<?php

#####################################################################################
#  This file is deliverd as sas_check.txt , please rename it to sas_check.php 		#
#  only when you need to check your Site@School installation 						#
#																					#
#  This script will check your installation and produces a list with				#
#  valueable information on software versions, installed modules etc.				#
# Version 2.4																		# 
#$Id: sas_check.txt,v 1.2 2006/10/15 19:08:53 fstuurman Exp $						#
#####################################################################################
if (IsSet ($_GET['sendmail']))
{
	$sendmail = $_GET['sendmail'];
}
if (IsSet ($_POST['email']))
{
	$email = $_POST['email'];
}
// define some text we need later
$result_error = "<b><font color=red>&nbsp;Not ok!&nbsp;</b></font>";
$result_ok = "<font color=green><b>&nbsp;Ok!&nbsp;</b></font>";
$result_warning = "&nbsp;<font color=orange><b>Warning&nbsp;</b></font>";

$i = 0;
//check if S@S is installed
$check_output[0] = "Site@School has been installed?";
if (file_exists("configuration/database.inc.php"))
{
	include ("configuration/database.inc.php");
	@ mysql_connect("$db_server", "$db_username", "$db_password") or $db_test = "failed";
	if ($db_test != "failed")
	{
		$db_selected = mysql_select_db("$db_name");
		if ($db_selected)
		{
			$check_result[$i] = "Connection to database succeeded";
			$check_status[$i] = $result_ok;
			$db_test = "ok";
		}
		else
		{
			$check_result[$i] = "Connection to database not succeeded";
			$check_status[$i] = $result_error;
			$db_test = "failed";
		}
	}
	else
	{
		$check_result[$i] = "Connection to database not succeeded";
		$check_status[$i] = $result_error;
	}
}
else
{
	$check_result[$i] = "Site@School seems not installed!";
	$check_status[$i] = $result_warning;
}

$i++;
// Check the version of the code
$check_output[$i] = "Site@School code version";
$result = mysql_query("SELECT config_value FROM $table_configuration WHERE config_key = 'sas_version'");
$RecordCount = mysql_num_rows($result);
if ($RecordCount > 0)
{
	$sas_version = mysql_result($result, 0);
	$result = mysql_query("SELECT config_value FROM $table_configuration WHERE config_key = 'sas_patch_version'");
	$sas_patch_version = mysql_result($result, 0);

	$check_result[$i] = $sas_version . "." . $sas_patch_version . "</b><p>";
	$check_status[$i] = "";
}
else
{
	$filename = "interface/menubar.inc.php";
	$handle = fopen($filename, "r");
	$contents = fread($handle, filesize($filename));
	$pos1 = strpos($contents, "version<br>");
	$check_result[$i] = substr($contents, $pos1 +11, 20);
	$check_status[$i] = "";
	fclose($handle);
}

//display apache version
$i++;
$check_output[$i] = "Webserver version:";
$check_result[$i] = "Version " . $_SERVER['SERVER_SOFTWARE'];
$check_status[$i] = "";

//display mysql version
$i++;
$check_output[$i] = "MySQL server version:";
$check_result[$i] = "Version " . mysql_get_server_info();
$check_status[$i] = "";

//check php version
$i++;
$check_output[$i] = "Check PHP version.";
$version = phpversion();
if (substr(phpversion(), 0, 1) == "3")
{
	$check_result[$i] = "sorry, PHP 4 required!</b><br><br> Please download the current version at <a href='http://www.php.net'>www.php.net</a>.";
	$check_status[$i] = $result_error;
}
elseif (substr(phpversion(), 0, 3) == "4.0" and ereg("0|1", substr(phpversion(), 4, 1)))
{
	$check_result[$i] = "The used PHP version is " . $version . " - we strongly recommend you to update to a newer version.";
	$check_status[$i] = $result_warning;
}
else
{
	$check_result[$i] = "The version of the used PHP parser is " . $version;
	$check_status[$i] = $result_ok;
}

// check whether session are enabled at all!!
$i++;
$check_output[$i] = "Check if server has session management.";
if (!extension_loaded('session'))
{
	$check_result[$i] = "Check failed!";
	$check_status[$i] = $result_error;
}
else
{
	$check_result[$i] = "Check ok!";
	$check_status[$i] = $result_ok;
}

// register_globals check
$i++;
$check_output[$i] = "Check open basedir in php.ini.";
if (get_cfg_var("open_basedir"))
{
	$check_result[$i] = "Please delete the value of 'open_basedir' in the php.ini.";
	$check_status[$i] = $result_error;
}
else
{
	$check_result[$i] = "Open basedir is empty";
	$check_status[$i] = $result_ok;
}

// allow_url_fopen check
$i++;
$check_output[$i] = "Check allow_url_fopen in php.ini.";
if (get_cfg_var("allow_url_fopen"))
{
	$check_result[$i] = "Please change the value of 'allow_url_fopen' to OFF the php.ini.<br>
							If this is not your own server ask the provider to change it.";
	$check_status[$i] = $result_error;
}
else
{
	$check_result[$i] = "allow_url_fopen is set to OFF";
	$check_status[$i] = $result_ok;
}

// open_basedir test
$i++;
$check_output[$i] = "Check register_globals in php.ini.";
if (get_cfg_var("register_globals"))
{
	$check_result[$i] = "Please change the value of 'register_globals' to OFF the php.ini.<br>
							If this is not your own server ask the provider to change it.";
	$check_status[$i] = $result_error;
}
else
{
	$check_result[$i] = "register_globals is set to OFF";
	$check_status[$i] = $result_ok;
}

// safe mode test
$i++;
$check_output[$i] = "Check safe mode in php.ini.";
if ((get_cfg_var("safe_mode") == "on") or (get_cfg_var("safe_mode") == 1))
{
	$check_result[$i] = "PHP runs in the safe mode configuration. In this case the <b>media</b> directory and all subdirectories have to be 
	     owned by the webserver, the webserver must own all subdirectories <b>media</b> directory.";
	$check_status[$i] = $result_error;
}
else
{
	$check_result[$i] = "Safe mode is off";
	$check_status[$i] = $result_ok;
}

// GDlib test
$i++;
$check_output[$i] = "Check if GDlib is installed.";
if (function_exists('imagecreatetruecolor'))
{
	$check_result[$i] = "GDlib2 is installed.";
	$check_status[$i] = $result_ok;
}
else
{
	$check_result[$i] = "GDlib2 version seems not installed, thumbnails in allbum will NOT work.";
	$check_status[$i] = $result_warning;
}

//file uploads
$i++;
$check_output[$i] = "Check if can use file uploads in php.ini.";
if (get_cfg_var("file_uploads") <> "1")
{
	$check_result[$i] = "Please change the value of 'file_uploads' in the php.ini to <b>'on'</b>";
	$check_status[$i] = $result_error;
}
else
{
	$check_result[$i] = "File upload is possible";
	$check_status[$i] = $result_ok;
}

// file test
$i++;
$check_output[$i] = "Check permissions of media directory:";
$fp = fopen("media/test_sas_projekt.txt", 'w');

if (!$fp or $fp == "FALSE")
{
	$check_result[$i] = "I couldn't write this file!<br>S@S needs read and write permissions for this directory!";
	$check_status[$i] = $result_error;
}
else
{
	$fw = fwrite($fp, "This file was created for testing reasons. You can delete it.");

	if (function_exists('posix_getpwuid')) //try to get the owner of the file, normally this is apache user (linux only)
	{
		$path = "media/test_sas_projekt.txt";
		$fileowneruid = fileowner($path);
		$fileownerarray = posix_getpwuid($fileowneruid);
		$file_owner = $fileownerarray['name'];

		$path = "media";
		$fileowneruid = fileowner($path);
		$fileownerarray = posix_getpwuid($fileowneruid);
		$file_media_owner = $fileownerarray['name'];
	}

	$check_result[$i] = "Test file successfully written!";
	$check_status[$i] = $result_ok;
	fclose($fp);
	$delete = unlink("media/test_sas_projekt.txt");
	if (!$delete)
	{
		$check_result[$i] .= ".. but it failed to erase this file!";
		$check_status[$i] = $result_error;
	}
}
if (function_exists('posix_getpwuid')) //linux only
{
	$i++;
	$check_output[$i] = "Check owner of media directory:";
	if ($file_media_owner != $file_owner)
	{
		$check_result[$i] .= "<b>media</b> directory is not owned by apache user (<b>$file_owner</b>),<br>owner is user <b>$file_media_owner</b>!
			Security can be improved see installation<br>chapter section 3.1 <b>Linux and security</b>.";
		$check_status[$i] = $result_warning;
	}
	else
	{
		$check_result[$i] = "<b>media</b> directory is owned by the apache user.";
		$check_status[$i] = $result_ok;
	}
}
$i++;
$check_output[$i] = "Check permissions of studentpages directory:";
$fp = fopen("studentpages/test_sas_projekt.txt", 'w');

if (!$fp or $fp == "FALSE")
{
	$check_result[$i] = "I couldn't write this file!<br>S@S needs read and write permissions for this directory!";
	$check_status[$i] = $result_error;
}
else
{
	$fw = fwrite($fp, "This file was created for testing reasons. You can delete it.");

	if (function_exists('posix_getpwuid')) //try to get the owner of the file, normally this is apache user (linux only)
	{
		$path = "studentpages/test_sas_projekt.txt";
		$fileowneruid = fileowner($path);
		$fileownerarray = posix_getpwuid($fileowneruid);
		$file_owner = $fileownerarray['name'];

		$path = "studentpages";
		$fileowneruid = fileowner($path);
		$fileownerarray = posix_getpwuid($fileowneruid);
		$file_media_owner = $fileownerarray['name'];
	}

	$check_result[$i] = "Test file successfully written!";
	$check_status[$i] = $result_ok;
	fclose($fp);
	$delete = unlink("studentpages/test_sas_projekt.txt");
	if (!$delete)
	{
		$check_result[$i] .= ".. but it failed to erase this file!";
		$check_status[$i] = $result_error;
	}
}

if (function_exists('posix_getpwuid')) //linux only
{
	$i++;
	$check_output[$i] = "Check owner of studentpages directory:";
	if ($file_media_owner != $file_owner)
	{
		$check_result[$i] .= "<b>studentpages</b> directory is not owned by apache user (<b>$file_owner</b>),<br>owner is user <b>$file_media_owner</b>!
			Security can be improved see installation<br>chapter section 3.1 <b>Linux and security</b>.";
		$check_status[$i] = $result_warning;
	}
	else
	{
		$check_result[$i] = "studentpages directory is owned by the apache user.";
		$check_status[$i] = $result_ok;
	}
}

if ($db_test == "ok") //site@school is installed check all tables
{
	$sas_tables[0] = $dbprefix . "configuration";
	$sas_tables[1] = $dbprefix . "users";
	$sas_tables[2] = $dbprefix . "editors";
	$sas_tables[3] = $dbprefix . "pages";
	$sas_tables[4] = $dbprefix . "sections";
	$sas_tables[5] = $dbprefix . "prot_pages";
	$sas_tables[6] = $dbprefix . "prot_sections";
	$sas_tables[7] = $dbprefix . "classes";
	$sas_tables[8] = $dbprefix . "modules";
	$sas_tables[9] = $dbprefix . "stats";
	$sas_tables[10] = $dbprefix . "alerts";
	$sas_tables[11] = $dbprefix . "m_studentpages";
	$sas_tables[12] = $dbprefix . "sessions";

	$sas_mod_tables[0] = $dbprefix . "m_gbook";
	$sas_mod_tables[1] = $dbprefix . "adtext";
	$sas_mod_tables[2] = $dbprefix . "m_mail_address";
	$sas_mod_tables[3] = $dbprefix . "m_agenda_events";
	$sas_mod_tables[4] = $dbprefix . "m_agenda_names";
	$sas_mod_tables[5] = $dbprefix . "m_allbum";
	$sas_mod_tables[6] = $dbprefix . "m_template";
	$sas_mod_tables[7] = $dbprefix . "m_downloads";
	$sas_mod_tables[8] = $dbprefix . "m_downloads_cat";
	$sas_mod_tables[9] = $dbprefix . "m_news_articles";
	$sas_mod_tables[10] = $dbprefix . "m_news_cat";
	$sas_mod_tables[11] = $dbprefix . "m_calendars";
	$sas_mod_tables[12] = $dbprefix . "m_calendar_events";
	$sas_mod_tables[13] = $dbprefix . "m_newsletters";
	$sas_mod_tables[14] = $dbprefix . "m_newsletter_cat";
	$sas_mod_tables[15] = $dbprefix . "m_newsletter_emails";
	$sas_mod_tables[16] = $dbprefix . "m_forumcat";
	$sas_mod_tables[17] = $dbprefix . "m_forumuser";
	$sas_mod_tables[18] = $dbprefix . "m_forumreplies";
	$sas_mod_tables[19] = $dbprefix . "m_forumtopics";
	$sas_mod_tables[20] = $dbprefix . "m_chat";
	$sas_mod_tables[21] = $dbprefix . "m_chat_log";
	$sas_mod_tables[22] = $dbprefix . "m_chat_users";
	$sas_mod_tables[23] = $dbprefix . "m_scripts";
	$sas_mod_tables[24] = $dbprefix . "m_template";
	$sas_mod_tables[25] = $dbprefix . "m_message";
	$sas_mod_tables[26] = $dbprefix . "m_links";
	$sas_mod_tables[27] = $dbprefix . "m_links_cat";

	$sas_mod_tables_name[0] = "sn_gbook";
	$sas_mod_tables_name[1] = "sn_ads";
	$sas_mod_tables_name[2] = "sn_mailpage";
	$sas_mod_tables_name[3] = "sn_agenda";
	$sas_mod_tables_name[4] = "sn_agenda";
	$sas_mod_tables_name[5] = "sn_allbum";
	$sas_mod_tables_name[6] = "sn_template";
	$sas_mod_tables_name[7] = "sn_downloads";
	$sas_mod_tables_name[8] = "sn_downloads";
	$sas_mod_tables_name[9] = "sn_news";
	$sas_mod_tables_name[10] = "sn_news";
	$sas_mod_tables_name[11] = "sn_calendar";
	$sas_mod_tables_name[12] = "sn_calendar";
	$sas_mod_tables_name[13] = "sn_newsletter";
	$sas_mod_tables_name[14] = "sn_newsletter";
	$sas_mod_tables_name[15] = "sn_newsletter";
	$sas_mod_tables_name[16] = "sn_forum";
	$sas_mod_tables_name[17] = "sn_forum";
	$sas_mod_tables_name[18] = "sn_forum";
	$sas_mod_tables_name[19] = "sn_forum";
	$sas_mod_tables_name[20] = "sn_chat";
	$sas_mod_tables_name[21] = "sn_chat";
	$sas_mod_tables_name[22] = "sn_chat";
	$sas_mod_tables_name[23] = "sn_tvmodule";
	$sas_mod_tables_name[24] = "sn_template";
	$sas_mod_tables_name[25] = "sn_message";
	$sas_mod_tables_name[26] = "sn_links";
	$sas_mod_tables_name[27] = "sn_links";

	$error = 0;
	$i++;
	$check_output[$i] = "Checking tables for site@school:";
	$count = count($sas_tables);
	for ($k = 0; $k < $count; $k++)
	{
		$check = mysql_query("SELECT * FROM $sas_tables[$k] LIMIT 0,1");

		if (!$check)
		{
			$i++;
			$error = 1;
			$check_output[$i] = "&nbsp;";
			$check_result[$i] = "Table NOT found! <b>" . $sas_tables[$k] . "</b>";
			$check_status[$i] = $result_error;
		}
	}

	$count = count($sas_mod_tables);
	for ($j = 0; $j < $count; $j++)
	{
		$check = mysql_query("SELECT * FROM $sas_mod_tables[$j] LIMIT 0,1");

		if (!$check)
		{
			$i++;
			$error = 1;
			$check_output[$i] = "&nbsp;";
			$check_result[$i] = "Table NOT found! <b>" . $sas_mod_tables[$j] . "</b> for module " . $sas_mod_tables_name[$j];
			$check_status[$i] = $result_error;
		}
	}

	if ($error == 0)
	{
		$check_result[$i] = "All tables found! ";
		$check_status[$i] = $result_ok;
	}

	if (is_writable("configuration/database.inc.php"))
	{
		$i++;
		$check_output[$i] = "Check configuration/database.inc.php";
		$check_result[$i] = "File is writable, please make it read only.";
		$check_status[$i] = $result_warning;
	}

}

if ($db_test == "ok") //site@school is installed do following steps
{
	//webserverpath
	$i++;
	$check_output[$i] = "Webserver path.";
	$query = "SELECT config_value FROM $table_configuration WHERE config_key='serverpath'";
	$result = mysql_query($query) or die_script(mysql_error());
	$serverpath = mysql_result($result, 0);
	unset ($query);
	unset ($result);
	$query = "SELECT config_value FROM $table_configuration WHERE config_key='user_path'";
	$result = mysql_query($query) or die_script(mysql_error());
	$userpath = mysql_result($result, 0);
	unset ($query);
	unset ($result);
	$check_result[$i] = "Serverpath is: <b>" . $serverpath . "</b><br>Site@School path is: <b>" . $userpath . "</b>";
	$check_status[$i] = "";

	//webserverpath exists?
	$i++;
	$check_output[$i] = "Webserver path exists.";
	if (substr($userpath, 0, 1) == "/")
	{
		$userpath = substr($userpath, 1); //strip first slash
	}
	$filename = $serverpath . $userpath;

	if (file_exists($filename))
	{
		$check_result[$i] = "The directory <b>$filename</b> exists";
		$check_status[$i] = $result_ok;
	}
	else
	{
		$check_result[$i] = "The directory <b>$filename</b> does not exist";
		$check_status[$i] = $result_error;
	}

	//language
	$i++;
	$check_output[$i] = "Language.";
	$query = "SELECT config_value FROM $table_configuration WHERE config_key='language'";
	$result = mysql_query($query) or die_script(mysql_error());
	$language = mysql_result($result, 0);
	unset ($query);
	unset ($result);
	$check_result[$i] = "Selected language is: <b>" . $language . "</b>";
	$check_status[$i] = "";

	//url
	$i++;
	$check_output[$i] = "Site URL.";
	$query = "SELECT config_value FROM $table_configuration WHERE config_key='url'";
	$result = mysql_query($query) or die_script(mysql_error());
	$site_url = mysql_result($result, 0);
	unset ($query);
	unset ($result);
	$check_result[$i] = "Site URL is: <b>" . $site_url . "</b>";
	$check_status[$i] = "";

	//blank line
	$i++;
	$check_output[$i] = "&nbsp;";
	$check_result[$i] = "";
	$check_status[$i] = "";
	//installed modules
	$i++;
	$check_output[$i] = "Installed modules.";
	$check_result[$i] = "";
	$check_status[$i] = "";
	$i++;
	$query = "SELECT id, name, location, admin FROM $table_modules"; //get all installed modules               
	$result = mysql_query($query) or die_script(mysql_error());

	while ($module_list = mysql_fetch_array($result))
	{
		$check_output[$i] = "";
		$check_result[$i] = "<b>" . $module_list[1] . "</b> location: <b>" . $module_list[2] . "</b>";
		$check_status[$i] = "";
		$i++;
	}

	//installed php extentions
	$check_output[$i] = "Installed php extentions.";
	$check_result[$i] = "";
	$check_status[$i] = "";
	$i++;
	$arr = get_loaded_extensions();

	foreach ($arr as $key => $ext)
	{
		$check_output[$i] = "";
		$check_result[$i] = "<b>" . $ext . "</b>";
		$check_status[$i] = "";
		$i++;
	}
}
//produce output
print "<table border=\"1\" style=\"border-collapse: collapse\" bordercolor=\"#000000\" width=\"750\">";
print "<tr bgcolor=\"#E0E0E0\"><td colspan=\"3\" align=\"center\"><b>Script for checking Site@School installation:</b></td></tr>
       <tr><td colspan=\"3\">&nbsp;</td>
       <tr><td>Description:</td><td colspan=\"3\">Result:</td></tr></tr>";
$count = count($check_output);

$bgcolor = "#E0E0E0";
$j = 0;
for ($i = 0; $i < $count; $i++)
{
	print "<tr bgcolor=\"$bgcolor\"><td>" . $check_output[$i] . "</td>";
	print "<td>" . $check_result[$i] . "</td>
	       <td width=\"70\">" . $check_status[$i] . "</td></tr>";
	if ($j == 0)
	{
		$bgcolor = "#FFFFFF";
		$j = 1;
	}
	else
	{
		$bgcolor = "#E0E0E0";
		$j = 0;
	}
}
print "</table>";
Print "You can send this output to an email address (your own).<p>";
print "<form method=\"post\" action=\"sas_check.php?sendmail=yes\">Email address: 
       <input name=\"email\" length=\"50\" type=\"text\">
       <input type=\"submit\" value=\"send\"></form>";

if ($sendmail == "yes")
{
	$message = "<table border=\"1\" style=\"border-collapse: collapse\" bordercolor=\"#000000\" width=\"750\">";
	$message .= "<tr bgcolor=\"#E0E0E0\"><td colspan=\"3\" align=\"center\"><b>Script for checking Site@School installation:</b></td></tr>
	            <tr><td colspan=\"3\">&nbsp;</td>
	            <tr><td>Description:</td><td colspan=\"3\">Result:</td></tr></tr>";
	$count = count($check_output);

	$bgcolor = "#E0E0E0";
	$j = 0;
	for ($i = 0; $i < $count; $i++)
	{
		$message .= "<tr bgcolor=\"$bgcolor\"><td>" . $check_output[$i] . "</td>";
		$message .= "<td>" . $check_result[$i] . "</td><td width=\"70\">" . $check_status[$i] . "</td></tr>";
		if ($j == 0)
		{
			$bgcolor = "#FFFFFF";
			$j = 1;
		}
		else
		{
			$bgcolor = "#E0E0E0";
			$j = 0;
		}
	}
	$message .= "</table>";
	$message = wordwrap($message);

	$query = "SELECT config_value FROM $table_configuration WHERE config_key='email'";
	$result = mysql_query($query) or die_script(mysql_error());
	$RecordCount = mysql_num_rows($result);
	if ($RecordCount > 0)
	{
		$site_email = mysql_result($result, 0);
	}

	require ("core/class.phpmailer.php"); //use the phpmailer class
	$mail = new PHPMailer();
	$mail->From = $site_email; //site email address
	$mail->FromName = "SAS_check script";
	$mail->Subject = "SAS_check output";
	$mail->Body = $message;
	$mail->AddAddress($email);
	$mail->IsHTML(true);
	$mail->Send();
	//mail("$email", "SAS_check", "$message");     
	print "Email has been sent!";
}
?>