Project

General

Profile

« Previous | Next » 

Revision 239

Added by stefan over 18 years ago

Fixed more inconsistencies regarding line endings and end-of-file newlines

View differences:

trunk/INSTALL
1
Website Baker 2 Installation Instructions

2
============================================

3
This will quickly explain what you will need

4
to install website baker.

5

  
6
First of all, you must have a webserver with

7
PHP and MySQL installed correctly. Once you 

8
have got that, place the "wb" folder 

9
somewhere on your server, probably under the

10
document root:

11
e.g. /documentroot/wb

12

  
13
This should be accessed by an address 

14
something like this:

15
e.g. http://localhost/wb/

16

  
17
Now create a blank MySQL database

18
(Commonly called "wb").

19

  
20
Once that is all done simple run the

21
install script from your browser:

22
e.g. http://localhost/wb/install/index.php

23

  
1
Website Baker 2 Installation Instructions
2
============================================
3
This will quickly explain what you will need
4
to install website baker.
5

  
6
First of all, you must have a webserver with
7
PHP and MySQL installed correctly. Once you 
8
have got that, place the "wb" folder 
9
somewhere on your server, probably under the
10
document root:
11
e.g. /documentroot/wb
12

  
13
This should be accessed by an address 
14
something like this:
15
e.g. http://localhost/wb/
16

  
17
Now create a blank MySQL database
18
(Commonly called "wb").
19

  
20
Once that is all done simple run the
21
install script from your browser:
22
e.g. http://localhost/wb/install/index.php
23

  
24 24
Fill-out the form and submit it, and if all
25 25
the details are correct, you should be taken
26
to Website Baker Administration.
26
to Website Baker Administration.
trunk/wb/search/search.php
1
<?php

2

  
3
// $Id$

4

  
5
/*

6

  
7
 Website Baker Project <http://www.websitebaker.org/>

8
 Copyright (C) 2004-2005, Ryan Djurovich

9

  
10
 Website Baker is free software; you can redistribute it and/or modify

11
 it under the terms of the GNU General Public License as published by

12
 the Free Software Foundation; either version 2 of the License, or

13
 (at your option) any later version.

14

  
15
 Website Baker is distributed in the hope that it will be useful,

16
 but WITHOUT ANY WARRANTY; without even the implied warranty of

17
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

18
 GNU General Public License for more details.

19

  
20
 You should have received a copy of the GNU General Public License

21
 along with Website Baker; if not, write to the Free Software

22
 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA

23

  
24
*/

25

  
26
if(!defined('WB_URL')) { header('Location: index.php'); }

27

  
28
// Check if search is enabled

29
if(SHOW_SEARCH != true) {

30
	echo $TEXT['SEARCH'].' '.$TEXT['DISABLED'];

31
} else {

32
	
33
	// Make pages_listed and items_listed blank arrays

34
	$pages_listed = array();

35
	$items_listed = array();

36

  
37
	// Get search string

38
	if(isset($_REQUEST['string'])) {

39
		if ($_REQUEST['match']!='exact') {

40
			$string=str_replace(',', '', $_REQUEST['string']);

41
		} else {

42
			$string=$_REQUEST['string'];

43
		}

44
		// reverse potential magic_quotes action

45
		$original_string=$wb->strip_slashes($string);

46
		// Double backslashes (mySQL needs doubly escaped backslashes in LIKE comparisons)

47
		$string = addslashes($wb->escape_backslashes($original_string));

48
		// then escape for mySQL query

49
		$search_string = htmlspecialchars($original_string,ENT_QUOTES);

50
	} else {

51
		$string = '';

52
		$search_string = '';

53
	}

54
	
55
	// Work-out what to do (match all words, any words, or do exact match), and do relevant with query settings

56
	$all_checked = '';

57
	$any_checked = '';

58
	$exact_checked = '';

59
	if($_REQUEST['match'] != 'exact') {

60
		// Split string into array with explode() function

61
		$exploded_string = explode(' ', $string);

62
		// Make sure there is no blank values in the array

63
		$string = array();

64
		foreach($exploded_string AS $each_exploded_string) {

65
			if($each_exploded_string != '') {

66
				$string[] = $each_exploded_string;

67
			}

68
		}

69
		if ($_REQUEST['match'] == 'any') {

70
			$any_checked = ' checked';

71
			$logical_operator = ' OR';

72
		} else {

73
			$all_checked = ' checked';

74
			$logical_operator = ' AND';

75
		}

76
	} else {

77
		$exact_checked = ' checked';

78
		$exact_string=$string;

79
		$string=array();

80
		$string[]=$exact_string;

81
	}	

82
	// Get list of usernames and display names

83
	$query_users = $database->query("SELECT user_id,username,display_name FROM ".TABLE_PREFIX."users");

84
	$users = array('0' => array('display_name' => $TEXT['UNKNOWN'], 'username' => strtolower($TEXT['UNKNOWN'])));

85
	if($query_users->numRows() > 0) {

86
		while($user = $query_users->fetchRow()) {

87
			$users[$user['user_id']] = array('display_name' => $user['display_name'], 'username' => $user['username']);

88
		}

89
	}

90
	
91
	// Get search settings

92
	$query_header = $database->query("SELECT value FROM ".TABLE_PREFIX."search WHERE name = 'header' LIMIT 1");

93
	$fetch_header = $query_header->fetchRow();

94
	$query_footer = $database->query("SELECT value FROM ".TABLE_PREFIX."search WHERE name = 'footer' LIMIT 1");

95
	$fetch_footer = $query_footer->fetchRow();

96
	$query_results_header = $database->query("SELECT value FROM ".TABLE_PREFIX."search WHERE name = 'results_header' LIMIT 1");

97
	$fetch_results_header = $query_results_header->fetchRow();

98
	$query_results_footer = $database->query("SELECT value FROM ".TABLE_PREFIX."search WHERE name = 'results_footer' LIMIT 1");

99
	$fetch_results_footer = $query_results_footer->fetchRow();

100
	$query_results_loop = $database->query("SELECT value FROM ".TABLE_PREFIX."search WHERE name = 'results_loop' LIMIT 1");

101
	$fetch_results_loop = $query_results_loop->fetchRow();

102
	$query_no_results = $database->query("SELECT value FROM ".TABLE_PREFIX."search WHERE name = 'no_results' LIMIT 1");

103
	$fetch_no_results = $query_no_results->fetchRow();

104
	
105
	// Replace vars in search settings with values

106
	$vars = array('[SEARCH_STRING]', '[WB_URL]', '[PAGE_EXTENSION]', '[TEXT_RESULTS_FOR]');

107
	$values = array($search_string, WB_URL, PAGE_EXTENSION, $TEXT['RESULTS_FOR']);

108
	$search_footer = str_replace($vars, $values, ($fetch_footer['value']));

109
	$search_results_header = str_replace($vars, $values, ($fetch_results_header['value']));

110
	$search_results_footer = str_replace($vars, $values, ($fetch_results_footer['value']));

111
	// Do extra vars/values replacement

112
	$vars = array('[SEARCH_STRING]', '[WB_URL]', '[PAGE_EXTENSION]', '[TEXT_SEARCH]', '[TEXT_ALL_WORDS]', '[TEXT_ANY_WORDS]', '[TEXT_EXACT_MATCH]', '[TEXT_MATCH]', '[TEXT_MATCHING]', '[ALL_CHECKED]', '[ANY_CHECKED]', '[EXACT_CHECKED]');

113
	$values = array($search_string, WB_URL, PAGE_EXTENSION, $TEXT['SEARCH'], $TEXT['ALL_WORDS'], $TEXT['ANY_WORDS'], $TEXT['EXACT_MATCH'], $TEXT['MATCH'], $TEXT['MATCHING'], $all_checked, $any_checked, $exact_checked);

114
	$search_header = str_replace($vars, $values, ($fetch_header['value']));

115
	
116
	// Insert js code

117
	?>

118
	<script language="javascript" type="text/javascript">

119
	function toggle_radio(checkbox_id) {

120
		if(document.getElementById(checkbox_id).checked == true) {

121
			document.getElementById(checkbox_id).checked = false;

122
		} else {

123
			document.getElementById(checkbox_id).checked = true;

124
		}

125
	}

126
	</script>

127
	<?php

128
	
129
	// Show search header

130
	echo $search_header;

131
	
132
	// Work-out if the user has already entered their details or not

133
	if($string != '' AND $string != ' ' AND $string != '  ' AND $string != array()) {

134
		
135
		// Show search results_header

136
		echo $search_results_header;

137
		// Search page details only, such as description, keywords, etc.

138
			$query_pages = "SELECT page_id, page_title, menu_title, link, description, modified_when, modified_by FROM ".TABLE_PREFIX."pages WHERE ";

139
			$count = 0;

140
			foreach($string AS $each_string) {

141
				if($count != 0) { $query_pages .= $logical_operator; }

142
				$query_pages .= " visibility != 'none' AND page_title LIKE '%$each_string%' AND searching = '1'".

143
				" OR visibility != 'none' AND visibility != 'deleted' AND menu_title LIKE '%$each_string%' AND searching = '1'".

144
				" OR visibility != 'none' AND visibility != 'deleted' AND description LIKE '%$each_string%' AND searching = '1'".

145
				" OR visibility != 'none' AND visibility != 'deleted' AND keywords LIKE '%$each_string%' AND searching = '1'";

146
				$count = $count+1;

147
			}

148
			$query_pages = $database->query($query_pages);

149
		// Loop through pages

150
		if($query_pages->numRows() > 0) {

151
			while($page = $query_pages->fetchRow()) {

152
				// Get page link

153
				$link = page_link($page['link']);

154
				// Set vars to be replaced by values

155
				$vars = array('[LINK]', '[TITLE]', '[DESCRIPTION]', '[USERNAME]','[DISPLAY_NAME]','[DATE]','[TIME]','[TEXT_LAST_UPDATED_BY]','[TEXT_ON]');

156
				if($page['modified_when'] > 0) {

157
					$date = gmdate(DATE_FORMAT, $page['modified_when']+TIMEZONE);

158
					$time = gmdate(TIME_FORMAT, $page['modified_when']+TIMEZONE);

159
				} else {

160
					$date = $TEXT['UNKNOWN'].' '.$TEXT['DATE'];

161
					$time = $TEXT['UNKNOWN'].' '.$TEXT['TIME'];

162
				}

163
				$values = array($link, ($page['page_title']),($page['description']), $users[$page['modified_by']]['username'], $users[$page['modified_by']]['display_name'], $date, $time, $TEXT['LAST_UPDATED_BY'], strtolower($TEXT['ON']));

164
				// Show loop code with vars replaced by values

165
				if($values != array()) {

166
					echo str_replace($vars, $values, ($fetch_results_loop['value']));

167
				}

168
				// Say that we have already listed this page id

169
				$pages_listed[$page['page_id']] = true;

170
				// Set values to blank

171
				$value = array();

172
			}

173
		}

174
		// Get modules that have registered for custom query's to be conducted

175
		$get_modules = $database->query("SELECT value,extra FROM ".TABLE_PREFIX."search WHERE name = 'module'");

176
		// Loop through each module

177
		if($get_modules->numRows() > 0) {

178
			while($module = $get_modules->fetchRow()) {

179
				// Get module name

180
				$module_name = $module['value'];

181
				// Get fields to use for title, link, etc.

182
				$fields = unserialize($module['extra']);

183
				// Get query start

184
				$get_query_start = $database->query("SELECT value FROM ".TABLE_PREFIX."search WHERE name = 'query_start' AND extra = '$module_name' LIMIT 1");

185
				if($get_query_start->numRows() > 0) {

186
					// Fetch query start

187
					$fetch_query_start = $get_query_start->fetchRow();

188
					// Prepare query start for execution by replacing {TP} with the TABLE_PREFIX

189
					$query_start = str_replace('[TP]', TABLE_PREFIX, ($fetch_query_start['value']));

190
					// Get query end

191
					$get_query_end = $database->query("SELECT value FROM ".TABLE_PREFIX."search WHERE name = 'query_end' AND extra = '$module_name' LIMIT 1");

192
					if($get_query_end->numRows() > 0) {

193
						// Fetch query start

194
						$fetch_query_end = $get_query_end->fetchRow();

195
						// Set query end

196
						$query_end = ($fetch_query_end['value']);

197
						// Get query body

198
						$get_query_body = $database->query("SELECT value FROM ".TABLE_PREFIX."search WHERE name = 'query_body' AND extra = '$module_name' LIMIT 1");

199
						if($get_query_body->numRows() > 0) {

200
							// Fetch query start

201
							$fetch_query_body = $get_query_body->fetchRow();

202
							// Prepare query body for execution by replacing {STRING} with the correct one

203
							$query_body = str_replace(array('[TP]','[O]','[W]'), array(TABLE_PREFIX,'LIKE','%'), ($fetch_query_body['value']));

204
							// Loop through query body for each string, then combine with start and end

205
							$prepared_query = $query_start;

206
							$count = 0;

207
							foreach($string AS $each_string) {

208
								if($count != 0) { $prepared_query .= $logical_operator; }

209
								$prepared_query .= str_replace('[STRING]', $each_string, $query_body);

210
								$count = $count+1;

211
							}

212
							$prepared_query .= $query_end;

213
							// Execute query

214
							$query = $database->query($prepared_query);

215
							// Loop though queried items

216
							if($query->numRows() > 0) {

217
								while($page = $query->fetchRow()) {

218
									// Only show this page if it hasn't already been list

219
									if(!isset($fields['page_id']) OR !isset($pages_listed[$page[$fields['page_id']]])) {

220
										// Get page link

221
										$link = page_link($page[$fields['link']]);

222
										// Set vars to be replaced by values

223
										$vars = array('[LINK]', '[TITLE]', '[DESCRIPTION]', '[USERNAME]','[DISPLAY_NAME]','[DATE]','[TIME]','[TEXT_LAST_UPDATED_BY]','[TEXT_ON]');

224
										if($page[$fields['modified_when']] > 0) {

225
											$date = gmdate(DATE_FORMAT, $page[$fields['modified_when']]+TIMEZONE);

226
											$time = gmdate(TIME_FORMAT, $page[$fields['modified_when']]+TIMEZONE);

227
										} else {

228
											$date = $TEXT['UNKNOWN'].' '.$TEXT['DATE'];

229
											$time = $TEXT['UNKNOWN'].' '.$TEXT['TIME'];

230
										}

231
										$values = array($link, ($page[$fields['title']]), ($page[$fields['description']]), $users[$page[$fields['modified_by']]]['username'], $users[$page[$fields['modified_by']]]['display_name'], $date, $time, $TEXT['LAST_UPDATED_BY'], strtolower($TEXT['ON']));

232
										// Show loop code with vars replaced by values

233
										echo str_replace($vars, $values, ($fetch_results_loop['value']));

234
										// Say that this page or item has been listed if we can

235
										if(isset($fields['page_id'])) {

236
											$pages_listed[$page[$fields['page_id']]] = true;

237
										} elseif(isset($fields['item_id'])) {

238
											$items_listed[$page[$fields['item_id']]] = true;

239
										}

240
									}

241
								}

242
							}

243
						
244
						}

245
					}

246
				}

247
			}

248
			
249
			// Show search results_footer

250
			echo $search_results_footer;

251
			
252
		}

253
	
254
	// Say no items found if we should

255
	if($pages_listed == array() AND $items_listed == array()) {

256
		echo $fetch_no_results['value'];

257
	}

258
		
259
	}

260
	
261
	// Show search footer

262
	echo $search_footer;

263
	
264
}

265

  
266
?>

1
<?php
2

  
3
// $Id$
4

  
5
/*
6

  
7
 Website Baker Project <http://www.websitebaker.org/>
8
 Copyright (C) 2004-2005, Ryan Djurovich
9

  
10
 Website Baker is free software; you can redistribute it and/or modify
11
 it under the terms of the GNU General Public License as published by
12
 the Free Software Foundation; either version 2 of the License, or
13
 (at your option) any later version.
14

  
15
 Website Baker is distributed in the hope that it will be useful,
16
 but WITHOUT ANY WARRANTY; without even the implied warranty of
17
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18
 GNU General Public License for more details.
19

  
20
 You should have received a copy of the GNU General Public License
21
 along with Website Baker; if not, write to the Free Software
22
 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
23

  
24
*/
25

  
26
if(!defined('WB_URL')) { header('Location: index.php'); }
27

  
28
// Check if search is enabled
29
if(SHOW_SEARCH != true) {
30
	echo $TEXT['SEARCH'].' '.$TEXT['DISABLED'];
31
} else {
32
	
33
	// Make pages_listed and items_listed blank arrays
34
	$pages_listed = array();
35
	$items_listed = array();
36

  
37
	// Get search string
38
	if(isset($_REQUEST['string'])) {
39
		if ($_REQUEST['match']!='exact') {
40
			$string=str_replace(',', '', $_REQUEST['string']);
41
		} else {
42
			$string=$_REQUEST['string'];
43
		}
44
		// reverse potential magic_quotes action
45
		$original_string=$wb->strip_slashes($string);
46
		// Double backslashes (mySQL needs doubly escaped backslashes in LIKE comparisons)
47
		$string = addslashes($wb->escape_backslashes($original_string));
48
		// then escape for mySQL query
49
		$search_string = htmlspecialchars($original_string,ENT_QUOTES);
50
	} else {
51
		$string = '';
52
		$search_string = '';
53
	}
54
	
55
	// Work-out what to do (match all words, any words, or do exact match), and do relevant with query settings
56
	$all_checked = '';
57
	$any_checked = '';
58
	$exact_checked = '';
59
	if($_REQUEST['match'] != 'exact') {
60
		// Split string into array with explode() function
61
		$exploded_string = explode(' ', $string);
62
		// Make sure there is no blank values in the array
63
		$string = array();
64
		foreach($exploded_string AS $each_exploded_string) {
65
			if($each_exploded_string != '') {
66
				$string[] = $each_exploded_string;
67
			}
68
		}
69
		if ($_REQUEST['match'] == 'any') {
70
			$any_checked = ' checked';
71
			$logical_operator = ' OR';
72
		} else {
73
			$all_checked = ' checked';
74
			$logical_operator = ' AND';
75
		}
76
	} else {
77
		$exact_checked = ' checked';
78
		$exact_string=$string;
79
		$string=array();
80
		$string[]=$exact_string;
81
	}	
82
	// Get list of usernames and display names
83
	$query_users = $database->query("SELECT user_id,username,display_name FROM ".TABLE_PREFIX."users");
84
	$users = array('0' => array('display_name' => $TEXT['UNKNOWN'], 'username' => strtolower($TEXT['UNKNOWN'])));
85
	if($query_users->numRows() > 0) {
86
		while($user = $query_users->fetchRow()) {
87
			$users[$user['user_id']] = array('display_name' => $user['display_name'], 'username' => $user['username']);
88
		}
89
	}
90
	
91
	// Get search settings
92
	$query_header = $database->query("SELECT value FROM ".TABLE_PREFIX."search WHERE name = 'header' LIMIT 1");
93
	$fetch_header = $query_header->fetchRow();
94
	$query_footer = $database->query("SELECT value FROM ".TABLE_PREFIX."search WHERE name = 'footer' LIMIT 1");
95
	$fetch_footer = $query_footer->fetchRow();
96
	$query_results_header = $database->query("SELECT value FROM ".TABLE_PREFIX."search WHERE name = 'results_header' LIMIT 1");
97
	$fetch_results_header = $query_results_header->fetchRow();
98
	$query_results_footer = $database->query("SELECT value FROM ".TABLE_PREFIX."search WHERE name = 'results_footer' LIMIT 1");
99
	$fetch_results_footer = $query_results_footer->fetchRow();
100
	$query_results_loop = $database->query("SELECT value FROM ".TABLE_PREFIX."search WHERE name = 'results_loop' LIMIT 1");
101
	$fetch_results_loop = $query_results_loop->fetchRow();
102
	$query_no_results = $database->query("SELECT value FROM ".TABLE_PREFIX."search WHERE name = 'no_results' LIMIT 1");
103
	$fetch_no_results = $query_no_results->fetchRow();
104
	
105
	// Replace vars in search settings with values
106
	$vars = array('[SEARCH_STRING]', '[WB_URL]', '[PAGE_EXTENSION]', '[TEXT_RESULTS_FOR]');
107
	$values = array($search_string, WB_URL, PAGE_EXTENSION, $TEXT['RESULTS_FOR']);
108
	$search_footer = str_replace($vars, $values, ($fetch_footer['value']));
109
	$search_results_header = str_replace($vars, $values, ($fetch_results_header['value']));
110
	$search_results_footer = str_replace($vars, $values, ($fetch_results_footer['value']));
111
	// Do extra vars/values replacement
112
	$vars = array('[SEARCH_STRING]', '[WB_URL]', '[PAGE_EXTENSION]', '[TEXT_SEARCH]', '[TEXT_ALL_WORDS]', '[TEXT_ANY_WORDS]', '[TEXT_EXACT_MATCH]', '[TEXT_MATCH]', '[TEXT_MATCHING]', '[ALL_CHECKED]', '[ANY_CHECKED]', '[EXACT_CHECKED]');
113
	$values = array($search_string, WB_URL, PAGE_EXTENSION, $TEXT['SEARCH'], $TEXT['ALL_WORDS'], $TEXT['ANY_WORDS'], $TEXT['EXACT_MATCH'], $TEXT['MATCH'], $TEXT['MATCHING'], $all_checked, $any_checked, $exact_checked);
114
	$search_header = str_replace($vars, $values, ($fetch_header['value']));
115
	
116
	// Insert js code
117
	?>
118
	<script language="javascript" type="text/javascript">
119
	function toggle_radio(checkbox_id) {
120
		if(document.getElementById(checkbox_id).checked == true) {
121
			document.getElementById(checkbox_id).checked = false;
122
		} else {
123
			document.getElementById(checkbox_id).checked = true;
124
		}
125
	}
126
	</script>
127
	<?php
128
	
129
	// Show search header
130
	echo $search_header;
131
	
132
	// Work-out if the user has already entered their details or not
133
	if($string != '' AND $string != ' ' AND $string != '  ' AND $string != array()) {
134
		
135
		// Show search results_header
136
		echo $search_results_header;
137
		// Search page details only, such as description, keywords, etc.
138
			$query_pages = "SELECT page_id, page_title, menu_title, link, description, modified_when, modified_by FROM ".TABLE_PREFIX."pages WHERE ";
139
			$count = 0;
140
			foreach($string AS $each_string) {
141
				if($count != 0) { $query_pages .= $logical_operator; }
142
				$query_pages .= " visibility != 'none' AND page_title LIKE '%$each_string%' AND searching = '1'".
143
				" OR visibility != 'none' AND visibility != 'deleted' AND menu_title LIKE '%$each_string%' AND searching = '1'".
144
				" OR visibility != 'none' AND visibility != 'deleted' AND description LIKE '%$each_string%' AND searching = '1'".
145
				" OR visibility != 'none' AND visibility != 'deleted' AND keywords LIKE '%$each_string%' AND searching = '1'";
146
				$count = $count+1;
147
			}
148
			$query_pages = $database->query($query_pages);
149
		// Loop through pages
150
		if($query_pages->numRows() > 0) {
151
			while($page = $query_pages->fetchRow()) {
152
				// Get page link
153
				$link = page_link($page['link']);
154
				// Set vars to be replaced by values
155
				$vars = array('[LINK]', '[TITLE]', '[DESCRIPTION]', '[USERNAME]','[DISPLAY_NAME]','[DATE]','[TIME]','[TEXT_LAST_UPDATED_BY]','[TEXT_ON]');
156
				if($page['modified_when'] > 0) {
157
					$date = gmdate(DATE_FORMAT, $page['modified_when']+TIMEZONE);
158
					$time = gmdate(TIME_FORMAT, $page['modified_when']+TIMEZONE);
159
				} else {
160
					$date = $TEXT['UNKNOWN'].' '.$TEXT['DATE'];
161
					$time = $TEXT['UNKNOWN'].' '.$TEXT['TIME'];
162
				}
163
				$values = array($link, ($page['page_title']),($page['description']), $users[$page['modified_by']]['username'], $users[$page['modified_by']]['display_name'], $date, $time, $TEXT['LAST_UPDATED_BY'], strtolower($TEXT['ON']));
164
				// Show loop code with vars replaced by values
165
				if($values != array()) {
166
					echo str_replace($vars, $values, ($fetch_results_loop['value']));
167
				}
168
				// Say that we have already listed this page id
169
				$pages_listed[$page['page_id']] = true;
170
				// Set values to blank
171
				$value = array();
172
			}
173
		}
174
		// Get modules that have registered for custom query's to be conducted
175
		$get_modules = $database->query("SELECT value,extra FROM ".TABLE_PREFIX."search WHERE name = 'module'");
176
		// Loop through each module
177
		if($get_modules->numRows() > 0) {
178
			while($module = $get_modules->fetchRow()) {
179
				// Get module name
180
				$module_name = $module['value'];
181
				// Get fields to use for title, link, etc.
182
				$fields = unserialize($module['extra']);
183
				// Get query start
184
				$get_query_start = $database->query("SELECT value FROM ".TABLE_PREFIX."search WHERE name = 'query_start' AND extra = '$module_name' LIMIT 1");
185
				if($get_query_start->numRows() > 0) {
186
					// Fetch query start
187
					$fetch_query_start = $get_query_start->fetchRow();
188
					// Prepare query start for execution by replacing {TP} with the TABLE_PREFIX
189
					$query_start = str_replace('[TP]', TABLE_PREFIX, ($fetch_query_start['value']));
190
					// Get query end
191
					$get_query_end = $database->query("SELECT value FROM ".TABLE_PREFIX."search WHERE name = 'query_end' AND extra = '$module_name' LIMIT 1");
192
					if($get_query_end->numRows() > 0) {
193
						// Fetch query start
194
						$fetch_query_end = $get_query_end->fetchRow();
195
						// Set query end
196
						$query_end = ($fetch_query_end['value']);
197
						// Get query body
198
						$get_query_body = $database->query("SELECT value FROM ".TABLE_PREFIX."search WHERE name = 'query_body' AND extra = '$module_name' LIMIT 1");
199
						if($get_query_body->numRows() > 0) {
200
							// Fetch query start
201
							$fetch_query_body = $get_query_body->fetchRow();
202
							// Prepare query body for execution by replacing {STRING} with the correct one
203
							$query_body = str_replace(array('[TP]','[O]','[W]'), array(TABLE_PREFIX,'LIKE','%'), ($fetch_query_body['value']));
204
							// Loop through query body for each string, then combine with start and end
205
							$prepared_query = $query_start;
206
							$count = 0;
207
							foreach($string AS $each_string) {
208
								if($count != 0) { $prepared_query .= $logical_operator; }
209
								$prepared_query .= str_replace('[STRING]', $each_string, $query_body);
210
								$count = $count+1;
211
							}
212
							$prepared_query .= $query_end;
213
							// Execute query
214
							$query = $database->query($prepared_query);
215
							// Loop though queried items
216
							if($query->numRows() > 0) {
217
								while($page = $query->fetchRow()) {
218
									// Only show this page if it hasn't already been list
219
									if(!isset($fields['page_id']) OR !isset($pages_listed[$page[$fields['page_id']]])) {
220
										// Get page link
221
										$link = page_link($page[$fields['link']]);
222
										// Set vars to be replaced by values
223
										$vars = array('[LINK]', '[TITLE]', '[DESCRIPTION]', '[USERNAME]','[DISPLAY_NAME]','[DATE]','[TIME]','[TEXT_LAST_UPDATED_BY]','[TEXT_ON]');
224
										if($page[$fields['modified_when']] > 0) {
225
											$date = gmdate(DATE_FORMAT, $page[$fields['modified_when']]+TIMEZONE);
226
											$time = gmdate(TIME_FORMAT, $page[$fields['modified_when']]+TIMEZONE);
227
										} else {
228
											$date = $TEXT['UNKNOWN'].' '.$TEXT['DATE'];
229
											$time = $TEXT['UNKNOWN'].' '.$TEXT['TIME'];
230
										}
231
										$values = array($link, ($page[$fields['title']]), ($page[$fields['description']]), $users[$page[$fields['modified_by']]]['username'], $users[$page[$fields['modified_by']]]['display_name'], $date, $time, $TEXT['LAST_UPDATED_BY'], strtolower($TEXT['ON']));
232
										// Show loop code with vars replaced by values
233
										echo str_replace($vars, $values, ($fetch_results_loop['value']));
234
										// Say that this page or item has been listed if we can
235
										if(isset($fields['page_id'])) {
236
											$pages_listed[$page[$fields['page_id']]] = true;
237
										} elseif(isset($fields['item_id'])) {
238
											$items_listed[$page[$fields['item_id']]] = true;
239
										}
240
									}
241
								}
242
							}
243
						
244
						}
245
					}
246
				}
247
			}
248
			
249
			// Show search results_footer
250
			echo $search_results_footer;
251
			
252
		}
253
	
254
	// Say no items found if we should
255
	if($pages_listed == array() AND $items_listed == array()) {
256
		echo $fetch_no_results['value'];
257
	}
258
		
259
	}
260
	
261
	// Show search footer
262
	echo $search_footer;
263
	
264
}
265

  
266
?>
trunk/wb/install/save.php
1
<?php
2

  
3
// $Id$
4

  
5
/*
6

  
7
 Website Baker Project <http://www.websitebaker.org/>
8
 Copyright (C) 2004-2005, Ryan Djurovich
9

  
10
 Website Baker is free software; you can redistribute it and/or modify
11
 it under the terms of the GNU General Public License as published by
12
 the Free Software Foundation; either version 2 of the License, or
13
 (at your option) any later version.
14

  
15
 Website Baker is distributed in the hope that it will be useful,
16
 but WITHOUT ANY WARRANTY; without even the implied warranty of
17
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18
 GNU General Public License for more details.
19

  
20
 You should have received a copy of the GNU General Public License
21
 along with Website Baker; if not, write to the Free Software
22
 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
23

  
24
*/
25

  
26
// Start a session
27
if(!defined('SESSION_STARTED')) {
28
	session_name('wb_session_id');
29
	session_start();
30
	define('SESSION_STARTED', true);
31
}
32

  
33
// Function to set error
34
function set_error($message) {
35
	global $_POST;
36
	if(isset($message) AND $message != '') {
37
		// Copy values entered into session so user doesn't have to re-enter everything
38
		if(isset($_POST['website_title'])) {
39
			$_SESSION['wb_url'] = $_POST['wb_url'];
40
			$_SESSION['wb_path'] = $_POST['wb_path'];
41
			$_SESSION['default_timezone'] = $_POST['default_timezone'];
42
			if(!isset($_POST['operating_system'])) {
43
				$_SESSION['operating_system'] = 'linux';
44
			} else {
45
				$_SESSION['operating_system'] = $_POST['operating_system'];
46
			}
47
			if(!isset($_POST['world_writeable'])) {
48
				$_SESSION['world_writeable'] = false;
49
			} else {
50
				$_SESSION['world_writeable'] = true;
51
			}
52
			$_SESSION['database_host'] = $_POST['database_host'];
53
			$_SESSION['database_username'] = $_POST['database_username'];
54
			$_SESSION['database_password'] = $_POST['database_password'];
55
			$_SESSION['database_name'] = $_POST['database_name'];
56
			$_SESSION['table_prefix'] = $_POST['table_prefix'];
57
			if(!isset($_POST['install_tables'])) {
58
				$_SESSION['install_tables'] = false;
59
			} else {
60
				$_SESSION['install_tables'] = true;
61
			}
62
			$_SESSION['website_title'] = $_POST['website_title'];
63
			$_SESSION['admin_username'] = $_POST['admin_username'];
64
			$_SESSION['admin_email'] = $_POST['admin_email'];
65
			$_SESSION['admin_password'] = $_POST['admin_password'];
66
		}
67
		// Set the message
68
		$_SESSION['message'] = $message;
69
		// Specify that session support is enabled
70
		$_SESSION['session_support'] = '<font class="good">Enabled</font>';
71
		// Redirect to first page again and exit
72
		header('Location: index.php?sessions_checked=true');
73
		exit();
74
	}
75
}
76

  
77
// Function to workout what the default permissions are for files created by the webserver
78
function default_file_mode($temp_dir) {
79
	$v = explode(".",PHP_VERSION);
80
	$v = $v[0].$v[1];
81
	if($v > 41 AND is_writable($temp_dir)) {
82
		$filename = $temp_dir.'/test_permissions.txt';
83
		$handle = fopen($filename, 'w');
84
		fwrite($handle, 'This file is to get the default file permissions');
85
		fclose($handle);
86
		$default_file_mode = '0'.substr(sprintf('%o', fileperms($filename)), -3);
87
		unlink($filename);
88
	} else {
89
		$default_file_mode = '0777';
90
	}
91
	return $default_file_mode;
92
}
93

  
94
// Function to workout what the default permissions are for directories created by the webserver
95
function default_dir_mode($temp_dir) {
96
	$v = explode(".",PHP_VERSION);
97
	$v = $v[0].$v[1];
98
	if($v > 41 AND is_writable($temp_dir)) {
99
		$dirname = $temp_dir.'/test_permissions/';
100
		mkdir($dirname);
101
		$default_dir_mode = '0'.substr(sprintf('%o', fileperms($dirname)), -3);
102
		rmdir($dirname);
103
	} else {
104
		$default_dir_mode = '0777';
105
	}
106
	return $default_dir_mode;
107
}
108

  
109
function add_slashes($input) {
110
		if ( get_magic_quotes_gpc() || ( !is_string($input) ) ) {
111
			return $input;
112
		}
113
		$output = addslashes($input);
114
		return $output;
115
	}
116

  
117
// Begin check to see if form was even submitted
118
// Set error if no post vars found
119
if(!isset($_POST['website_title'])) {
120
	set_error('Please fill-in the form below');
121
}
122
// End check to see if form was even submitted
123

  
124
// Begin path and timezone details code
125

  
126
// Check if user has entered the installation url
127
if(!isset($_POST['wb_url']) OR $_POST['wb_url'] == '') {
128
	set_error('Please enter an absolute URL');
129
} else {
130
	$wb_url = $_POST['wb_url'];
131
}
132
// Remove any slashes at the end of the URL
133
if(substr($wb_url, strlen($wb_url)-1, 1) == "/") {
134
	$wb_url = substr($wb_url, 0, strlen($wb_url)-1);
135
}
136
if(substr($wb_url, strlen($wb_url)-1, 1) == "\\") {
137
	$wb_url = substr($wb_url, 0, strlen($wb_url)-1);
138
}
139
if(substr($wb_url, strlen($wb_url)-1, 1) == "/") {
140
	$wb_url = substr($wb_url, 0, strlen($wb_url)-1);
141
}
142
if(substr($wb_url, strlen($wb_url)-1, 1) == "\\") {
143
	$wb_url = substr($wb_url, 0, strlen($wb_url)-1);
144
}
145
// Get the default time zone
146
if(!isset($_POST['default_timezone']) OR !is_numeric($_POST['default_timezone'])) {
147
	set_error('Please select a valid default timezone');
148
} else {
149
	$default_timezone = $_POST['default_timezone']*60*60;
150
}
151
// End path and timezone details code
152

  
153
// Begin operating system specific code
154
// Get operating system
155
if(!isset($_POST['operating_system']) OR $_POST['operating_system'] != 'linux' AND $_POST['operating_system'] != 'windows') {
156
	set_error('Please select a valid operating system');
157
} else {
158
	$operating_system = $_POST['operating_system'];
159
}
160
// Work-out file permissions
161
if($operating_system == 'windows') {
162
	$file_mode = '0777';
163
	$dir_mode = '0777';
164
} elseif(isset($_POST['world_writeable']) AND $_POST['world_writeable'] == 'true') {
165
	$file_mode = '0777';
166
	$dir_mode = '0777';
167
} else {
168
	$file_mode = default_file_mode('../temp');
169
	$dir_mode = default_dir_mode('../temp');
170
}
171
// End operating system specific code
172

  
173
// Begin database details code
174
// Check if user has entered a database host
175
if(!isset($_POST['database_host']) OR $_POST['database_host'] == '') {
176
	set_error('Please enter a database host name');
177
} else {
178
	$database_host = $_POST['database_host'];
179
}
180
// Check if user has entered a database username
181
if(!isset($_POST['database_username']) OR $_POST['database_username'] == '') {
182
	set_error('Please enter a database username');
183
} else {
184
	$database_username = $_POST['database_username'];
185
}
186
// Check if user has entered a database password
187
if(!isset($_POST['database_password'])) {
188
	set_error('Please enter a database password');
189
} else {
190
	$database_password = $_POST['database_password'];
191
}
192
// Check if user has entered a database name
193
if(!isset($_POST['database_name']) OR $_POST['database_name'] == '') {
194
	set_error('Please enter a database name');
195
} else {
196
	$database_name = $_POST['database_name'];
197
}
198
// Get table prefix
199
$table_prefix = $_POST['table_prefix'];
200
// Find out if the user wants to install tables and data
201
if(isset($_POST['install_tables']) AND $_POST['install_tables'] == 'true') {
202
	$install_tables = true;
203
} else {
204
	$install_tables = false;
205
}
206
// End database details code
207

  
208
// Begin website title code
209
// Get website title
210
if(!isset($_POST['website_title']) OR $_POST['website_title'] == '') {
211
	set_error('Please enter a website title');
212
} else {
213
	$website_title = add_slashes($_POST['website_title']);
214
}
215
// End website title code
216

  
217
// Begin admin user details code
218
// Get admin username
219
if(!isset($_POST['admin_username']) OR $_POST['admin_username'] == '') {
220
	set_error('Please enter a username for the Administrator account');
221
} else {
222
	$admin_username = $_POST['admin_username'];
223
}
224
// Get admin email and validate it
225
if(!isset($_POST['admin_email']) OR $_POST['admin_email'] == '') {
226
	set_error('Please enter an email for the Administrator account');
227
} else {
228
	if(eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $_POST['admin_email'])) {
229
		$admin_email = $_POST['admin_email'];
230
	} else {
231
		set_error('Please enter a valid email address for the Administrator account');
232
	}
233
}
234
// Get the two admin passwords entered, and check that they match
235
if(!isset($_POST['admin_password']) OR $_POST['admin_password'] == '') {
236
	set_error('Please enter a password for the Administrator account');
237
} else {
238
	$admin_password = $_POST['admin_password'];
239
}
240
if(!isset($_POST['admin_repassword']) OR $_POST['admin_repassword'] == '') {
241
	set_error('Please make sure you re-enter the password for the Administrator account');
242
} else {
243
	$admin_repassword = $_POST['admin_repassword'];
244
}
245
if($admin_password != $admin_repassword) {
246
	set_error('Sorry, the two Administrator account passwords you entered do not match');
247
}
248
// End admin user details code
249

  
250
// Try and write settings to config file
251
$config_content = "" .
252
"<?php\n".
253
"\n".
254
"define('DB_TYPE', 'mysql');\n".
255
"define('DB_HOST', '$database_host');\n".
256
"define('DB_USERNAME', '$database_username');\n".
257
"define('DB_PASSWORD', '$database_password');\n".
258
"define('DB_NAME', '$database_name');\n".
259
"define('TABLE_PREFIX', '$table_prefix');\n".
260
"\n".
261
"define('WB_PATH', dirname(__FILE__));\n".
262
"define('WB_URL', '$wb_url');\n".
263
"define('ADMIN_PATH', WB_PATH.'/admin');\n".
264
"define('ADMIN_URL', '$wb_url/admin');\n".
265
"\n".
266
"require_once(WB_PATH.'/framework/initialize.php');\n".
267
"\n".
268
"?>";
269

  
270
$config_filename = '../config.php';
271

  
272
// Check if the file exists and is writable first.
273
if(file_exists($config_filename) AND is_writable($config_filename)) {
274
	if(!$handle = fopen($config_filename, 'w')) {
275
		set_error("Cannot open the configuration file ($config_filename)");
276
	} else {
277
		if (fwrite($handle, $config_content) === FALSE) {
278
			set_error("Cannot write to the configuration file ($config_filename)");
279
		}
280
		// Close file
281
		fclose($handle);
282
	}
283
} else {
284
	set_error("The configuration file $config_filename is not writable. Change its permissions so it is, then re-run step 4.");
285
}
286

  
287
// Define configuration vars
288
define('DB_TYPE', 'mysql');
289
define('DB_HOST', $database_host);
290
define('DB_USERNAME', $database_username);
291
define('DB_PASSWORD', $database_password);
292
define('DB_NAME', $database_name);
293
define('TABLE_PREFIX', $table_prefix);
294
define('WB_PATH', str_replace(array('/install','\install'), '',dirname(__FILE__)));
295
define('WB_URL', $wb_url);
296
define('ADMIN_PATH', WB_PATH.'/admin');
297
define('ADMIN_URL', $wb_url.'/admin');
298

  
299
// Check if the user has entered a correct path
300
if(!file_exists(WB_PATH.'/framework/class.admin.php')) {
301
	set_error('It appears the Absolute path that you entered is incorrect');
302
}
303

  
304
// Try connecting to database	
305
if(!mysql_connect(DB_HOST, DB_USERNAME, DB_PASSWORD)) {
306
	set_error('Database host name, username and/or password incorrect. MySQL Error:<br />'.mysql_error());
307
}
308

  
309
// Try to create the database
310
mysql_query('CREATE DATABASE '.$database_name);
311

  
312
// Close the mysql connection
313
mysql_close();
314

  
315
// Include WB functions file
316
require_once(WB_PATH.'/framework/functions.php');
317

  
318
// Re-connect to the database, this time using in-build database class
319
require_once(WB_PATH.'/framework/class.login.php');
320
$database=new database();
321

  
322
// Check if we should install tables
323
if($install_tables == true) {
324
	
325
	// Remove tables if they exist
326

  
327
	// Pages table
328
	$pages = "DROP TABLE IF EXISTS `".TABLE_PREFIX."pages`";
329
	$database->query($pages);
330
	// Sections table
331
	$sections = "DROP TABLE IF EXISTS `".TABLE_PREFIX."sections`";
332
	$database->query($sections);
333
	// Settings table
334
	$settings = "DROP TABLE IF EXISTS `".TABLE_PREFIX."settings`";
335
	$database->query($settings);
336
	// Users table
337
	$users = "DROP TABLE IF EXISTS `".TABLE_PREFIX."users`";
338
	$database->query($users);
339
	// Groups table
340
	$groups = "DROP TABLE IF EXISTS `".TABLE_PREFIX."groups`";
341
	$database->query($groups);
342
	// Search table
343
	$search = "DROP TABLE IF EXISTS `".TABLE_PREFIX."search`";
344
	$database->query($search);
345
	// Addons table
346
	$addons = "DROP TABLE IF EXISTS `".TABLE_PREFIX."addons`";
347
	$database->query($addons);
348
				
349
	// Try installing tables
350
	
351
	// Pages table
352
	$pages = 'CREATE TABLE `'.TABLE_PREFIX.'pages` ( `page_id` INT NOT NULL auto_increment,'
353
	       . ' `parent` INT NOT NULL ,'
354
	       . ' `root_parent` INT NOT NULL ,'
355
	       . ' `level` INT NOT NULL ,'
356
	       . ' `link` TEXT NOT NULL ,'
357
	       . ' `target` VARCHAR( 7 ) NOT NULL ,'
358
	       . ' `page_title` VARCHAR( 255 ) NOT NULL ,'
359
	       . ' `menu_title` VARCHAR( 255 ) NOT NULL ,'
360
	       . ' `description` TEXT NOT NULL ,'
361
	       . ' `keywords` TEXT NOT NULL ,'
362
	       . ' `page_trail` TEXT NOT NULL ,'
363
	       . ' `template` VARCHAR( 255 ) NOT NULL ,'
364
	       . ' `visibility` VARCHAR( 255 ) NOT NULL ,'
365
	       . ' `position` INT NOT NULL ,'
366
	       . ' `menu` INT NOT NULL ,'
367
	       . ' `language` VARCHAR( 5 ) NOT NULL ,'
368
	       . ' `searching` INT NOT NULL ,'
369
	       . ' `admin_groups` TEXT NOT NULL ,'
370
	       . ' `admin_users` TEXT NOT NULL ,'
371
	       . ' `viewing_groups` TEXT NOT NULL ,'
372
	       . ' `viewing_users` TEXT NOT NULL ,'
373
	       . ' `modified_when` INT NOT NULL ,'
374
	       . ' `modified_by` INT NOT NULL ,'
375
	       . ' PRIMARY KEY ( `page_id` ) )'
376
	       . ' ';
377
	$database->query($pages);
378
	
379
	// Sections table
380
	$pages = 'CREATE TABLE `'.TABLE_PREFIX.'sections` ( `section_id` INT NOT NULL auto_increment,'
381
	       . ' `page_id` INT NOT NULL ,'
382
	       . ' `position` INT NOT NULL ,'
383
	       . ' `module` VARCHAR( 255 ) NOT NULL ,'
384
	       . ' `block` VARCHAR( 255 ) NOT NULL ,'
385
	       . ' PRIMARY KEY ( `section_id` ) )'
386
	       . ' ';
387
	$database->query($pages);
388
	
389
	require(WB_PATH.'/admin/interface/version.php');
390
	
391
	// Settings table
392
	$settings="CREATE TABLE `".TABLE_PREFIX."settings` ( `setting_id` INT NOT NULL auto_increment,
393
		`name` VARCHAR( 255 ) NOT NULL ,
394
		`value` TEXT NOT NULL ,
395
		PRIMARY KEY ( `setting_id` ) )";
396
	$database->query($settings);
397
	$settings_rows=	"INSERT INTO `".TABLE_PREFIX."settings` VALUES "
398
	." ('', 'wb_version', '".VERSION."'),"
399
	." ('', 'website_title', '$website_title'),"
400
	." ('', 'website_description', ''),"
401
	." ('', 'website_keywords', ''),"
402
	." ('', 'website_header', ''),"
403
	." ('', 'website_footer', ''),"
404
	." ('', 'wysiwyg_style', 'font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px;'),"
405
	." ('', 'rename_files_on_upload', 'php,asp,phpx,aspx'),"
406
	." ('', 'er_level', ''),"
407
	." ('', 'default_language', 'EN'),"
408
	." ('', 'app_name', 'wb'),"
409
	." ('', 'default_timezone', '$default_timezone'),"
410
	." ('', 'default_date_format', 'M d Y'),"
411
	." ('', 'default_time_format', 'g:i A'),"
412
	." ('', 'home_folders', 'true'),"
413
	." ('', 'default_template', 'round'),"
414
	." ('', 'multiple_menus', 'false'),"
415
	." ('', 'page_level_limit', '4'),"
416
	." ('', 'intro_page', 'false'),"
417
	." ('', 'page_trash', 'disabled'),"
418
	." ('', 'homepage_redirection', 'false'),"
419
	." ('', 'page_languages', 'false'),"
420
	." ('', 'wysiwyg_editor', 'htmlarea'),"
421
	." ('', 'manage_sections', 'true'),"
422
	." ('', 'section_blocks', 'false'),"
423
	." ('', 'smart_login', 'false'),"
424
	." ('', 'frontend_login', 'false'),"
425
	." ('', 'frontend_signup', 'false'),"
426
	." ('', 'server_email', '$admin_email'),"
427
	." ('', 'search', 'public'),"
428
	." ('', 'page_extension', '.php'),"
429
	." ('', 'page_spacer', '-'),"
430
	." ('', 'pages_directory', '/pages'),"
431
	." ('', 'media_directory', '/media'),"
432
	." ('', 'operating_system', '$operating_system'),"
433
	." ('', 'string_file_mode', '$file_mode'),"
434
	." ('', 'string_dir_mode', '$dir_mode');";
435
	$database->query($settings_rows);
436
	
437
	
438
	// Users table
439
	$users = 'CREATE TABLE `'.TABLE_PREFIX.'users` ( `user_id` INT NOT NULL auto_increment,'
440
	       . ' `group_id` INT NOT NULL ,'
441
	       . ' `active` INT NOT NULL ,'
442
	       . ' `username` VARCHAR( 255 ) NOT NULL ,'
443
	       . ' `password` VARCHAR( 255 ) NOT NULL ,'
444
	       . ' `remember_key` VARCHAR( 255 ) NOT NULL ,'
445
	       . ' `last_reset` INT NOT NULL ,'
446
	       . ' `display_name` VARCHAR( 255 ) NOT NULL ,'
447
	       . ' `email` TEXT NOT NULL ,'
448
	       . ' `timezone` INT NOT NULL ,'
449
	       . ' `date_format` VARCHAR( 255 ) NOT NULL ,'
450
	       . ' `time_format` VARCHAR( 255 ) NOT NULL ,'
451
	       . ' `language` VARCHAR( 5 ) NOT NULL ,'
452
	       . ' `home_folder` TEXT NOT NULL ,'
453
	       . ' `login_when` INT NOT NULL ,'
454
	       . ' `login_ip` VARCHAR( 15 ) NOT NULL ,'
455
	       . ' PRIMARY KEY ( `user_id` ) )'
456
	       . ' ';
457
	$database->query($users);
458
	
459
	// Groups table
460
	$groups = 'CREATE TABLE `'.TABLE_PREFIX.'groups` ( `group_id` INT NOT NULL auto_increment,'
461
	        . ' `name` VARCHAR( 255 ) NOT NULL ,'
462
	        . ' `system_permissions` TEXT NOT NULL ,'
463
	        . ' `module_permissions` TEXT NOT NULL ,'
464
	        . ' `template_permissions` TEXT NOT NULL ,'
465
	        . ' PRIMARY KEY ( `group_id` ) )'
466
	        . ' ';
467
	$database->query($groups);
468
	
469
	// Search settings table
470
	$search = 'CREATE TABLE `'.TABLE_PREFIX.'search` ( `search_id` INT NOT NULL auto_increment,'
471
	        . ' `name` VARCHAR( 255 ) NOT NULL ,'
472
	        . ' `value` TEXT NOT NULL ,'
473
	        . ' `extra` TEXT NOT NULL ,'
474
	        . ' PRIMARY KEY ( `search_id` ) )'
475
	        . ' ';
476
	$database->query($search);
477
	
478
	// Addons table
479
	$addons = 'CREATE TABLE `'.TABLE_PREFIX.'addons` ( '
480
			.'`addon_id` INT NOT NULL auto_increment ,'
481
			.'`type` VARCHAR( 255 ) NOT NULL ,'
482
			.'`directory` VARCHAR( 255 ) NOT NULL ,'
483
			.'`name` VARCHAR( 255 ) NOT NULL ,'
484
			.'`description` TEXT NOT NULL ,'
485
			.'`function` VARCHAR( 255 ) NOT NULL ,'
486
			.'`version` VARCHAR( 255 ) NOT NULL ,'
487
			.'`platform` VARCHAR( 255 ) NOT NULL ,'
488
			.'`author` VARCHAR( 255 ) NOT NULL ,'
489
			.'`license` VARCHAR( 255 ) NOT NULL ,'
490
			.' PRIMARY KEY ( `addon_id` ) ); ';
491
	$database->query($addons);
492

  
493
	// Insert default data
494
	
495
	// Admin group
496
	$full_system_permissions = 'pages,pages_view,pages_add,pages_add_l0,pages_settings,pages_modify,pages_intro,pages_delete,media,media_view,media_upload,media_rename,media_delete,media_create,addons,modules,modules_view,modules_install,modules_uninstall,templates,templates_view,templates_install,templates_uninstall,languages,languages_view,languages_install,languages_uninstall,settings,settings_basic,settings_advanced,access,users,users_view,users_add,users_modify,users_delete,groups,groups_view,groups_add,groups_modify,groups_delete';
497
	$insert_admin_group = "INSERT INTO `".TABLE_PREFIX."groups` VALUES ('1', 'Administrators', '$full_system_permissions', '', '')";
498
	$database->query($insert_admin_group);
499
	// Admin user
500
	$insert_admin_user = "INSERT INTO `".TABLE_PREFIX."users` (user_id,group_id,active,username,password,email,display_name) VALUES ('1','1','1','$admin_username','".md5($admin_password)."','$admin_email','Administrator')";
501
	$database->query($insert_admin_user);
502
	
503
	// Search header
504
	$search_header = addslashes('
505
<h1>Search</h1>
506

  
507
<form name="search" action="[WB_URL]/search/index[PAGE_EXTENSION]" method="post">
508
<table cellpadding="3" cellspacing="0" border="0" width="500">
509
<tr>
510
<td>
511
<input type="text" name="string" value="[SEARCH_STRING]" style="width: 100%;" />
512
</td>
513
<td width="150">
514
<input type="submit" value="[TEXT_SEARCH]" style="width: 100%;" />
515
</td>
516
</tr>
517
<tr>
518
<td colspan="2">
519
<input type="radio" name="match" id="match_all" value="all"[ALL_CHECKED] />
520
<a href="javascript: toggle_radio(\'match_all\');">[TEXT_ALL_WORDS]</a>
521
<input type="radio" name="match" id="match_any" value="any"[ANY_CHECKED] />
522
<a href="javascript: toggle_radio(\'match_any\');">[TEXT_ANY_WORDS]</a>
523
<input type="radio" name="match" id="match_exact" value="exact"[EXACT_CHECKED] />
524
<a href="javascript: toggle_radio(\'match_exact\');">[TEXT_EXACT_MATCH]</a>
525
</td>
526
</tr>
527
</table>
528

  
529
</form>
530

  
531
<hr />
532
	');
533
	$insert_search_header = "INSERT INTO `".TABLE_PREFIX."search` VALUES ('', 'header', '$search_header', '')";
534
	$database->query($insert_search_header);
535
	// Search footer
536
	$search_footer = addslashes('');
537
	$insert_search_footer = "INSERT INTO `".TABLE_PREFIX."search` VALUES ('', 'footer', '$search_footer', '')";
538
	$database->query($insert_search_footer);
539
	// Search results header
540
	$search_results_header = addslashes(''.
541
'[TEXT_RESULTS_FOR] \'<b>[SEARCH_STRING]</b>\':
542
<table cellpadding="2" cellspacing="0" border="0" width="100%" style="padding-top: 10px;">');
543
	$insert_search_results_header = "INSERT INTO `".TABLE_PREFIX."search` VALUES ('', 'results_header', '$search_results_header', '')";
544
	$database->query($insert_search_results_header);
545
	// Search results loop
546
	$search_results_loop = addslashes(''.
547
'<tr style="background-color: #F0F0F0;">
548
<td><a href="[LINK]">[TITLE]</a></td>
549
<td align="right">[TEXT_LAST_UPDATED_BY] [DISPLAY_NAME] ([USERNAME]) [TEXT_ON] [DATE]</td>
550
</tr>
551
<tr><td colspan="2" style="text-align: justify; padding-bottom: 10px;">[DESCRIPTION]</td></tr>');
552

  
553
	$insert_search_results_loop = "INSERT INTO `".TABLE_PREFIX."search` VALUES ('', 'results_loop', '$search_results_loop', '')";
554
	$database->query($insert_search_results_loop);
555
	// Search results footer
556
	$search_results_footer = addslashes("</table>");
557
	$insert_search_results_footer = "INSERT INTO `".TABLE_PREFIX."search` VALUES ('', 'results_footer', '$search_results_footer', '')";
558
	$database->query($insert_search_results_footer);
559
	// Search no results
560
	$search_no_results = addslashes('<br />No results found');
561
	$insert_search_no_results = "INSERT INTO `".TABLE_PREFIX."search` VALUES ('', 'no_results', '$search_no_results', '')";
562
	$database->query($insert_search_no_results);
563
	// Search template
564
	$database->query("INSERT INTO `".TABLE_PREFIX."search` (name) VALUES ('template')");
565
		
566
	require_once(WB_PATH.'/framework/initialize.php');
567
	$admin = new admin('dummy');
568
	
569
	// Include the PclZip class file (thanks to 
570
	require_once(WB_PATH.'/include/pclzip/pclzip.lib.php');
571
			
572
	// Install add-ons
573
	if(file_exists(WB_PATH.'/install/modules')) {
574
		// Unpack pre-packaged modules
575
			
576
	}
577
	if(file_exists(WB_PATH.'/install/templates')) {
578
		// Unpack pre-packaged templates
579
		
580
	}
581
	if(file_exists(WB_PATH.'/install/languages')) {
582
		// Unpack pre-packaged languages
583
		
584
	}
585
	// Load addons into DB
586
	$dirs['modules'] = WB_PATH.'/modules/';
587
	$dirs['templates'] = WB_PATH.'/templates/';
588
	$dirs['languages'] = WB_PATH.'/languages/';
589
	foreach($dirs AS $type => $dir) {
590
		if($handle = opendir($dir)) {
591
			while(false !== ($file = readdir($handle))) {
592
				if($file != '' AND substr($file, 0, 1) != '.' AND $file != 'admin.php' AND $file != 'index.php') {
593
					// Get addon type
594
					if($type == 'modules') {
595
						load_module($dir.'/'.$file, true);
596
					} elseif($type == 'templates') {
597
						load_template($dir.'/'.$file);
598
					} elseif($type == 'languages') {
599
						load_language($dir.'/'.$file);
600
					}
601
				}
602
			}
603
		closedir($handle);
604
		}
605
	}
606
	
607
	// Check if there was a database error
608
	if($database->is_error()) {
609
		set_error($database->get_error());
610
	}
611
	
612
}
613

  
614
// Log the user in and go to Website Baker Administration
615
$thisApp = new Login(
616
							array(
617
									"MAX_ATTEMPS" => "50",
618
									"WARNING_URL" => ADMIN_URL."/login/warning.html",
619
									"USERNAME_FIELDNAME" => 'admin_username',
620
									"PASSWORD_FIELDNAME" => 'admin_password',
621
									"REMEMBER_ME_OPTION" => SMART_LOGIN,
622
									"MIN_USERNAME_LEN" => "2",
623
									"MIN_PASSWORD_LEN" => "2",
624
									"MAX_USERNAME_LEN" => "30",
625
									"MAX_PASSWORD_LEN" => "30",
626
									'LOGIN_URL' => ADMIN_URL."/login/index.php",
627
									'DEFAULT_URL' => ADMIN_URL."/start/index.php",
628
									'TEMPLATE_DIR' => ADMIN_PATH."/login",
629
									'TEMPLATE_FILE' => "template.html",
630
									'FRONTEND' => false,
631
									'FORGOTTEN_DETAILS_APP' => ADMIN_URL."/login/forgot/index.php",
632
									'USERS_TABLE' => TABLE_PREFIX."users",
633
									'GROUPS_TABLE' => TABLE_PREFIX."groups",
634
							)
635
					);
636
?>
1
<?php
2

  
3
// $Id$
4

  
5
/*
6

  
7
 Website Baker Project <http://www.websitebaker.org/>
8
 Copyright (C) 2004-2005, Ryan Djurovich
9

  
10
 Website Baker is free software; you can redistribute it and/or modify
11
 it under the terms of the GNU General Public License as published by
12
 the Free Software Foundation; either version 2 of the License, or
13
 (at your option) any later version.
14

  
15
 Website Baker is distributed in the hope that it will be useful,
16
 but WITHOUT ANY WARRANTY; without even the implied warranty of
17
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18
 GNU General Public License for more details.
19

  
20
 You should have received a copy of the GNU General Public License
21
 along with Website Baker; if not, write to the Free Software
22
 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
23

  
24
*/
25

  
26
// Start a session
27
if(!defined('SESSION_STARTED')) {
28
	session_name('wb_session_id');
29
	session_start();
30
	define('SESSION_STARTED', true);
31
}
32

  
33
// Function to set error
34
function set_error($message) {
35
	global $_POST;
36
	if(isset($message) AND $message != '') {
37
		// Copy values entered into session so user doesn't have to re-enter everything
38
		if(isset($_POST['website_title'])) {
39
			$_SESSION['wb_url'] = $_POST['wb_url'];
40
			$_SESSION['wb_path'] = $_POST['wb_path'];
41
			$_SESSION['default_timezone'] = $_POST['default_timezone'];
42
			if(!isset($_POST['operating_system'])) {
43
				$_SESSION['operating_system'] = 'linux';
44
			} else {
45
				$_SESSION['operating_system'] = $_POST['operating_system'];
46
			}
47
			if(!isset($_POST['world_writeable'])) {
48
				$_SESSION['world_writeable'] = false;
49
			} else {
50
				$_SESSION['world_writeable'] = true;
51
			}
52
			$_SESSION['database_host'] = $_POST['database_host'];
53
			$_SESSION['database_username'] = $_POST['database_username'];
54
			$_SESSION['database_password'] = $_POST['database_password'];
55
			$_SESSION['database_name'] = $_POST['database_name'];
56
			$_SESSION['table_prefix'] = $_POST['table_prefix'];
57
			if(!isset($_POST['install_tables'])) {
58
				$_SESSION['install_tables'] = false;
59
			} else {
60
				$_SESSION['install_tables'] = true;
61
			}
62
			$_SESSION['website_title'] = $_POST['website_title'];
63
			$_SESSION['admin_username'] = $_POST['admin_username'];
64
			$_SESSION['admin_email'] = $_POST['admin_email'];
65
			$_SESSION['admin_password'] = $_POST['admin_password'];
66
		}
67
		// Set the message
68
		$_SESSION['message'] = $message;
69
		// Specify that session support is enabled
70
		$_SESSION['session_support'] = '<font class="good">Enabled</font>';
71
		// Redirect to first page again and exit
72
		header('Location: index.php?sessions_checked=true');
73
		exit();
74
	}
75
}
76

  
77
// Function to workout what the default permissions are for files created by the webserver
78
function default_file_mode($temp_dir) {
79
	$v = explode(".",PHP_VERSION);
80
	$v = $v[0].$v[1];
81
	if($v > 41 AND is_writable($temp_dir)) {
82
		$filename = $temp_dir.'/test_permissions.txt';
83
		$handle = fopen($filename, 'w');
84
		fwrite($handle, 'This file is to get the default file permissions');
85
		fclose($handle);
86
		$default_file_mode = '0'.substr(sprintf('%o', fileperms($filename)), -3);
87
		unlink($filename);
88
	} else {
89
		$default_file_mode = '0777';
90
	}
91
	return $default_file_mode;
92
}
93

  
94
// Function to workout what the default permissions are for directories created by the webserver
95
function default_dir_mode($temp_dir) {
96
	$v = explode(".",PHP_VERSION);
97
	$v = $v[0].$v[1];
98
	if($v > 41 AND is_writable($temp_dir)) {
99
		$dirname = $temp_dir.'/test_permissions/';
100
		mkdir($dirname);
101
		$default_dir_mode = '0'.substr(sprintf('%o', fileperms($dirname)), -3);
102
		rmdir($dirname);
103
	} else {
104
		$default_dir_mode = '0777';
105
	}
106
	return $default_dir_mode;
107
}
108

  
109
function add_slashes($input) {
110
		if ( get_magic_quotes_gpc() || ( !is_string($input) ) ) {
111
			return $input;
112
		}
113
		$output = addslashes($input);
114
		return $output;
115
	}
116

  
117
// Begin check to see if form was even submitted
118
// Set error if no post vars found
119
if(!isset($_POST['website_title'])) {
120
	set_error('Please fill-in the form below');
121
}
122
// End check to see if form was even submitted
123

  
124
// Begin path and timezone details code
125

  
126
// Check if user has entered the installation url
127
if(!isset($_POST['wb_url']) OR $_POST['wb_url'] == '') {
128
	set_error('Please enter an absolute URL');
129
} else {
130
	$wb_url = $_POST['wb_url'];
131
}
132
// Remove any slashes at the end of the URL
133
if(substr($wb_url, strlen($wb_url)-1, 1) == "/") {
134
	$wb_url = substr($wb_url, 0, strlen($wb_url)-1);
135
}
136
if(substr($wb_url, strlen($wb_url)-1, 1) == "\\") {
137
	$wb_url = substr($wb_url, 0, strlen($wb_url)-1);
138
}
139
if(substr($wb_url, strlen($wb_url)-1, 1) == "/") {
140
	$wb_url = substr($wb_url, 0, strlen($wb_url)-1);
141
}
142
if(substr($wb_url, strlen($wb_url)-1, 1) == "\\") {
143
	$wb_url = substr($wb_url, 0, strlen($wb_url)-1);
144
}
145
// Get the default time zone
146
if(!isset($_POST['default_timezone']) OR !is_numeric($_POST['default_timezone'])) {
147
	set_error('Please select a valid default timezone');
148
} else {
149
	$default_timezone = $_POST['default_timezone']*60*60;
150
}
151
// End path and timezone details code
152

  
153
// Begin operating system specific code
154
// Get operating system
155
if(!isset($_POST['operating_system']) OR $_POST['operating_system'] != 'linux' AND $_POST['operating_system'] != 'windows') {
156
	set_error('Please select a valid operating system');
157
} else {
158
	$operating_system = $_POST['operating_system'];
159
}
160
// Work-out file permissions
161
if($operating_system == 'windows') {
162
	$file_mode = '0777';
163
	$dir_mode = '0777';
164
} elseif(isset($_POST['world_writeable']) AND $_POST['world_writeable'] == 'true') {
165
	$file_mode = '0777';
166
	$dir_mode = '0777';
167
} else {
168
	$file_mode = default_file_mode('../temp');
169
	$dir_mode = default_dir_mode('../temp');
170
}
171
// End operating system specific code
172

  
173
// Begin database details code
174
// Check if user has entered a database host
175
if(!isset($_POST['database_host']) OR $_POST['database_host'] == '') {
176
	set_error('Please enter a database host name');
177
} else {
178
	$database_host = $_POST['database_host'];
179
}
180
// Check if user has entered a database username
181
if(!isset($_POST['database_username']) OR $_POST['database_username'] == '') {
182
	set_error('Please enter a database username');
183
} else {
184
	$database_username = $_POST['database_username'];
185
}
186
// Check if user has entered a database password
187
if(!isset($_POST['database_password'])) {
188
	set_error('Please enter a database password');
189
} else {
190
	$database_password = $_POST['database_password'];
191
}
192
// Check if user has entered a database name
193
if(!isset($_POST['database_name']) OR $_POST['database_name'] == '') {
194
	set_error('Please enter a database name');
195
} else {
196
	$database_name = $_POST['database_name'];
197
}
198
// Get table prefix
199
$table_prefix = $_POST['table_prefix'];
200
// Find out if the user wants to install tables and data
201
if(isset($_POST['install_tables']) AND $_POST['install_tables'] == 'true') {
202
	$install_tables = true;
203
} else {
204
	$install_tables = false;
205
}
206
// End database details code
207

  
208
// Begin website title code
209
// Get website title
210
if(!isset($_POST['website_title']) OR $_POST['website_title'] == '') {
211
	set_error('Please enter a website title');
212
} else {
213
	$website_title = add_slashes($_POST['website_title']);
214
}
215
// End website title code
216

  
217
// Begin admin user details code
218
// Get admin username
219
if(!isset($_POST['admin_username']) OR $_POST['admin_username'] == '') {
220
	set_error('Please enter a username for the Administrator account');
221
} else {
222
	$admin_username = $_POST['admin_username'];
223
}
224
// Get admin email and validate it
225
if(!isset($_POST['admin_email']) OR $_POST['admin_email'] == '') {
226
	set_error('Please enter an email for the Administrator account');
227
} else {
228
	if(eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $_POST['admin_email'])) {
229
		$admin_email = $_POST['admin_email'];
230
	} else {
231
		set_error('Please enter a valid email address for the Administrator account');
232
	}
233
}
234
// Get the two admin passwords entered, and check that they match
235
if(!isset($_POST['admin_password']) OR $_POST['admin_password'] == '') {
236
	set_error('Please enter a password for the Administrator account');
237
} else {
238
	$admin_password = $_POST['admin_password'];
239
}
240
if(!isset($_POST['admin_repassword']) OR $_POST['admin_repassword'] == '') {
241
	set_error('Please make sure you re-enter the password for the Administrator account');
242
} else {
243
	$admin_repassword = $_POST['admin_repassword'];
244
}
245
if($admin_password != $admin_repassword) {
246
	set_error('Sorry, the two Administrator account passwords you entered do not match');
247
}
248
// End admin user details code
249

  
250
// Try and write settings to config file
251
$config_content = "" .
252
"<?php\n".
253
"\n".
254
"define('DB_TYPE', 'mysql');\n".
255
"define('DB_HOST', '$database_host');\n".
256
"define('DB_USERNAME', '$database_username');\n".
257
"define('DB_PASSWORD', '$database_password');\n".
258
"define('DB_NAME', '$database_name');\n".
259
"define('TABLE_PREFIX', '$table_prefix');\n".
260
"\n".
261
"define('WB_PATH', dirname(__FILE__));\n".
262
"define('WB_URL', '$wb_url');\n".
263
"define('ADMIN_PATH', WB_PATH.'/admin');\n".
264
"define('ADMIN_URL', '$wb_url/admin');\n".
265
"\n".
266
"require_once(WB_PATH.'/framework/initialize.php');\n".
... This diff was truncated because it exceeds the maximum size that can be displayed.

Also available in: Unified diff