From 286b90966fc1065c65780b402ed1370f723e0d21 Mon Sep 17 00:00:00 2001 From: Ruslan-Aleev Date: Tue, 18 Oct 2022 14:25:48 +0400 Subject: [PATCH 1/2] Add session garbage collector check --- setup/includes/test/modinstalltest.class.php | 25 ++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/setup/includes/test/modinstalltest.class.php b/setup/includes/test/modinstalltest.class.php index d62c9b16b35..b6213577f0f 100644 --- a/setup/includes/test/modinstalltest.class.php +++ b/setup/includes/test/modinstalltest.class.php @@ -52,6 +52,7 @@ public function run($mode = modInstall::MODE_NEW) $this->_checkConfig(); $this->_checkDatabase(); $this->_checkSuhosin(); + $this->_checkSessionsGarbageCollector(); $this->_checkNoCompress(); $this->_checkDocumentRoot(); @@ -555,6 +556,30 @@ public function _checkSuhosin() $this->install->settings->store(); } + /** + * Check sessions garbage collector + */ + protected function _checkSessionsGarbageCollector() + { + $success = false; + $gc_probability = (int)@ini_get('session.gc_probability'); + $gc_divisor = (int)@ini_get('session.gc_divisor'); + + if (!$gc_probability) { + $success = @ini_set('session.gc_probability', 1); + $success = $success !== false ? true : false; + } else { + $success = true; + } + + $this->title('session_gc', $this->install->lexicon('test_session_gc')); + if ($success) { + $this->warn('session_gc', '', $this->install->lexicon('test_session_gc_success', ['gc_probability' => $gc_probability, 'gc_divisor' => $gc_divisor])); + } else { + $this->warn('session_gc', '', $this->install->lexicon('test_session_gc_fail', ['gc_probability' => $gc_probability, 'gc_divisor' => $gc_divisor])); + } + } + /** * Check if the user requested css/js compression to be off, regardless of Suhosin check result. * Force css/js compression to be off if the option was checked during install (adv options). From c04ac8d4c47b46518284a7be5b19252913cc223e Mon Sep 17 00:00:00 2001 From: Ruslan-Aleev Date: Tue, 18 Oct 2022 14:26:13 +0400 Subject: [PATCH 2/2] Add lexicons to check session garbage collector --- setup/lang/en/default.inc.php | 4 +++- setup/lang/en/test.inc.php | 4 +++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/setup/lang/en/default.inc.php b/setup/lang/en/default.inc.php index c243146702d..39b5c6a1eea 100644 --- a/setup/lang/en/default.inc.php +++ b/setup/lang/en/default.inc.php @@ -264,7 +264,9 @@ $_lang['test_php_version_fail'] = 'You are running on PHP [[+version]], and MODX Revolution requires PHP 4.3.0 or later'; $_lang['test_php_version_sn'] = 'While MODX will work on your PHP version ([[+version]]), usage of MODX on this version is not recommended. Your version of PHP is vulnerable to numerous security holes. Please upgrade to PHP version is 4.3.11 or higher, which patches these holes. It is recommended you upgrade to this version for the security of your own website.'; $_lang['test_php_version_start'] = 'Checking PHP version:'; -$_lang['test_sessions_start'] = 'Checking if sessions are properly configured:'; +$_lang['test_session_gc'] = 'Checking if sessions garbage collector are properly configured: '; +$_lang['test_session_gc_fail'] = 'The sessions garbage collector does not start! The current configuration "session.gc_probability" is set to [[+gc_probability]] and "session.gc_divisor" is set to [[+gc_divisor]].
By default, MODX stores sessions in the database, so misconfiguration of these options can cause the session table to grow in size.'; +$_lang['test_session_gc_success'] = 'OK! The current configuration "session.gc_probability" is set to [[+gc_probability]] and "session.gc_divisor" is set to [[+gc_divisor]].
By default, MODX stores sessions in the database, so misconfiguration of these options can cause the session table to grow in size.'; $_lang['test_table_prefix'] = 'Checking table prefix `[[+prefix]]`: '; $_lang['test_table_prefix_inuse'] = 'Table prefix is already in use in this database!'; $_lang['test_table_prefix_inuse_desc'] = 'Setup couldn\'t install into the selected database, as it already contains tables with the prefix you specified. Please choose a new table_prefix, and run Setup again.'; diff --git a/setup/lang/en/test.inc.php b/setup/lang/en/test.inc.php index af80c4bf304..8a2c578fd05 100644 --- a/setup/lang/en/test.inc.php +++ b/setup/lang/en/test.inc.php @@ -35,7 +35,9 @@ $_lang['test_php_version_fail'] = 'You are running on PHP [[+version]], and MODX Revolution requires PHP [[+required]] or later. Please upgrade PHP to at least [[+required]]. MODX recommends upgrading to the current stable branch [[+recommended]] for security reasons and future support.'; $_lang['test_php_version_start'] = 'Checking PHP version:'; $_lang['test_php_version_success'] = 'OK! Running: [[+version]]'; -$_lang['test_sessions_start'] = 'Checking if sessions are properly configured:'; +$_lang['test_session_gc'] = 'Checking if sessions garbage collector are properly configured: '; +$_lang['test_session_gc_fail'] = 'The sessions garbage collector does not start! The current configuration "session.gc_probability" is set to [[+gc_probability]] and "session.gc_divisor" is set to [[+gc_divisor]].
By default, MODX stores sessions in the database, so misconfiguration of these options can cause the session table to grow in size.'; +$_lang['test_session_gc_success'] = 'OK! The current configuration "session.gc_probability" is set to [[+gc_probability]] and "session.gc_divisor" is set to [[+gc_divisor]].
By default, MODX stores sessions in the database, so misconfiguration of these options can cause the session table to grow in size.'; $_lang['test_simplexml'] = 'Checking for SimpleXML:'; $_lang['test_simplexml_nf'] = 'Could not find SimpleXML!'; $_lang['test_simplexml_nf_msg'] = 'MODX could not find SimpleXML on your PHP environment. Package Management and other functionality will not work without this installed. You may continue with installation, but MODX recommends enabling SimpleXML for advanced features and functionality.';