Warn user if mod_security is present

[lhc/web/wiklou.git] / includes / installer / Installer.php

diff --git a/includes/installer/Installer.php b/includes/installer/Installer.php
index e1fd202..c29dd66 100644 (file)
--- a/includes/installer/Installer.php
+++ b/includes/installer/Installer.php
@@ -97,6 +97,7 @@ abstract class Installer {
                'envCheckPCRE',
                'envCheckMemory',
                'envCheckCache',
+               'envCheckModSecurity',
                'envCheckDiff3',
                'envCheckGraphics',
                'envCheckServer',
@@ -805,6 +806,15 @@ abstract class Installer {
                $this->setVar( '_Caches', $caches );
        }
 
+       /**
+        * Scare user to death if they have mod_security
+        */
+       protected function envCheckModSecurity() {
+               if ( !self::apacheModulePresent( 'mod_security' ) ) {
+                       $this->showMessage( 'config-mod-security' );
+               }
+       }
+
        /**
         * Search for GNU diff3.
         */
@@ -1168,6 +1178,23 @@ abstract class Installer {
                return false;
        }
 
+       /**
+        * Checks for presence of an Apache module. Works only if PHP is running as an Apache module, too.
+        * 
+        * @param $moduleName String: Name of module to check.
+        * @return bool
+        */
+       public static function apacheModulePresent( $moduleName ) {
+               if ( function_exists( 'apache_get_modules' ) && in_array( $moduleName, apache_get_modules() ) ) {
+                       return true;
+               }
+               // try it the hard way
+               ob_start();
+               phpinfo( INFO_MODULES );
+               $info = ob_get_clean();
+               return strpos( $info, $moduleName ) !== false;
+       }
+
        /**
         * ParserOptions are constructed before we determined the language, so fix it
         *