coregrade/CoreGradeLearning
1
0
Fork 0
Code Issues Pull Requests Releases Activity

first commit

Browse Source
This commit is contained in:
CHIEFSOFT\ameye
2024-09-30 18:11:26 -04:00
commit e592ca6823
27270 changed files with 5002257 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
lib/classes/check/security/crawlers.php
+89
View File
@@ -0,0 +1,89 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Verifies web crawler (search engine) access
*
* Not combined with disabled guest access because attackers might gain guest
* access by modifying browser signature.
*
* @package core
* @category check
* @copyright 2020 Brendan Heywood <brendan@catalyst-au.net>
* @copyright 2008 petr Skoda
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace core\check\security;
defined('MOODLE_INTERNAL') || die();
use core\check\check;
use core\check\result;
/**
* Verifies web crawler (search engine) access
*
* Not combined with disabled guest access because attackers might gain guest
* access by modifying browser signature.
*
* @copyright 2020 Brendan Heywood <brendan@catalyst-au.net>
* @copyright 2008 petr Skoda
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class crawlers extends check {
/**
* Get the short check name
*
* @return string
*/
public function get_name(): string {
return get_string('check_crawlers_name', 'report_security');
}
/**
* A link to a place to action this
*
* @return \action_link|null
*/
public function get_action_link(): ?\action_link {
return new \action_link(
new \moodle_url('/admin/settings.php?section=sitepolicies#admin-opentowebcrawlers'),
get_string('sitepolicies', 'admin'));
}
/**
* Return result
* @return result
*/
public function get_result(): result {
global $CFG;
$details = get_string('check_crawlers_details', 'report_security');
if (empty($CFG->opentowebcrawlers)) {
$status = result::OK;
$summary = get_string('check_crawlers_ok', 'report_security');
} else if (!empty($CFG->guestloginbutton)) {
$status = result::INFO;
$summary = get_string('check_crawlers_info', 'report_security');
} else {
$status = result::ERROR;
$summary = get_string('check_crawlers_error', 'report_security');
}
return new result($status, $summary, $details);
}
}
lib/classes/check/security/emailchangeconfirmation.php
+86
View File
@@ -0,0 +1,86 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Verifies email confirmation - spammers were changing mails very often
*
* @package core
* @category check
* @copyright 2020 Brendan Heywood <brendan@catalyst-au.net>
* @copyright 2008 petr Skoda
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace core\check\security;
defined('MOODLE_INTERNAL') || die();
use core\check\check;
use core\check\result;
/**
* Verifies email confirmation - spammers were changing mails very often
*
* @copyright 2020 Brendan Heywood <brendan@catalyst-au.net>
* @copyright 2008 petr Skoda
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class emailchangeconfirmation extends check {
/**
* Get the short check name
*
* @return string
*/
public function get_name(): string {
return get_string('check_emailchangeconfirmation_name', 'report_security');
}
/**
* A link to a place to action this
*
* @return \action_link|null
*/
public function get_action_link(): ?\action_link {
return new \action_link(
new \moodle_url('/admin/settings.php?section=sitepolicies#admin-emailchangeconfirmation'),
get_string('sitepolicies', 'admin'));
}
/**
* Return result
* @return result
*/
public function get_result(): result {
global $CFG;
$details = get_string('check_emailchangeconfirmation_details', 'report_security');
if (empty($CFG->emailchangeconfirmation)) {
if (empty($CFG->allowemailaddresses)) {
$status = result::WARNING;
$summary = get_string('check_emailchangeconfirmation_error', 'report_security');
} else {
$status = result::INFO;
$summary = get_string('check_emailchangeconfirmation_info', 'report_security');
}
} else {
$status = result::OK;
$summary = get_string('check_emailchangeconfirmation_ok', 'report_security');
}
return new result($status, $summary, $details);
}
}
lib/classes/check/security/embed.php
+80
View File
@@ -0,0 +1,80 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Verifies sloppy embedding - this should have been removed long ago!!
*
* @package core
* @category check
* @copyright 2020 Brendan Heywood <brendan@catalyst-au.net>
* @copyright 2008 petr Skoda
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace core\check\security;
defined('MOODLE_INTERNAL') || die();
use core\check\check;
use core\check\result;
/**
* Verifies sloppy embedding - this should have been removed long ago!!
*
* @copyright 2020 Brendan Heywood <brendan@catalyst-au.net>
* @copyright 2008 petr Skoda
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class embed extends check {
/**
* Get the short check name
*
* @return string
*/
public function get_name(): string {
return get_string('check_embed_name', 'report_security');
}
/**
* A link to a place to action this
*
* @return \action_link|null
*/
public function get_action_link(): ?\action_link {
return new \action_link(
new \moodle_url('/admin/settings.php?section=sitepolicies#admin-allowobjectembed'),
get_string('sitepolicies', 'admin'));
}
/**
* Return result
* @return result
*/
public function get_result(): result {
global $CFG;
$details = get_string('check_embed_details', 'report_security');
if (!empty($CFG->allowobjectembed)) {
$status = result::ERROR;
$summary = get_string('check_embed_error', 'report_security');
} else {
$status = result::OK;
$summary = get_string('check_embed_ok', 'report_security');
}
return new result($status, $summary, $details);
}
}
lib/classes/check/security/openprofiles.php
+80
View File
@@ -0,0 +1,80 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Verifies open profiles - originally open by default, not anymore because spammer abused it a lot
*
* @package core
* @category check
* @copyright 2020 Brendan Heywood <brendan@catalyst-au.net>
* @copyright 2008 petr Skoda
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace core\check\security;
defined('MOODLE_INTERNAL') || die();
use core\check\check;
use core\check\result;
/**
* Verifies open profiles - originally open by default, not anymore because spammer abused it a lot
*
* @copyright 2020 Brendan Heywood <brendan@catalyst-au.net>
* @copyright 2008 petr Skoda
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class openprofiles extends check {
/**
* Get the short check name
*
* @return string
*/
public function get_name(): string {
return get_string('check_openprofiles_name', 'report_security');
}
/**
* A link to a place to action this
*
* @return \action_link|null
*/
public function get_action_link(): ?\action_link {
return new \action_link(
new \moodle_url('/admin/settings.php?section=sitepolicies#admin-forcelogin'),
get_string('sitepolicies', 'admin'));
}
/**
* Return result
* @return result
*/
public function get_result(): result {
global $CFG;
$details = get_string('check_openprofiles_details', 'report_security');
if (empty($CFG->forcelogin) and empty($CFG->forceloginforprofiles)) {
$status = result::WARNING;
$summary = get_string('check_openprofiles_error', 'report_security');
} else {
$status = result::OK;
$summary = get_string('check_openprofiles_ok', 'report_security');
}
return new result($status, $summary, $details);
}
}
lib/classes/check/security/passwordpolicy.php
+80
View File
@@ -0,0 +1,80 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Verifies if password policy set
*
* @package core
* @category check
* @copyright 2020 Brendan Heywood <brendan@catalyst-au.net>
* @copyright 2008 petr Skoda
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace core\check\security;
defined('MOODLE_INTERNAL') || die();
use core\check\check;
use core\check\result;
/**
* Verifies if password policy set
*
* @copyright 2020 Brendan Heywood <brendan@catalyst-au.net>
* @copyright 2008 petr Skoda
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class passwordpolicy extends check {
/**
* Get the short check name
*
* @return string
*/
public function get_name(): string {
return get_string('check_passwordpolicy_name', 'report_security');
}
/**
* A link to a place to action this
*
* @return \action_link|null
*/
public function get_action_link(): ?\action_link {
return new \action_link(
new \moodle_url('/admin/settings.php?section=sitepolicies#admin-passwordpolicy'),
get_string('sitepolicies', 'admin'));
}
/**
* Return result
* @return result
*/
public function get_result(): result {
global $CFG;
$details = get_string('check_passwordpolicy_details', 'report_security');
if (empty($CFG->passwordpolicy)) {
$status = result::WARNING;
$summary = get_string('check_passwordpolicy_error', 'report_security');
} else {
$status = result::OK;
$summary = get_string('check_passwordpolicy_ok', 'report_security');
}
return new result($status, $summary, $details);
}
}
lib/classes/check/security/webcron.php
+84
View File
@@ -0,0 +1,84 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Verifies the status of web cron
*
* @package core
* @category check
* @copyright 2020 Brendan Heywood <brendan@catalyst-au.net>
* @copyright 2008 petr Skoda
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace core\check\security;
defined('MOODLE_INTERNAL') || die();
use core\check\check;
use core\check\result;
/**
* Verifies the status of web cron
*
* @copyright 2020 Brendan Heywood <brendan@catalyst-au.net>
* @copyright 2008 petr Skoda
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class webcron extends check {
/**
* Get the short check name
*
* @return string
*/
public function get_name(): string {
return get_string('check_webcron_name', 'report_security');
}
/**
* A link to a place to action this
*
* @return \action_link|null
*/
public function get_action_link(): ?\action_link {
return new \action_link(
new \moodle_url('/admin/settings.php?section=sitepolicies#admin-cronclionly'),
get_string('sitepolicies', 'admin'));
}
/**
* Return result
* @return result
*/
public function get_result(): result {
global $CFG;
$croncli = $CFG->cronclionly;
$cronremotepassword = $CFG->cronremotepassword;
if (empty($croncli) && empty($cronremotepassword)) {
$status = result::WARNING;
$summary = get_string('check_webcron_warning', 'report_security');
} else {
$status = result::OK;
$summary = get_string('check_webcron_ok', 'report_security');
}
$details = get_string('check_webcron_details', 'report_security');
return new result($status, $summary, $details);
}
}