Same name and namespace in other branches
- 5.x modules/system/system.install \system_requirements()
- 7.x modules/system/system.install \system_requirements()
- 8.9.x core/modules/system/system.install \system_requirements()
- 9 core/modules/system/system.install \system_requirements()
Implementation of hook_requirements().
File
- modules/
system/ system.install, line 6
Code
function system_requirements($phase) {
$requirements = array();
// Ensure translations don't break at install time
$t = get_t();
// Report Drupal version
if ($phase == 'runtime') {
$requirements['drupal'] = array(
'title' => $t('Drupal'),
'value' => VERSION,
'severity' => REQUIREMENT_INFO,
'weight' => -10,
);
}
// Web server information.
$software = $_SERVER['SERVER_SOFTWARE'];
$requirements['webserver'] = array(
'title' => $t('Web server'),
'value' => $software,
);
// Test PHP version
$requirements['php'] = array(
'title' => $t('PHP'),
'value' => $phase == 'runtime' ? l(phpversion(), 'admin/reports/status/php') : phpversion(),
);
if (version_compare(phpversion(), DRUPAL_MINIMUM_PHP) < 0) {
$requirements['php']['description'] = $t('Your PHP installation is too old. Drupal requires at least PHP %version.', array(
'%version' => DRUPAL_MINIMUM_PHP,
));
$requirements['php']['severity'] = REQUIREMENT_ERROR;
}
// Test PHP register_globals setting.
$requirements['php_register_globals'] = array(
'title' => $t('PHP register globals'),
);
$register_globals = trim(ini_get('register_globals'));
// Unfortunately, ini_get() may return many different values, and we can't
// be certain which values mean 'on', so we instead check for 'not off'
// since we never want to tell the user that their site is secure
// (register_globals off), when it is in fact on. We can only guarantee
// register_globals is off if the value returned is 'off', '', or 0.
if (!empty($register_globals) && strtolower($register_globals) != 'off') {
$requirements['php_register_globals']['description'] = $t('<em>register_globals</em> is enabled. Drupal requires this configuration directive to be disabled. Your site may not be secure when <em>register_globals</em> is enabled. The PHP manual has instructions for <a href="http://php.net/configuration.changes">how to change configuration settings</a>.');
$requirements['php_register_globals']['severity'] = REQUIREMENT_ERROR;
$requirements['php_register_globals']['value'] = $t("Enabled ('@value')", array(
'@value' => $register_globals,
));
}
else {
$requirements['php_register_globals']['value'] = $t('Disabled');
}
// Test PHP memory_limit
$memory_limit = ini_get('memory_limit');
$requirements['php_memory_limit'] = array(
'title' => $t('PHP memory limit'),
'value' => $memory_limit == -1 ? t('-1 (Unlimited)') : $memory_limit,
);
if ($memory_limit && $memory_limit != -1 && parse_size($memory_limit) < parse_size(DRUPAL_MINIMUM_PHP_MEMORY_LIMIT)) {
$description = '';
if ($phase == 'install') {
$description = $t('Consider increasing your PHP memory limit to %memory_minimum_limit to help prevent errors in the installation process.', array(
'%memory_minimum_limit' => DRUPAL_MINIMUM_PHP_MEMORY_LIMIT,
));
}
elseif ($phase == 'update') {
$description = $t('Consider increasing your PHP memory limit to %memory_minimum_limit to help prevent errors in the update process.', array(
'%memory_minimum_limit' => DRUPAL_MINIMUM_PHP_MEMORY_LIMIT,
));
}
elseif ($phase == 'runtime') {
$description = $t('Depending on your configuration, Drupal can run with a %memory_limit PHP memory limit. However, a %memory_minimum_limit PHP memory limit or above is recommended, especially if your site uses additional custom or contributed modules.', array(
'%memory_limit' => $memory_limit,
'%memory_minimum_limit' => DRUPAL_MINIMUM_PHP_MEMORY_LIMIT,
));
}
if (!empty($description)) {
if ($php_ini_path = get_cfg_var('cfg_file_path')) {
$description .= ' ' . $t('Increase the memory limit by editing the memory_limit parameter in the file %configuration-file and then restart your web server (or contact your system administrator or hosting provider for assistance).', array(
'%configuration-file' => $php_ini_path,
));
}
else {
$description .= ' ' . $t('Contact your system administrator or hosting provider for assistance with increasing your PHP memory limit.');
}
$requirements['php_memory_limit']['description'] = $description . ' ' . $t('See the <a href="@url">Drupal requirements</a> for more information.', array(
'@url' => 'http://drupal.org/requirements',
));
$requirements['php_memory_limit']['severity'] = REQUIREMENT_WARNING;
}
}
// Test DB version
global $db_type;
if (function_exists('db_status_report')) {
$requirements += db_status_report($phase);
}
// Test settings.php file writability
if ($phase == 'runtime') {
$conf_dir = drupal_verify_install_file(conf_path(), FILE_NOT_WRITABLE, 'dir');
$conf_file = drupal_verify_install_file(conf_path() . '/settings.php', FILE_EXIST | FILE_READABLE | FILE_NOT_WRITABLE);
if (!$conf_dir || !$conf_file) {
$requirements['settings.php'] = array(
'value' => $t('Not protected'),
'severity' => REQUIREMENT_ERROR,
'description' => '',
);
if (!$conf_dir) {
$requirements['settings.php']['description'] .= $t('The directory %file is not protected from modifications and poses a security risk. You must change the directory\'s permissions to be non-writable. ', array(
'%file' => conf_path(),
));
}
if (!$conf_file) {
$requirements['settings.php']['description'] .= $t('The file %file is not protected from modifications and poses a security risk. You must change the file\'s permissions to be non-writable.', array(
'%file' => conf_path() . '/settings.php',
));
}
}
else {
$requirements['settings.php'] = array(
'value' => $t('Protected'),
);
}
$requirements['settings.php']['title'] = $t('Configuration file');
}
// Test the contents of the .htaccess files.
if ($phase == 'runtime') {
// Try to write the .htaccess files first, to prevent false alarms in case
// (for example) the /tmp directory was wiped.
file_create_htaccess(file_directory_path());
file_create_htaccess(file_directory_temp());
$htaccess_files['files_htaccess'] = array(
'title' => $t('Files directory'),
'directory' => file_directory_path(),
);
$htaccess_files['temporary_files_htaccess'] = array(
'title' => $t('Temporary files directory'),
'directory' => file_directory_temp(),
);
foreach ($htaccess_files as $key => $file_info) {
// Check for the string which was added to the recommended .htaccess file
// in the latest security update.
$htaccess_file = $file_info['directory'] . '/.htaccess';
if (!file_exists($htaccess_file) || !($contents = @file_get_contents($htaccess_file)) || strpos($contents, 'Drupal_Security_Do_Not_Remove_See_SA_2013_003') === FALSE) {
$requirements[$key] = array(
'title' => $file_info['title'],
'value' => $t('Not fully protected'),
'severity' => REQUIREMENT_ERROR,
'description' => $t('See <a href="@url">@url</a> for information about the recommended .htaccess file which should be added to the %directory directory to help protect against arbitrary code execution.', array(
'@url' => 'http://drupal.org/SA-CORE-2013-003',
'%directory' => $file_info['directory'],
)),
);
}
}
}
// Report cron status.
if ($phase == 'runtime') {
// Cron warning threshold defaults to two days.
$threshold_warning = variable_get('cron_threshold_warning', 172800);
// Cron error threshold defaults to two weeks.
$threshold_error = variable_get('cron_threshold_error', 1209600);
// Cron configuration help text.
$help = $t('For more information, see the online handbook entry for <a href="@cron-handbook">configuring cron jobs</a>.', array(
'@cron-handbook' => 'http://drupal.org/cron',
));
// Determine when cron last ran. If never, use the install time to
// determine the warning or error status.
$cron_last = variable_get('cron_last', NULL);
$never_run = FALSE;
if (!is_numeric($cron_last)) {
$never_run = TRUE;
$cron_last = variable_get('install_time', 0);
}
// Determine severity based on time since cron last ran.
$severity = REQUIREMENT_OK;
if (time() - $cron_last > $threshold_error) {
$severity = REQUIREMENT_ERROR;
}
else {
if ($never_run || time() - $cron_last > $threshold_warning) {
$severity = REQUIREMENT_WARNING;
}
}
// If cron hasn't been run, and the user is viewing the main
// administration page, instead of an error, we display a helpful reminder
// to configure cron jobs.
if ($never_run && $severity != REQUIREMENT_ERROR && $_GET['q'] == 'admin' && user_access('administer site configuration')) {
drupal_set_message($t('Cron has not run. Please visit the <a href="@status">status report</a> for more information.', array(
'@status' => url('admin/reports/status'),
)));
}
// Set summary and description based on values determined above.
if ($never_run) {
$summary = $t('Never run');
$description = $t('Cron has not run.') . ' ' . $help;
}
else {
$summary = $t('Last run !time ago', array(
'!time' => format_interval(time() - $cron_last),
));
$description = '';
if ($severity != REQUIREMENT_OK) {
$description = $t('Cron has not run recently.') . ' ' . $help;
}
}
$requirements['cron'] = array(
'title' => $t('Cron maintenance tasks'),
'severity' => $severity,
'value' => $summary,
'description' => $description . ' ' . $t('You can <a href="@cron">run cron manually</a>.', array(
'@cron' => url('admin/reports/status/run-cron'),
)),
);
}
// Test files directory
$directory = file_directory_path();
$requirements['file system'] = array(
'title' => $t('File system'),
);
// For installer, create the directory if possible.
if ($phase == 'install' && !is_dir($directory) && @mkdir($directory)) {
@chmod($directory, 0775);
// Necessary for non-webserver users.
}
$is_writable = is_writable($directory);
$is_directory = is_dir($directory);
if (!$is_writable || !$is_directory) {
$description = '';
$requirements['file system']['value'] = $t('Not writable');
if (!$is_directory) {
$error = $t('The directory %directory does not exist.', array(
'%directory' => $directory,
));
}
else {
$error = $t('The directory %directory is not writable.', array(
'%directory' => $directory,
));
}
// The files directory requirement check is done only during install and runtime.
if ($phase == 'runtime') {
$description = $error . ' ' . $t('You may need to set the correct directory at the <a href="@admin-file-system">file system settings page</a> or change the current directory\'s permissions so that it is writable.', array(
'@admin-file-system' => url('admin/settings/file-system'),
));
}
elseif ($phase == 'install') {
// For the installer UI, we need different wording. 'value' will
// be treated as version, so provide none there.
$description = $error . ' ' . $t('An automated attempt to create this directory failed, possibly due to a permissions problem. To proceed with the installation, either create the directory and modify its permissions manually, or ensure that the installer has the permissions to create it automatically. For more information, please see INSTALL.txt or the <a href="@handbook_url">on-line handbook</a>.', array(
'@handbook_url' => 'http://drupal.org/server-permissions',
));
$requirements['file system']['value'] = '';
}
if (!empty($description)) {
$requirements['file system']['description'] = $description;
$requirements['file system']['severity'] = REQUIREMENT_ERROR;
}
}
else {
if (variable_get('file_downloads', FILE_DOWNLOADS_PUBLIC) == FILE_DOWNLOADS_PUBLIC) {
$requirements['file system']['value'] = $t('Writable (<em>public</em> download method)');
}
else {
$requirements['file system']['value'] = $t('Writable (<em>private</em> download method)');
}
}
// See if updates are available in update.php.
if ($phase == 'runtime') {
$requirements['update'] = array(
'title' => $t('Database updates'),
'severity' => REQUIREMENT_OK,
'value' => $t('Up to date'),
);
// Check installed modules.
foreach (module_list() as $module) {
$updates = drupal_get_schema_versions($module);
if ($updates !== FALSE) {
$default = drupal_get_installed_schema_version($module);
if (max($updates) > $default) {
$requirements['update']['severity'] = REQUIREMENT_ERROR;
$requirements['update']['value'] = $t('Out of date');
$requirements['update']['description'] = $t('Some modules have database schema updates to install. You should run the <a href="@update">database update script</a> immediately.', array(
'@update' => base_path() . 'update.php',
));
break;
}
}
}
}
// Verify the update.php access setting
if ($phase == 'runtime') {
if (!empty($GLOBALS['update_free_access'])) {
$requirements['update access'] = array(
'value' => $t('Not protected'),
'severity' => REQUIREMENT_ERROR,
'description' => $t('The update.php script is accessible to everyone without authentication check, which is a security risk. You must change the $update_free_access value in your settings.php back to FALSE.'),
);
}
else {
$requirements['update access'] = array(
'value' => $t('Protected'),
);
}
$requirements['update access']['title'] = $t('Access to update.php');
}
// Test Unicode library
include_once './includes/unicode.inc';
$requirements = array_merge($requirements, unicode_requirements());
if ($phase == 'runtime') {
// Check for update status module.
if (!module_exists('update')) {
$requirements['update status'] = array(
'value' => $t('Not enabled'),
'severity' => REQUIREMENT_WARNING,
'description' => $t('Update notifications are not enabled. It is <strong>highly recommended</strong> that you enable the update status module from the <a href="@module">module administration page</a> in order to stay up-to-date on new releases. For more information please read the <a href="@update">Update status handbook page</a>.', array(
'@update' => 'http://drupal.org/handbook/modules/update',
'@module' => url('admin/build/modules'),
)),
);
}
else {
$requirements['update status'] = array(
'value' => $t('Enabled'),
);
}
$requirements['update status']['title'] = $t('Update notifications');
// Check that Drupal can issue HTTP requests.
if (variable_get('drupal_http_request_fails', TRUE) && !system_check_http_request()) {
$requirements['http requests'] = array(
'title' => $t('HTTP request status'),
'value' => $t('Fails'),
'severity' => REQUIREMENT_ERROR,
'description' => $t('Your system or network configuration does not allow Drupal to access web pages, resulting in reduced functionality. This could be due to your webserver configuration or PHP settings, and should be resolved in order to download information about available updates, fetch aggregator feeds, sign in via OpenID, or use other network-dependent services.'),
);
}
}
return $requirements;
}