WB 2.08.x

10 Mar-2013 Build 1884 Dietmar Woellbrink (Luisehahne)

! from security reasons the new installation has changed 

  from the old config.php into new setup.ini.php without 

  using global constants for critical values like username & password and so on.

if(!defined('REVISION')) define('REVISION', '1884');

				if(preg_match('/(save.php|index.php|config.php|upgrade-script.php)$/si', $aStep['file'])) {

		} else {

@charset "utf-8";

html { padding :0; margin :0; border :0; font-size :85%; font-family :Arial, Verdana, Helvetica, sans-serif; color :#202020; overflow :-moz-scrollbars-vertical; overflow-x :auto; }

table { font-size :1em; }

body { padding :0; border :0; margin :0; background :url('background.png') repeat-x 0px 0px; height :101%; background :#A8BCCB; }

div.body { width :790px; margin :1em auto; padding :20px 20px 5px 20px; border :solid 1px #305C8D; background :#FFFFFF; }

div.content { margin-top :20px; }

table { margin-top :15px; margin-bottom :5px; width :100%; border-style :solid; border-width :1px 2px 2px 1px; border-color :#A3BACA; background :#F8F8FF; }

	table > thead { background :#F2F1FF; }

		table > thead > tr { }

			table > thead > tr > th { color :#555758; font-size :1.15em; padding :1.2em 1em; }

			table > thead > tr > td { color :#555758; font-size :1.08em; padding :1.2em 1em; }

	table > tbody { display :block; }

		table > tbody > tr { border-bottom :1px solid #222222; /* #d2d1cc; */ padding :0.8em 0 0.2em 0; width :100%; }

			table > tbody > tr > th { font-size :1em; width :1%; padding-left :0.8em; padding-right :0.8em; vertical-align :top; text-align :right; white-space :nowrap; }

			table > tbody > tr > td { font-size :1em; width :19%; padding-left :0.8em; padding-right :0.8em; vertical-align :top; text-align :left; line-height :2em; }

td.step-row { line-height :3em; color :#666666; font-weight :bold; font-size :100%; }

td.name { width :180px; color :#666666; vertical-align :middle; font-weight :bold; font-size :90%; float :left; }

td.value { width :100%; vertical-align :middle; }

td.value input { width :100%; vertical-align :middle; }

h1.step-row { margin :0; display :inline; color :#6699FF; }

form { margin :0; }

input, select { padding :2px; border :solid 1px #A3BACA; }

input:focus, select:focus { background :#FDF8E8; }

input.submit { color :#305C8D; font-size :12px; font-weight :bold; text-transform :uppercase; letter-spacing :1px; padding :6px; margin :1em 0; cursor :pointer; border :outset 2px #008000; }

input.submit:hover { border-style :inset; }

input.submit.bad { border-color :#FF0000; background :#FDE8E8; }

input.submit.good { border-color :#008000; background :#DEFFDE; }

img { border :none; }

p { margin :11px 0 4px 0; }

h1 { color :#3A628F; font-size :1.3em; margin :10px 0 5px; border-top :medium none; }

a, a:link, a:visited, a:active { color :#003366; text-decoration :underline; }

a:focus { outline :none; }

a:hover { color :#336699; }

.warning, .error { color :#B70000; line-height :1.2em; margin-top :0.5em; padding :0.3em 0.5em; border :solid 1px; background :#FDE8E8; }

.warning { color :#CA6800; }

.bad { color :#B70000; }

.good { color :#118301; }

.warn { color :#CA6800; }

.hint { color :#464646; font-size :0.85em; }

.small { font-size :0.85em; }

.italic { font-style :italic; }

.center { text-align :center; }

.hide { display :none; }

ul { margin :0; padding :2px 0 2px 15px; }

li { list-style-type :square; margin :0; }

 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.

 * This program is free software: you can redistribute it and/or modify

 * it under the terms of the GNU General Public License as published by

 * the Free Software Foundation, either version 3 of the License, or

 * (at your option) any later version.

 * This program is distributed in the hope that it will be useful,

 * but WITHOUT ANY WARRANTY; without even the implied warranty of

 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 * GNU General Public License for more details.

 *

 * You should have received a copy of the GNU General Public License

 * along with this program.  If not, see <http://www.gnu.org/licenses/>.

/**

 * save.php

 * 

 * @category     Core

 * @package      Core_Environment

 * @subpackage   Installer

 * @author       Dietmar Wöllbrink <dietmar.woellbrink@websitebaker.org>

 * @copyright    Werner v.d.Decken <wkl@isteam.de>

 * @license      http://www.gnu.org/licenses/gpl.html   GPL License

 * @version      0.0.2

 * @revision     $Revision$

 * @link         $HeadURL$

 * @lastmodified $Date$

 * @since        File available since 2012-04-01

 * @description  xyz

 */

/**

 * Set constants for system/install values

 * @throws RuntimeException

 */

	function _SetInstallPathConstants() {

		if(!defined('DEBUG')){ define('DEBUG', false); } // normaly set in config file

		if(!defined('ADMIN_DIRECTORY')){ define('ADMIN_DIRECTORY', 'admin'); }

		if(!preg_match('/xx[a-z0-9_][a-z0-9_\-\.]+/i', 'xx'.ADMIN_DIRECTORY)) {

			throw new RuntimeException('Invalid admin-directory: ' . ADMIN_DIRECTORY);

		}

		if(!defined('WB_PATH')){ define('WB_PATH', dirname(dirname(__FILE__))); }

		if(!defined('ADMIN_URL')){ define('ADMIN_URL', WB_URL.'/'.ADMIN_DIRECTORY); }

		if(!defined('ADMIN_PATH')){ define('ADMIN_PATH', WB_PATH.'/'.ADMIN_DIRECTORY); }

		if(!defined('WB_REL')){

			$x1 = parse_url(WB_URL);

			define('WB_REL', (isset($x1['path']) ? $x1['path'] : ''));

		}

		define('ADMIN_REL', WB_REL.'/'.ADMIN_DIRECTORY);

		if(!defined('DOCUMENT_ROOT')) {

			define('DOCUMENT_ROOT', preg_replace('/'.preg_quote(WB_REL, '/').'$/', '', WB_PATH));

		}

		define('TMP_PATH', WB_PATH.'/temp');

	}

/**

 * Read DB settings from configuration file

 * @return string

 * @throws RuntimeException

 * 

 */

	function _readConfiguration($sRetvalType = 'url') {

		// check for valid file request. Becomes more stronger in next version

		$x = debug_backtrace();

		$bValidRequest = false;

		if(sizeof($x) != 0) {

			foreach($x as $aStep) {

				// define the scripts which can read the configuration

				if(preg_match('/(save.php|index.php|config.php|upgrade-script.php)$/si', $aStep['file'])) {

					$bValidRequest = true;

					break;

				}

			}

		}else {

			$bValidRequest = true;

		}

		if(!$bValidRequest) {

			throw new RuntimeException('illegal function request!'); 

		}

		$aRetval = array();

		$sSetupFile = dirname(dirname(__FILE__)).'/setup.ini.php';

		if(is_readable($sSetupFile)) {

			$aCfg = parse_ini_file($sSetupFile, true);

			foreach($aCfg['Constants'] as $key=>$value) {

				if($key == 'debug') { $value = filter_var($value, FILTER_VALIDATE_BOOLEAN); }

				if(!defined(strtoupper($key))) { define(strtoupper($key), $value); }

			}

			$db = $aCfg['DataBase'];

			$db['type'] = isset($db['type']) ? $db['type'] : 'mysql';

			$db['user'] = isset($db['user']) ? $db['user'] : 'foo';

			$db['pass'] = isset($db['pass']) ? $db['pass'] : 'bar';

			$db['host'] = isset($db['host']) ? $db['host'] : 'localhost';

			$db['port'] = isset($db['port']) ? $db['port'] : '3306';

			$db['port'] = ($db['port'] != '3306') ? $db['port'] : '';

			$db['name'] = isset($db['name']) ? $db['name'] : 'dummy';

			$db['charset'] = isset($db['charset']) ? $db['charset'] : 'utf8';

			$db['table_prefix'] = (isset($db['table_prefix']) ? $db['table_prefix'] : '');

			define('TABLE_PREFIX', $db['table_prefix']);

			if($sRetvalType == 'dsn') {

				$aRetval[0] = $db['type'].':dbname='.$db['name'].';host='.$db['host'].';'

				            . ($db['port'] != '' ? 'port='.(int)$db['port'].';' : '');

				$aRetval[1] = array('CHARSET' => $db['charset'], 'TABLE_PREFIX' => $db['table_prefix']);

				$aRetval[2] = array( 'user' => $db['user'], 'pass' => $db['pass']);

			}else { // $sRetvalType == 'url'

				$aRetval[0] = $db['type'].'://'.$db['user'].':'.$db['pass'].'@'

				            . $db['host'].($db['port'] != '' ? ':'.$db['port'] : '').'/'.$db['name'];

			}

			unset($db, $aCfg);

			return $aRetval;

		}

		throw new RuntimeException('unable to read setup.ini.php');

	}

$wb_url = rtrim($wb_url,'/\\');

if(!isset($_POST['database_password'])&& ($_POST['database_password']==='') ) {

$sConfigContent = 

 ";<?php die('sorry, illegal file access'); ?>#####\n"

.";################################################\n"

."; WebsiteBaker configuration file\n"

."; auto generated ".date('Y-m-d h:i:s A e ')."\n"

.";################################################\n"

."[Constants]\n"

."debug     = false\n"

."wb_url    = ".$wb_url."\n"

."admin_directory = admin\n"

.";##########\n"

."[DataBase]\n"

."type    = \"mysql\"\n"

."user    = \"".$database_username."\"\n"

."pass    = \"".$database_password."\"\n"

."host    = \"".$database_host."\"\n"

."port    = \"3306\"\n"

."name    = \"".$database_name."\"\n"

."charset = \"utf8\"\n"

."table_prefix = \"".$table_prefix."\"\n"

.";\n"

.";################################################\n";

$sConfigFile = realpath('../setup.ini.php');

$sConfigName = basename($sConfigFile);

if(file_exists($sConfigFile) && is_writable($sConfigFile)) {

	if(!$handle = fopen($sConfigFile, 'w')) {

		set_error("Cannot open the configuration file ($sConfigName)");

		if (fwrite($handle, $sConfigContent) === FALSE) {

			set_error("Cannot write to the configuration file ($sConfigName)");

	set_error("The configuration file $sConfigName is not writable. Change its permissions so it is, then re-run step 4.");

// load db configuration ---

$sDbConnectType = 'url'; // depending from class WbDatabase it can be 'url' or 'dsn'

$aSqlData = _readConfiguration($sDbConnectType);

_SetInstallPathConstants();

if(!file_exists(WB_PATH.'/framework/class.admin.php')) {

	set_error('It appears the Absolute path that you entered is incorrect');

}

$database = WbDatabase::getInstance();

try{

	if($sDbConnectType == 'dsn') {

		$bTmp = @$database->doConnect($aSqlData[0], $aSqlData[1]['user'], $aSqlData[1]['pass'], $aSqlData[2]);

	}else {

		$bTmp = @$database->doConnect($aSqlData[0], TABLE_PREFIX);

} catch (RuntimeException $e) {

	if(!file_put_contents($sConfigFile,"<?php\n")) {

		set_error("Cannot write to the configuration file ($sSetupFile)");

	}

	set_error($e->getMessage()); 

}

unset($aSqlData);

// write the config.php

$sConfigContent = "<?php\n"

    ."/* this file is for backward compatibility only */\n"

    ."include_once(dirname(__FILE__).'/framework/initialize.php');\n";

$sSetupFile = WB_PATH.'/config.php';

if(!file_put_contents($sSetupFile,$sConfigContent)) {

	set_error("Cannot write to the configuration file ($sSetupFile)");

}

$sSecMod = (defined('SECURE_FORM_MODULE') && SECURE_FORM_MODULE != '') ? '.'.SECURE_FORM_MODULE : '';

$sSecMod = WB_PATH.'/framework/SecureForm'.$sSecMod.'.php';

require_once($sSecMod);

require_once(WB_PATH.'/framework/class.admin.php');

 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.

 * This program is free software: you can redistribute it and/or modify

 * it under the terms of the GNU General Public License as published by

 * the Free Software Foundation, either version 3 of the License, or

 * (at your option) any later version.

 * This program is distributed in the hope that it will be useful,

 * but WITHOUT ANY WARRANTY; without even the implied warranty of

 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 * GNU General Public License for more details.

 *

 * You should have received a copy of the GNU General Public License

 * along with this program.  If not, see <http://www.gnu.org/licenses/>.

/**

 * index.php

 * 

 * @category     Core

 * @package      Core_Environment

 * @subpackage   Installer

 * @author       Dietmar Wöllbrink <dietmar.woellbrink@websitebaker.org>

 * @copyright    Werner v.d.Decken <wkl@isteam.de>

 * @license      http://www.gnu.org/licenses/gpl.html   GPL License

 * @version      0.0.2

 * @revision     $Revision$

 * @link         $HeadURL$

 * @lastmodified $Date$

 * @since        File available since 2012-04-01

 * @description  xyz

 */

$doc_root = str_replace('\\','/',rtrim(realpath($_SERVER['DOCUMENT_ROOT']),'/').'/');

$wb_path = str_replace('\\','/',rtrim(dirname(dirname(realpath( __FILE__))),'/')).'/';

$wb_root = str_replace(($doc_root),'',$wb_path);

//$sapi_type = php_sapi_name();

	$operating_system = ((strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') ? 'windows' : 'linux');

	$operating_system = $_SESSION['operating_system'];

function checkConfigFile ($sWbPath,$sType ) {

	$config = '';

	$sConfigContent	= "<?php\n";

	$sConfigFile = $sWbPath.$sType.'.php';

// config.php or config.php.new

		if( (file_exists($sConfigFile)==true))

		{

// next operation only if file is writeable

			if(is_writeable($sConfigFile))

			{

// already installed? it's not empty

				if ( filesize($sConfigFile) > 128)

				{

					$config = '<font class="bad">Already installed? Check!</font>';

// try to open and to write

				} elseif( !$handle = fopen($sConfigFile, 'w') )

				{

					$config = '<font class="bad">Not Writeable</font>';

				} else {

					if (fwrite($handle, $sConfigContent) === FALSE) {

						$config = '<font class="bad">Not Writeable</font>';

					} else {

						$config = '';

						$_SESSION[$sType.'_rename'] = true;

					}

					// Close file

					fclose($handle);

					}

			} else {

				$config = '<font class="bad">Not Writeable</font>';

			}

// it's config.php.new

		} elseif((file_exists($sConfigFile.'.new')==true))

		{

			$config = '<font class="bad">Please rename to '.$sType.'.php</font>';

		} else {

			$config = '<font class="bad">Missing!!?</font>';

		}

	return $config;

}

		<td style="color: #666666;">PHP Interface</td>

			<td colspan="2">

				<?php

						?><font class="good">

						<?php echo $sapi ?>

						</font>

			</td>

		</tr>

<tr>

	<td style="line-height: 0.4em;" colspan="4">&nbsp;</td>

</tr>

	$sTmp = '';

	$config = '';

	$sConfigFile = 'config.php.new';

	if( ($sTmp = checkConfigFile($wb_path,'config')) === '' ) {

		$config = '<font class="good">Writeable</font>';

	} else {

		$config = $sTmp;

	$sConfigFile = preg_match('/(?:rename)/i',$config) ? $sConfigFile : 'setup.ini.php';

	$installFlag = $installFlag && ($sTmp == '');

			<td colspan="2" style="color: #666666;"><?php print $wb_root.$sConfigFile ?></td>

<?php

	$sTmp = '';

	$config = '';

	$sSetupIniFile = 'setup.ini.php.new';

	if( ($sTmp = checkConfigFile($wb_path,'setup.ini')) === '' ) {

		$config = '<font class="good">Writeable</font>';

	} else {

		$config = $sTmp;

	}

	$sSetupIniFile = preg_match('/(?:rename)/i',$config) ? $sSetupIniFile : 'setup.ini.php';

	$installFlag = $installFlag && ($sTmp == '');

?>

			<td colspan="2" style="color: #666666;"><?php print $wb_root.$sSetupIniFile ?></td>

			<td colspan="2"><?php echo $config ?></td>

		</tr>

		<tr>

			<td colspan="2" style="color: #666666;"><?php print $wb_root ?>pages/</td>

			<td colspan="2" style="color: #666666;"><?php print $wb_root ?>media/</td>

			<td colspan="2" style="color: #666666;"><?php print $wb_root ?>templates/</td>

			<td colspan="2" style="color: #666666;"><?php print $wb_root ?>modules/</td>

			<td colspan="2" style="color: #666666;"><?php print $wb_root ?>languages/</td>

			<td colspan="2" style="color: #666666;"><?php print $wb_root ?>temp/</td>

		<tr>

			<td style="line-height: 0.4em;" colspan="4">&nbsp;</td>

		</tr>

		<tr>

			<td style="line-height: 0.4em;" colspan="2">&nbsp;</td>

		</tr>

		<tr>

			<td style="line-height: 0.4em;" colspan="2">&nbsp;</td>

		</tr>

		<tr>

			<td style="line-height: 0.4em;" colspan="2">&nbsp;</td>

		</tr>

		<tr>

			<td style="line-height: 0.4em;" colspan="2">&nbsp;</td>

		</tr>

		<tr>

			<td style="line-height: 0.4em;" colspan="2">&nbsp;</td>

		</tr>