logger = $logger; $this->matomoURL = SettingsPiwik::getPiwikUrl(); $this->criticalIssue = false; $this->label = "🧪 " . Piwik::translate("DiagnosticsExtended_URLCheckLabel"); } public function execute() { if (!SettingsPiwik::isInternetEnabled()) { return [DiagnosticResult::singleResult( $this->label, DiagnosticResult::STATUS_INFORMATIONAL, Piwik::translate("DiagnosticsExtended_URLCheckSkipped") )] } //TODO: don't check if running in development mode $result = new DiagnosticResult($this->label); $result->addItem($this->checkConfigIni()); $result->addItem($this->checkRequestNotAllowed( ".git/info/exclude", "Lines that start" )); $result->addItem($this->checkRequestNotAllowed( "tmp/cache/token.php", "?php exit" )); $result->addItem($this->checkRequestNotAllowed( "cache/tracker/matomocache_general.php", "unserialize" )); $result->addItem($this->checkRequestNotAllowed( "lang/en.json", "12HourClock", false )); if ($this->criticalIssue) { $result->setLongErrorMessage(Piwik::translate("DiagnosticsExtended_URLCheckLongErrorMessage", ["", ""]) ); } return array($result); } /** * @return DiagnosticResultItem */ protected function checkConfigIni() { $relativeUrl = "config/config.ini.php"; list($status, $headers, $data) = $this->makeHTTPReququest($relativeUrl); if ($this->contains($data, "salt")) { return $this->isPublicError($relativeUrl, true); } if ($this->contains($data, ";")) { return new DiagnosticResultItem( DiagnosticResult::STATUS_WARNING, Piwik::translate("DiagnosticsExtended_URLCheckConfigIni", ["$relativeUrl"]) ); } else { return new DiagnosticResultItem( DiagnosticResult::STATUS_OK, Piwik::translate("DiagnosticsExtended_URLCheckOk", ["$relativeUrl"]) ); } } protected function checkRequestNotAllowed($relativeUrl, $content, $critical = true): DiagnosticResultItem { list($status, $headers, $data) = $this->makeHTTPReququest($relativeUrl); if (strpos($data, $content) !== false) { return $this->isPublicError($relativeUrl, $critical); } return new DiagnosticResultItem(DiagnosticResult::STATUS_OK, Piwik::translate("DiagnosticsExtended_URLCheckOk", ["$relativeUrl"])); } protected function isPublicError($relativeUrl, $critical): DiagnosticResultItem { if ($critical) { $this->criticalIssue = true; } return new DiagnosticResultItem( $critical ? DiagnosticResult::STATUS_ERROR : DiagnosticResult::STATUS_WARNING, Piwik::translate("DiagnosticsExtended_URLCheckError", ["$relativeUrl"]) ); } protected function makeHTTPReququest($relativeUrl) { $response = Http::sendHttpRequest($this->matomoURL . $relativeUrl, self::SOCKET_TIMEOUT, $userAgent = null, $destinationPath = null, $followDepth = 0, $acceptLanguage = false, $byteRange = false, $getExtendedInfo = true); $status = $response["status"]; $headers = $response["headers"]; $data = $response["data"]; return [$status, $headers, $data]; } protected function contains(string $haystack, string $needle): bool { return strpos($haystack, $needle) !== false; } }