||||
@ -83,6 +83,7 @@ print '<li>';
|
||||
print '<a target="_blank" href="https://www.dolibarr.org/" rel="external">'.$langs->trans("OfficialWebSite").'</a>';
|
||||
print '</li>';
|
||||
// Show local site
|
||||
/*
|
||||
if (preg_match('/^fr_/i', $langs->getDefaultLang()))
|
||||
{
|
||||
print '<li>';
|
||||
@ -112,7 +113,7 @@ if (preg_match('/^de_/i', $langs->getDefaultLang()))
|
||||
print '<li>';
|
||||
print '<a target="_blank" href="https://www.dolibarr.de/" rel="external">'.$langs->trans("OfficialWebSiteLocal", $langs->transnoentitiesnoconv("Germany")).'</a>';
|
||||
print '</li>';
|
||||
}
|
||||
}*/
|
||||
print '<li>';
|
||||
print '<a target="_blank" href="https://wiki.dolibarr.org/" rel="external">'.$langs->trans("OfficialWiki").'</a>';
|
||||
print '</li>';
|
||||
@ -168,7 +169,7 @@ print $langs->trans("OtherResources").':';
|
||||
print '<ul>';
|
||||
|
||||
$url = 'https://saas.dolibarr.org'; $title = $langs->trans("OfficialWebHostingService");
|
||||
if (preg_match('/^fr_/i', $langs->getDefaultLang())) $url = 'https://wiki.dolibarr.org/index.php/Solutions_de_Cloud';
|
||||
if (preg_match('/^fr_/i', $langs->getDefaultLang())) $url = 'https://wiki.dolibarr.org/index.php/Solutions_Cloud_pour_Dolibarr_ERP_CRM';
|
||||
if (preg_match('/^es_/i', $langs->getDefaultLang())) $url = 'https://wiki.dolibarr.org/index.php/Soluciones_en_la_Nube';
|
||||
print '<li>';
|
||||
print '<a target="_blank" href="'.$url.'" rel="external">'.$title.'</a>';
|
||||
|
||||
@ -62,7 +62,7 @@ print "<br><strong>Web server</strong> - ".$langs->trans("Version").": ".$_SERVE
|
||||
print '<br>';
|
||||
print '<strong>'.$langs->trans("XDebug").'</strong>: ';
|
||||
$test = !function_exists('xdebug_is_enabled');
|
||||
if ($test) print img_picto('', 'tick.png').' '.$langs->trans("NotInstalled");
|
||||
if ($test) print img_picto('', 'tick.png').' '.$langs->trans("NotInstalled").' - '.$langs->trans("NotSlowedDownByThis");
|
||||
else {
|
||||
print img_picto('', 'warning').' '.$langs->trans("ModuleActivated", $langs->transnoentities("XDebug"));
|
||||
print ' - '.$langs->trans("MoreInformation").' <a href="'.DOL_URL_ROOT.'/admin/system/xdebug.php">XDebug admin page</a>';
|
||||
@ -73,7 +73,7 @@ print '<br>';
|
||||
print '<br>';
|
||||
print '<strong>'.$langs->trans("Syslog").'</strong>: ';
|
||||
$test = empty($conf->syslog->enabled);
|
||||
if ($test) print img_picto('', 'tick.png').' '.$langs->trans("NotInstalled");
|
||||
if ($test) print img_picto('', 'tick.png').' '.$langs->trans("NotInstalled").' - '.$langs->trans("NotSlowedDownByThis");
|
||||
else {
|
||||
print img_picto('', 'warning').' '.$langs->trans("ModuleActivated", $langs->transnoentities("Syslog"));
|
||||
//print ' '.$langs->trans("MoreInformation").' <a href="'.DOL_URL_ROOT.'/admin/system/xdebug.php'.'">XDebug admin page</a>';
|
||||
@ -84,7 +84,7 @@ print '<br>';
|
||||
print '<br>';
|
||||
print '<strong>'.$langs->trans("DebugBar").'</strong>: ';
|
||||
$test = empty($conf->debugbar->enabled);
|
||||
if ($test) print img_picto('', 'tick.png').' '.$langs->trans("NotInstalled");
|
||||
if ($test) print img_picto('', 'tick.png').' '.$langs->trans("NotInstalled").' - '.$langs->trans("NotSlowedDownByThis");
|
||||
else {
|
||||
print img_picto('', 'warning').' '.$langs->trans("ModuleActivated", $langs->transnoentities("DebugBar"));
|
||||
//print ' '.$langs->trans("MoreInformation").' <a href="'.DOL_URL_ROOT.'/admin/system/xdebug.php'.'">XDebug admin page</a>';
|
||||
|
||||
@ -66,32 +66,40 @@ print "<strong>PHP safe_mode</strong> = ".(ini_get('safe_mode') ? ini_get('safe_
|
||||
print "<strong>PHP open_basedir</strong> = ".(ini_get('open_basedir') ? ini_get('open_basedir') : yn(0))."<br>\n";
|
||||
print '<br>';
|
||||
|
||||
print '<br>';
|
||||
print load_fiche_titre($langs->trans("ConfigFile"), '', '');
|
||||
|
||||
print '<strong>'.$langs->trans("dolibarr_main_prod").'</strong>: '.$dolibarr_main_prod;
|
||||
if (empty($dolibarr_main_prod)) {
|
||||
print img_picto('', 'warning').' '.$langs->trans("IfYouAreOnAProductionSetThis");
|
||||
}
|
||||
// dolibarr_main_prod
|
||||
|
||||
print '<br>';
|
||||
|
||||
print '<br>';
|
||||
print '<br>';
|
||||
print load_fiche_titre($langs->trans("Permissions"), '', '');
|
||||
|
||||
print load_fiche_titre($langs->trans("PermissionsOnFiles"), '', '');
|
||||
|
||||
print '<strong>'.$langs->trans("PermissionOnFileInWebRoot").'</strong>: ';
|
||||
// TODO
|
||||
print '<strong>'.$langs->trans("PermissionsOnFilesInWebRoot").'</strong>: ';
|
||||
// TODO Check permission are read only except for custom dir
|
||||
print 'TODO';
|
||||
|
||||
|
||||
print '<br>';
|
||||
print '<br>';
|
||||
|
||||
print '<strong>'.$langs->trans("PermissionsOnFile", 'conf.php').'</strong>: ';
|
||||
// TODO Check permission on file conf.php (read only for the web user)
|
||||
print 'TODO';
|
||||
print '<br>';
|
||||
|
||||
print '<br>';
|
||||
|
||||
print '<br>';
|
||||
print load_fiche_titre($langs->trans("Modules"), '', '');
|
||||
|
||||
// XDebug
|
||||
print '<strong>'.$langs->trans("XDebug").'</strong>: ';
|
||||
$test = !function_exists('xdebug_is_enabled');
|
||||
if ($test) print img_picto('', 'tick.png').' '.$langs->trans("NotInstalled");
|
||||
if ($test) print img_picto('', 'tick.png').' '.$langs->trans("NotInstalled").' - '.$langs->trans("NotRiskOfLeakWithThis");
|
||||
else {
|
||||
print img_picto('', 'warning').' '.$langs->trans("ModuleActivatedMayExposeInformation", $langs->transnoentities("XDebug"));
|
||||
print ' - '.$langs->trans("MoreInformation").' <a href="'.DOL_URL_ROOT.'/admin/system/xdebug.php">XDebug admin page</a>';
|
||||
@ -102,7 +110,7 @@ print '<br>';
|
||||
print '<br>';
|
||||
print '<strong>'.$langs->trans("Syslog").'</strong>: ';
|
||||
$test = empty($conf->syslog->enabled);
|
||||
if ($test) print img_picto('', 'tick.png').' '.$langs->trans("NotInstalled");
|
||||
if ($test) print img_picto('', 'tick.png').' '.$langs->trans("NotInstalled").' - '.$langs->trans("NotRiskOfLeakWithThis");
|
||||
else {
|
||||
print img_picto('', 'warning').' '.$langs->trans("ModuleActivatedMayExposeInformation", $langs->transnoentities("Syslog"));
|
||||
//print ' '.$langs->trans("MoreInformation").' <a href="'.DOL_URL_ROOT.'/admin/system/xdebug.php'.'">XDebug admin page</a>';
|
||||
@ -113,14 +121,15 @@ print '<br>';
|
||||
print '<br>';
|
||||
print '<strong>'.$langs->trans("DebugBar").'</strong>: ';
|
||||
$test = empty($conf->debugbar->enabled);
|
||||
if ($test) print img_picto('', 'tick.png').' '.$langs->trans("NotInstalled");
|
||||
if ($test) print img_picto('', 'tick.png').' '.$langs->trans("NotInstalled").' - '.$langs->trans("NotRiskOfLeakWithThis");
|
||||
else {
|
||||
print img_picto('', 'error').' '.$langs->trans("ModuleActivatedDoNotUseInProduction", $langs->transnoentities("DebugBar"));
|
||||
//print ' '.$langs->trans("MoreInformation").' <a href="'.DOL_URL_ROOT.'/admin/system/xdebug.php'.'">XDebug admin page</a>';
|
||||
}
|
||||
print '<br>';
|
||||
print '<br>';
|
||||
|
||||
print '<br>';
|
||||
print '<br>';
|
||||
print load_fiche_titre($langs->trans("SecuritySetup"), '', '');
|
||||
|
||||
//print '<strong>'.$langs->trans("PasswordEncryption").'</strong>: ';
|
||||
@ -130,7 +139,13 @@ print '<br>';
|
||||
// TODO
|
||||
|
||||
print '<strong>'.$langs->trans("AntivirusEnabledOnUpload").'</strong>: ';
|
||||
// TODO
|
||||
print yn($conf->global->MAIN_ANTIVIRUS_COMMAND ? 1 : 0);
|
||||
if (!empty($conf->global->MAIN_ANTIVIRUS_COMMAND)) {
|
||||
print ' - '.$conf->global->MAIN_ANTIVIRUS_COMMAND;
|
||||
if (defined('MAIN_ANTIVIRUS_COMMAND')) {
|
||||
print ' - <span class="opacitymedium">'.$langs->trans("ValueIsForcedBySystem").'</span>';
|
||||
}
|
||||
}
|
||||
print '<br>';
|
||||
|
||||
print '<br>';
|
||||
|
||||
@ -763,9 +763,11 @@ function print_left_eldy_menu($db, $menu_array_before, $menu_array_after, &$tabM
|
||||
$newmenu->add('/admin/system/os.php?mainmenu=home&leftmenu=admintools', $langs->trans('InfoOS'), 1);
|
||||
$newmenu->add('/admin/system/web.php?mainmenu=home&leftmenu=admintools', $langs->trans('InfoWebServer'), 1);
|
||||
$newmenu->add('/admin/system/phpinfo.php?mainmenu=home&leftmenu=admintools', $langs->trans('InfoPHP'), 1);
|
||||
//if (function_exists('xdebug_is_enabled')) $newmenu->add('/admin/system/xdebug.php', $langs->trans('XDebug'),1);
|
||||
$newmenu->add('/admin/system/database.php?mainmenu=home&leftmenu=admintools', $langs->trans('InfoDatabase'), 1);
|
||||
//$newmenu->add("/admin/system/perf.php?mainmenu=home&leftmenu=admintools", $langs->trans("InfoPerf"),1);
|
||||
if (!empty($conf->global->MAIN_FEATURES_LEVEL)) {
|
||||
$newmenu->add("/admin/system/perf.php?mainmenu=home&leftmenu=admintools", $langs->trans("InfoPerf"),1);
|
||||
$newmenu->add("/admin/system/security.php?mainmenu=home&leftmenu=admintools", $langs->trans("InfoSecurity"),1);
|
||||
}
|
||||
$newmenu->add("/admin/tools/dolibarr_export.php?mainmenu=home&leftmenu=admintools", $langs->trans("Backup"), 1);
|
||||
$newmenu->add("/admin/tools/dolibarr_import.php?mainmenu=home&leftmenu=admintools", $langs->trans("Restore"), 1);
|
||||
$newmenu->add("/admin/tools/update.php?mainmenu=home&leftmenu=admintools", $langs->trans("MenuUpgrade"), 1);
|
||||
|
||||
@ -37,6 +37,8 @@ UnlockNewSessions=Remove connection lock
|
||||
YourSession=Your session
|
||||
Sessions=Users Sessions
|
||||
WebUserGroup=Web server user/group
|
||||
PermissionsOnFilesInWebRoot=Permissions on files in web root directory
|
||||
PermissionsOnFile=Permissions on file %s
|
||||
NoSessionFound=Your PHP configuration seems to not allow listing of active sessions. The directory used to save sessions (<b>%s</b>) may be protected (for example by OS permissions or by PHP directive open_basedir).
|
||||
DBStoringCharset=Database charset to store data
|
||||
DBSortingCharset=Database charset to sort data
|
||||
@ -1179,6 +1181,7 @@ InfoWebServer=About Web Server
|
||||
InfoDatabase=About Database
|
||||
InfoPHP=About PHP
|
||||
InfoPerf=About Performances
|
||||
InfoSecurity=About Security
|
||||
BrowserName=Browser name
|
||||
BrowserOS=Browser OS
|
||||
ListOfSecurityEvents=List of Dolibarr security events
|
||||
@ -1558,7 +1561,9 @@ LDAPDescValues=Example values are designed for <b>OpenLDAP</b> with following lo
|
||||
ForANonAnonymousAccess=For an authenticated access (for a write access for example)
|
||||
PerfDolibarr=Performance setup/optimizing report
|
||||
YouMayFindPerfAdviceHere=This page provides some checks or advice related to performance.
|
||||
NotInstalled=Not installed, so your server is not slowed down by this.
|
||||
NotInstalled=Not installed.
|
||||
NotSlowedDownByThis=Not slowed down by this.
|
||||
NotRiskOfLeakWithThis=Not risk of leak with this.
|
||||
ApplicativeCache=Applicative cache
|
||||
MemcachedNotAvailable=No applicative cache found. You can enhance performance by installing a cache server Memcached and a module able to use this cache server.<br>More information here <a href="http://wiki.dolibarr.org/index.php/Module_MemCached_EN">http://wiki.dolibarr.org/index.php/Module_MemCached_EN</a>.<br>Note that a lot of web hosting provider does not provide such cache server.
|
||||
MemcachedModuleAvailableButNotSetup=Module memcached for applicative cache found but setup of module is not complete.
|
||||
@ -2032,6 +2037,8 @@ UseDebugBar=Use the debug bar
|
||||
DEBUGBAR_LOGS_LINES_NUMBER=Number of last log lines to keep in console
|
||||
WarningValueHigherSlowsDramaticalyOutput=Warning, higher values slows dramaticaly output
|
||||
ModuleActivated=Module %s is activated and slows the interface
|
||||
IfYouAreOnAProductionSetThis=If you are on a production environment, you should set this property.
|
||||
AntivirusEnabledOnUpload=Antivirus enabled on uploaded files
|
||||
EXPORTS_SHARE_MODELS=Export models are share with everybody
|
||||
ExportSetup=Setup of module Export
|
||||
ImportSetup=Setup of module Import
|
||||
@ -2069,3 +2076,6 @@ MailToSendEventPush=Event reminder email
|
||||
SwitchThisForABetterSecurity=Switching this value to %s is recommended for more security
|
||||
DictionaryProductNature= Nature of product
|
||||
CountryIfSpecificToOneCountry=Country (if specific to a given country)
|
||||
YouMayFindSecurityAdviceHere=You may find security advisory here
|
||||
ModuleActivatedMayExposeInformation=This module may expose sensitive data. If you don't need it, disable it.
|
||||
ModuleActivatedDoNotUseInProduction=A module designed for the development has been enabled. Do not enable it on a production environment.
|
||||
Loading…
Reference in New Issue
Block a user