refactor unserialize_array(); add Application version tests to SecurityInfo

3 files changed, 180 insertions, 0 deletions

diff --git a/plugins/SecurityInfo/PhpSecInfo/Test/Application/php.php b/plugins/SecurityInfo/PhpSecInfo/Test/Application/php.php
new file mode 100644
index 0000000000..7b80fd432a
--- /dev/null
+++ b/plugins/SecurityInfo/PhpSecInfo/Test/Application/php.php
@@ -0,0 +1,68 @@
+<?php
+/**
+ * Test class for PHP Application
+ *
+ * @package PhpSecInfo
+ * @author Piwik
+ */
+
+/**
+ * require the PhpSecInfo_Test_Application class
+ */
+require_once(PHPSECINFO_BASE_DIR.'/Test/Test_Application.php');
+
+/**
+ * Test class for PHP application
+ *
+ * Checks PHP version
+ *
+ * @package PhpSecInfo
+ * @author Piwik
+ */
+class PhpSecInfo_Test_Application_Php extends PhpSecInfo_Test_Application
+{
+	var $test_name = "PHP";
+
+	var $recommended_value = null;
+
+	function _retrieveCurrentValue() {
+		$this->current_value = PHP_VERSION;;
+
+		$url = 'http://php.net/releases/?serialize=1&version=5';
+		$timeout = Piwik_UpdateCheck::SOCKET_TIMEOUT;
+		try {
+			$latestVersion = Piwik::sendHttpRequest($url, $timeout);
+			$versionInfo = Piwik_Common::unserialize_array($latestVersion);
+			$this->recommended_value = $versionInfo['version'];
+		} catch(Exception $e) {
+			$this->recommended_value = '';
+		}
+	}
+
+	function _execTest() {
+var_dump($this->current_value);
+var_dump($this->recommended_value);
+		if (version_compare($this->current_value, '5.2.1') < 0) {
+			return PHPSECINFO_TEST_RESULT_WARN;
+		}
+
+		if (empty($this->recommended_value)) {
+			return PHPSECINFO_TEST_RESULT_ERROR;
+		}
+
+		if ( $this->current_value === $this->recommended_value ) {
+			return PHPSECINFO_TEST_RESULT_OK;
+		}
+
+		return PHPSECINFO_TEST_RESULT_NOTICE;
+	}
+
+	function _setMessages() {
+		parent::_setMessages();
+
+		$this->setMessageForResult(PHPSECINFO_TEST_RESULT_OK, 'en', "You are running PHP ".$this->recommended_value." (the latest version).");
+		$this->setMessageForResult(PHPSECINFO_TEST_RESULT_NOTICE, 'en', "You are running PHP ".$this->current_value.".  The latest version of PHP is ".$this->recommended_value.".");
+		$this->setMessageForResult(PHPSECINFO_TEST_RESULT_WARN, 'en', "You are running PHP ".$this->current_value." which is really old. We recommend running the latest (stable) version of PHP which includes numerous bug fixes and security fixes.");
+		$this->setMessageForResult(PHPSECINFO_TEST_RESULT_ERROR, 'en', "Unable to determine the latest version of PHP available.");
+	}
+}
diff --git a/plugins/SecurityInfo/PhpSecInfo/Test/Application/piwik.php b/plugins/SecurityInfo/PhpSecInfo/Test/Application/piwik.php
new file mode 100644
index 0000000000..eca0590756
--- /dev/null
+++ b/plugins/SecurityInfo/PhpSecInfo/Test/Application/piwik.php
@@ -0,0 +1,58 @@
+<?php
+/**
+ * Test class for Piwik Application
+ *
+ * @package PhpSecInfo
+ * @author Piwik
+ */
+
+/**
+ * require the PhpSecInfo_Test_Application class
+ */
+require_once(PHPSECINFO_BASE_DIR.'/Test/Test_Application.php');
+
+/**
+ * Test class for Piwik application
+ *
+ * Checks Piwik version
+ *
+ * @package PhpSecInfo
+ * @author Piwik
+ */
+class PhpSecInfo_Test_Application_Piwik extends PhpSecInfo_Test_Application
+{
+	var $test_name = "Piwik";
+
+	var $recommended_value = null;
+
+	function _retrieveCurrentValue() {
+		$this->current_value = Piwik_Version::VERSION;
+
+		$this->recommended_value = Piwik_GetOption(Piwik_UpdateCheck::LATEST_VERSION);
+	}
+
+	function _execTest() {
+		if (version_compare($this->current_value, '0.5') < 0) {
+			return PHPSECINFO_TEST_RESULT_WARN;
+		}
+
+		if (empty($this->recommended_value)) {
+			return PHPSECINFO_TEST_RESULT_ERROR;
+		}
+
+		if ( $this->current_value === $this->recommended_value ) {
+			return PHPSECINFO_TEST_RESULT_OK;
+		}
+
+		return PHPSECINFO_TEST_RESULT_NOTICE;
+	}
+
+	function _setMessages() {
+		parent::_setMessages();
+
+		$this->setMessageForResult(PHPSECINFO_TEST_RESULT_OK, 'en', "You are running Piwik ".$this->recommended_value." (the latest version).");
+		$this->setMessageForResult(PHPSECINFO_TEST_RESULT_NOTICE, 'en', "You are running Piwik ".$this->current_value.".  The latest version of Piwik is ".$this->recommended_value.".");
+		$this->setMessageForResult(PHPSECINFO_TEST_RESULT_WARN, 'en', "You are running Piwik ".$this->current_value." which is no longer supported by the Piwik developers. We recommend running the latest (stable) version of Piwik which includes numerous enhancements, bug fixes, and security fixes.");
+		$this->setMessageForResult(PHPSECINFO_TEST_RESULT_ERROR, 'en', "Unable to determine the latest version of Piwik available.");
+	}
+}
diff --git a/plugins/SecurityInfo/PhpSecInfo/Test/Test_Application.php b/plugins/SecurityInfo/PhpSecInfo/Test/Test_Application.php
new file mode 100644
index 0000000000..f293c84746
--- /dev/null
+++ b/plugins/SecurityInfo/PhpSecInfo/Test/Test_Application.php
@@ -0,0 +1,54 @@
+<?php
+/**
+ * Skeleton Test class file for Application group
+ * 
+ * @package PhpSecInfo
+ * @author Anthon Pang
+ */
+
+/**
+ * require the main PhpSecInfo class
+ */
+require_once(PHPSECINFO_BASE_DIR.'/Test/Test.php');
+
+
+
+/**
+ * This is a skeleton class for PhpSecInfo "Application" tests
+ * @package PhpSecInfo
+ */
+class PhpSecInfo_Test_Application extends PhpSecInfo_Test
+{
+	
+	/**
+	 * This value is used to group test results together.
+	 * 
+	 * For example, all tests related to the mysql lib should be grouped under "mysql."
+	 *
+	 * @var string
+	 */
+	var $test_group = 'Application';
+	
+	
+	/**
+	 * "Application" tests should pretty much be always testable, so the default is just to return true
+	 * 
+	 * @return boolean
+	 */
+	function isTestable() {
+		return Piwik::getTransportMethod() !== null;
+	}
+
+	function getMoreInfoURL() {
+		$urls = array(
+			'Piwik' => 'http://piwik.org/changelog',
+			'PHP' => 'http://php.net/',
+		);
+
+		if ($tn = $this->getTestName()) {
+			return $urls[$tn];
+		} else {
+			return false;
+		}
+	}
+}