From 982b96bdb0238a02cda3a64afb3d36a209aec845 Mon Sep 17 00:00:00 2001 From: Ruslan-Aleev Date: Sun, 18 Jun 2023 15:43:41 +0400 Subject: [PATCH 1/2] Add session garbage collector check --- setup/includes/test/modinstalltest.class.php | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/setup/includes/test/modinstalltest.class.php b/setup/includes/test/modinstalltest.class.php index 79b038c197f..7c7565186fa 100644 --- a/setup/includes/test/modinstalltest.class.php +++ b/setup/includes/test/modinstalltest.class.php @@ -52,6 +52,7 @@ public function run($mode = modInstall::MODE_NEW) $this->_checkConfig(); $this->_checkDatabase(); $this->_checkSuhosin(); + $this->_checkSessionsGarbageCollector(); $this->_checkNoCompress(); $this->_checkDocumentRoot(); @@ -555,6 +556,23 @@ public function _checkSuhosin() $this->install->settings->store(); } + /** + * Check sessions garbage collector + */ + protected function _checkSessionsGarbageCollector() + { + $status = 'success'; + $gc_probability = (int)@ini_get('session.gc_probability'); + $gc_divisor = (int)@ini_get('session.gc_divisor'); + + if (!$gc_probability) { + $status = @ini_set('session.gc_probability', 1) !== false ? 'success' : 'fail'; + } + + $this->title('session_gc', $this->install->lexicon('test_session_gc')); + $this->warn('session_gc', '', $this->install->lexicon("test_session_gc_$status", ['gc_probability' => $gc_probability, 'gc_divisor' => $gc_divisor])); + } + /** * Check if the user requested css/js compression to be off, regardless of Suhosin check result. * Force css/js compression to be off if the option was checked during install (adv options). From b3b1df324700fd2d94c374d9301a6b8499d89f94 Mon Sep 17 00:00:00 2001 From: Ruslan-Aleev Date: Sun, 18 Jun 2023 15:45:25 +0400 Subject: [PATCH 2/2] Add lexicons to check session garbage collector --- setup/lang/en/default.inc.php | 4 +++- setup/lang/en/test.inc.php | 6 ++++-- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/setup/lang/en/default.inc.php b/setup/lang/en/default.inc.php index c243146702d..39b5c6a1eea 100644 --- a/setup/lang/en/default.inc.php +++ b/setup/lang/en/default.inc.php @@ -264,7 +264,9 @@ $_lang['test_php_version_fail'] = 'You are running on PHP [[+version]], and MODX Revolution requires PHP 4.3.0 or later'; $_lang['test_php_version_sn'] = 'While MODX will work on your PHP version ([[+version]]), usage of MODX on this version is not recommended. Your version of PHP is vulnerable to numerous security holes. Please upgrade to PHP version is 4.3.11 or higher, which patches these holes. It is recommended you upgrade to this version for the security of your own website.'; $_lang['test_php_version_start'] = 'Checking PHP version:'; -$_lang['test_sessions_start'] = 'Checking if sessions are properly configured:'; +$_lang['test_session_gc'] = 'Checking if sessions garbage collector are properly configured: '; +$_lang['test_session_gc_fail'] = 'The sessions garbage collector does not start! The current configuration "session.gc_probability" is set to [[+gc_probability]] and "session.gc_divisor" is set to [[+gc_divisor]].
By default, MODX stores sessions in the database, so misconfiguration of these options can cause the session table to grow in size.'; +$_lang['test_session_gc_success'] = 'OK! The current configuration "session.gc_probability" is set to [[+gc_probability]] and "session.gc_divisor" is set to [[+gc_divisor]].
By default, MODX stores sessions in the database, so misconfiguration of these options can cause the session table to grow in size.'; $_lang['test_table_prefix'] = 'Checking table prefix `[[+prefix]]`: '; $_lang['test_table_prefix_inuse'] = 'Table prefix is already in use in this database!'; $_lang['test_table_prefix_inuse_desc'] = 'Setup couldn\'t install into the selected database, as it already contains tables with the prefix you specified. Please choose a new table_prefix, and run Setup again.'; diff --git a/setup/lang/en/test.inc.php b/setup/lang/en/test.inc.php index af80c4bf304..82fce821893 100644 --- a/setup/lang/en/test.inc.php +++ b/setup/lang/en/test.inc.php @@ -35,7 +35,9 @@ $_lang['test_php_version_fail'] = 'You are running on PHP [[+version]], and MODX Revolution requires PHP [[+required]] or later. Please upgrade PHP to at least [[+required]]. MODX recommends upgrading to the current stable branch [[+recommended]] for security reasons and future support.'; $_lang['test_php_version_start'] = 'Checking PHP version:'; $_lang['test_php_version_success'] = 'OK! Running: [[+version]]'; -$_lang['test_sessions_start'] = 'Checking if sessions are properly configured:'; +$_lang['test_session_gc'] = 'Checking if sessions garbage collector are properly configured: '; +$_lang['test_session_gc_fail'] = 'The sessions garbage collector does not start! The current configuration "session.gc_probability" is set to [[+gc_probability]] and "session.gc_divisor" is set to [[+gc_divisor]].
By default, MODX stores sessions in the database, so misconfiguration of these options can cause the session table to grow in size.'; +$_lang['test_session_gc_success'] = 'OK! The current configuration "session.gc_probability" is set to [[+gc_probability]] and "session.gc_divisor" is set to [[+gc_divisor]].
By default, MODX stores sessions in the database, so misconfiguration of these options can cause the session table to grow in size.'; $_lang['test_simplexml'] = 'Checking for SimpleXML:'; $_lang['test_simplexml_nf'] = 'Could not find SimpleXML!'; $_lang['test_simplexml_nf_msg'] = 'MODX could not find SimpleXML on your PHP environment. Package Management and other functionality will not work without this installed. You may continue with installation, but MODX recommends enabling SimpleXML for advanced features and functionality.'; @@ -48,4 +50,4 @@ $_lang['test_table_prefix_nf'] = 'Table prefix does not exist in this database!'; $_lang['test_table_prefix_nf_desc'] = 'Setup couldn\'t install into the selected database, as it does not contain existing tables with the prefix you specified to be upgraded. Please choose an existing table_prefix, and run Setup again.'; $_lang['test_zip_memory_limit'] = 'Checking if memory limit is set to at least 24M for zip extensions: '; -$_lang['test_zip_memory_limit_fail'] = 'MODX found your memory_limit setting to be below the recommended setting of 24M. MODX attempted to set the memory_limit to 24M, but was unsuccessful. Please set the memory_limit setting in your php.ini file to 24M or higher before proceeding, so that the zip extensions can work properly.'; \ No newline at end of file +$_lang['test_zip_memory_limit_fail'] = 'MODX found your memory_limit setting to be below the recommended setting of 24M. MODX attempted to set the memory_limit to 24M, but was unsuccessful. Please set the memory_limit setting in your php.ini file to 24M or higher before proceeding, so that the zip extensions can work properly.';