Project

General

Profile

1 1470 Luisehahne
<?php
2
/**
3 1884 Luisehahne
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
4 1470 Luisehahne
 *
5 1884 Luisehahne
 * This program is free software: you can redistribute it and/or modify
6
 * it under the terms of the GNU General Public License as published by
7
 * the Free Software Foundation, either version 3 of the License, or
8
 * (at your option) any later version.
9 1470 Luisehahne
 *
10 1884 Luisehahne
 * This program is distributed in the hope that it will be useful,
11
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
13
 * GNU General Public License for more details.
14
 *
15
 * You should have received a copy of the GNU General Public License
16
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
17 1470 Luisehahne
 */
18
19 1884 Luisehahne
/**
20
 * save.php
21
 *
22
 * @category     Core
23
 * @package      Core_Environment
24
 * @subpackage   Installer
25
 * @author       Dietmar Wöllbrink <dietmar.woellbrink@websitebaker.org>
26
 * @copyright    Werner v.d.Decken <wkl@isteam.de>
27
 * @license      http://www.gnu.org/licenses/gpl.html   GPL License
28
 * @version      0.0.2
29
 * @revision     $Revision$
30
 * @link         $HeadURL$
31
 * @lastmodified $Date$
32
 * @since        File available since 2012-04-01
33
 * @description  xyz
34
 */
35
36 1470 Luisehahne
$debug = true;
37 1931 darkviper
if(!defined('DEBUG')) { define('DEBUG', true); }
38 1470 Luisehahne
39 2075 darkviper
include(dirname(__DIR__).'/framework/globalExceptionHandler.php');
40
include(dirname(__DIR__).'/framework/WbAutoloader.php');
41
WbAutoloader::doRegister(array('admin'=>'a', 'modules'=>'m', 'templates'=>'t', 'include'=>'i'));
42
// register PHPMailer autoloader ---
43
if (!function_exists('PHPMailerAutoload')) {
44
    require(dirname(__DIR__).'/include/phpmailer/PHPMailerAutoload.php');
45
}
46 1870 Luisehahne
47 1896 Luisehahne
function errorLogs($error_str)
48
{
49
	$log_error = true;
50
	if ( ! function_exists('error_log') ) { $log_error = false; }
51
	$log_file = @ini_get('error_log');
52
	if ( !empty($log_file) && ('syslog' != $log_file) && !@is_writable($log_file) ) {
53
		$log_error = false;
54
	}
55
	if ( $log_error ) {@error_log($error_str, 0);}
56
}
57 1884 Luisehahne
58
/**
59
 * Read DB settings from configuration file
60
 * @return string
61
 * @throws RuntimeException
62
 *
63
 */
64
	function _readConfiguration($sRetvalType = 'url') {
65
		// check for valid file request. Becomes more stronger in next version
66
		$x = debug_backtrace();
67
		$bValidRequest = false;
68
		if(sizeof($x) != 0) {
69
			foreach($x as $aStep) {
70
				// define the scripts which can read the configuration
71
				if(preg_match('/(save.php|index.php|config.php|upgrade-script.php)$/si', $aStep['file'])) {
72
					$bValidRequest = true;
73
					break;
74
				}
75
			}
76
		}else {
77
			$bValidRequest = true;
78
		}
79
		if(!$bValidRequest) {
80
			throw new RuntimeException('illegal function request!');
81
		}
82
		$aRetval = array();
83
		$sSetupFile = dirname(dirname(__FILE__)).'/setup.ini.php';
84
		if(is_readable($sSetupFile)) {
85
			$aCfg = parse_ini_file($sSetupFile, true);
86
			foreach($aCfg['Constants'] as $key=>$value) {
87 1885 Luisehahne
				switch($key):
88
					case 'DEBUG':
89
						$value = filter_var($value, FILTER_VALIDATE_BOOLEAN);
90
						break;
91
					case 'WB_URL':
92
					case 'AppUrl':
93
						$value = trim(str_replace('\\', '/', $value), '/');
94
						if(!defined('WB_URL')) { define('WB_URL', $value); }
95
						break;
96
					case 'ADMIN_DIRECTORY':
97
					case 'AcpDir':
98
						$value = trim(str_replace('\\', '/', $value), '/');
99
						if(!defined('ADMIN_DIRECTORY')) { define('ADMIN_DIRECTORY', $value); }
100
						break;
101
					default:
102
						if(!defined($key)) { define($key, $value); }
103
						break;
104
				endswitch;
105 1884 Luisehahne
			}
106
			$db = $aCfg['DataBase'];
107
			$db['type'] = isset($db['type']) ? $db['type'] : 'mysql';
108
			$db['user'] = isset($db['user']) ? $db['user'] : 'foo';
109
			$db['pass'] = isset($db['pass']) ? $db['pass'] : 'bar';
110
			$db['host'] = isset($db['host']) ? $db['host'] : 'localhost';
111
			$db['port'] = isset($db['port']) ? $db['port'] : '3306';
112
			$db['port'] = ($db['port'] != '3306') ? $db['port'] : '';
113
			$db['name'] = isset($db['name']) ? $db['name'] : 'dummy';
114
			$db['charset'] = isset($db['charset']) ? $db['charset'] : 'utf8';
115
			$db['table_prefix'] = (isset($db['table_prefix']) ? $db['table_prefix'] : '');
116 1887 Luisehahne
			if(!defined('TABLE_PREFIX')) {define('TABLE_PREFIX', $db['table_prefix']);}
117 1884 Luisehahne
			if($sRetvalType == 'dsn') {
118
				$aRetval[0] = $db['type'].':dbname='.$db['name'].';host='.$db['host'].';'
119
				            . ($db['port'] != '' ? 'port='.(int)$db['port'].';' : '');
120
				$aRetval[1] = array('CHARSET' => $db['charset'], 'TABLE_PREFIX' => $db['table_prefix']);
121
				$aRetval[2] = array( 'user' => $db['user'], 'pass' => $db['pass']);
122
			}else { // $sRetvalType == 'url'
123
				$aRetval[0] = $db['type'].'://'.$db['user'].':'.$db['pass'].'@'
124 1885 Luisehahne
				            . $db['host'].($db['port'] != '' ? ':'.$db['port'] : '').'/'.$db['name']
125
				            . '?Charset='.$db['charset'].'&TablePrefix='.$db['table_prefix'];
126 1884 Luisehahne
			}
127
			unset($db, $aCfg);
128
			return $aRetval;
129
		}
130
		throw new RuntimeException('unable to read setup.ini.php');
131
	}
132
133 1470 Luisehahne
if (true === $debug) {
134
	ini_set('display_errors', 1);
135
	error_reporting(E_ALL);
136
}
137
// Start a session
138
if(!defined('SESSION_STARTED')) {
139
	session_name('wb_session_id');
140
	session_start();
141
	define('SESSION_STARTED', true);
142
}
143
// get random-part for session_name()
144
list($usec,$sec) = explode(' ',microtime());
145
srand((float)$sec+((float)$usec*100000));
146
$session_rand = rand(1000,9999);
147
148
// Function to set error
149
function set_error($message, $field_name = '') {
150
	global $_POST;
151
	if(isset($message) AND $message != '') {
152
		// Copy values entered into session so user doesn't have to re-enter everything
153
		if(isset($_POST['website_title'])) {
154 1737 Luisehahne
			$_SESSION['website_title'] = $_POST['website_title'];
155 1470 Luisehahne
			$_SESSION['default_timezone'] = $_POST['default_timezone'];
156
			$_SESSION['default_language'] = $_POST['default_language'];
157
			if(!isset($_POST['operating_system'])) {
158
				$_SESSION['operating_system'] = 'linux';
159
			} else {
160
				$_SESSION['operating_system'] = $_POST['operating_system'];
161
			}
162
			if(!isset($_POST['world_writeable'])) {
163
				$_SESSION['world_writeable'] = false;
164
			} else {
165
				$_SESSION['world_writeable'] = true;
166
			}
167
			$_SESSION['database_host'] = $_POST['database_host'];
168
			$_SESSION['database_username'] = $_POST['database_username'];
169 1737 Luisehahne
			$_SESSION['database_password'] = '';
170 1470 Luisehahne
			$_SESSION['database_name'] = $_POST['database_name'];
171
			$_SESSION['table_prefix'] = $_POST['table_prefix'];
172
			if(!isset($_POST['install_tables'])) {
173 1737 Luisehahne
				$_SESSION['install_tables'] = true;
174 1470 Luisehahne
			} else {
175
				$_SESSION['install_tables'] = true;
176
			}
177
			$_SESSION['website_title'] = $_POST['website_title'];
178
			$_SESSION['admin_username'] = $_POST['admin_username'];
179
			$_SESSION['admin_email'] = $_POST['admin_email'];
180 1737 Luisehahne
			$_SESSION['admin_password'] = '';
181
			$_SESSION['admin_repassword'] = '';
182 1470 Luisehahne
		}
183
		// Set the message
184
		$_SESSION['message'] = $message;
185
		// Set the element(s) to highlight
186
		if($field_name != '') {
187
			$_SESSION['ERROR_FIELD'] = $field_name;
188
		}
189
		// Specify that session support is enabled
190
		$_SESSION['session_support'] = '<font class="good">Enabled</font>';
191
		// Redirect to first page again and exit
192
		header('Location: index.php?sessions_checked=true');
193
		exit();
194
	}
195
}
196 1529 Luisehahne
/* */
197 1470 Luisehahne
198
// Function to workout what the default permissions are for files created by the webserver
199
function default_file_mode($temp_dir) {
200
	$v = explode(".",PHP_VERSION);
201
	$v = $v[0].$v[1];
202
	if($v > 41 AND is_writable($temp_dir)) {
203
		$filename = $temp_dir.'/test_permissions.txt';
204
		$handle = fopen($filename, 'w');
205
		fwrite($handle, 'This file is to get the default file permissions');
206
		fclose($handle);
207
		$default_file_mode = '0'.substr(sprintf('%o', fileperms($filename)), -3);
208
		unlink($filename);
209
	} else {
210 1870 Luisehahne
		$default_file_mode = '0666';
211 1470 Luisehahne
	}
212
	return $default_file_mode;
213
}
214
215
// Function to workout what the default permissions are for directories created by the webserver
216
function default_dir_mode($temp_dir) {
217
	$v = explode(".",PHP_VERSION);
218
	$v = $v[0].$v[1];
219
	if($v > 41 AND is_writable($temp_dir)) {
220
		$dirname = $temp_dir.'/test_permissions/';
221
		mkdir($dirname);
222
		$default_dir_mode = '0'.substr(sprintf('%o', fileperms($dirname)), -3);
223
		rmdir($dirname);
224
	} else {
225
		$default_dir_mode = '0777';
226
	}
227
	return $default_dir_mode;
228
}
229
230
function add_slashes($input) {
231
	if ( get_magic_quotes_gpc() || ( !is_string($input) ) ) {
232
		return $input;
233
	}
234
	$output = addslashes($input);
235
	return $output;
236
}
237
238
// Begin check to see if form was even submitted
239
// Set error if no post vars found
240
if(!isset($_POST['website_title'])) {
241 1725 Luisehahne
	set_error('Please fill-in the wesite title below');
242 1470 Luisehahne
}
243
// End check to see if form was even submitted
244
245
// Begin path and timezone details code
246
247
// Check if user has entered the installation url
248
if(!isset($_POST['wb_url']) OR $_POST['wb_url'] == '') {
249
	set_error('Please enter an absolute URL', 'wb_url');
250
} else {
251
	$wb_url = $_POST['wb_url'];
252
}
253
// Remove any slashes at the end of the URL
254 1885 Luisehahne
$wb_url = trim(str_replace('\\', '/', $wb_url), '/').'/';
255 1470 Luisehahne
// Get the default time zone
256
if(!isset($_POST['default_timezone']) OR !is_numeric($_POST['default_timezone'])) {
257
	set_error('Please select a valid default timezone', 'default_timezone');
258
} else {
259
	$default_timezone = $_POST['default_timezone']*60*60;
260
}
261
// End path and timezone details code
262
263
// Get the default language
264
$allowed_languages = array('BG','CA', 'CS', 'DA', 'DE', 'EN', 'ES', 'ET', 'FI', 'FR', 'HR', 'HU', 'IT', 'LV', 'NL', 'NO', 'PL', 'PT', 'RU','SE','SK','TR');
265
if(!isset($_POST['default_language']) OR !in_array($_POST['default_language'], $allowed_languages)) {
266
	set_error('Please select a valid default backend language','default_language');
267
} else {
268
	$default_language = $_POST['default_language'];
269
	// make sure the selected language file exists in the language folder
270
	if(!file_exists('../languages/' .$default_language .'.php')) {
271
		set_error('The language file: \'' .$default_language .'.php\' is missing. Upload file to language folder or choose another language','default_language');
272
	}
273
}
274
// End default language details code
275
276
// Begin operating system specific code
277
// Get operating system
278
if(!isset($_POST['operating_system']) OR $_POST['operating_system'] != 'linux' AND $_POST['operating_system'] != 'windows') {
279
	set_error('Please select a valid operating system');
280
} else {
281
	$operating_system = $_POST['operating_system'];
282
}
283
// Work-out file permissions
284
if($operating_system == 'windows') {
285
	$file_mode = '0777';
286 2016 darkviper
	$dir_mode = '0666';
287 1470 Luisehahne
} elseif(isset($_POST['world_writeable']) AND $_POST['world_writeable'] == 'true') {
288 2016 darkviper
	$file_mode = '0666';
289 1470 Luisehahne
	$dir_mode = '0777';
290
} else {
291
	$file_mode = default_file_mode('../temp');
292
	$dir_mode = default_dir_mode('../temp');
293
}
294
// End operating system specific code
295
296
// Begin database details code
297
// Check if user has entered a database host
298
if(!isset($_POST['database_host']) OR $_POST['database_host'] == '') {
299
	set_error('Please enter a database host name', 'database_host');
300
} else {
301
	$database_host = $_POST['database_host'];
302 1770 Luisehahne
 }
303 1470 Luisehahne
// Check if user has entered a database name
304
if(!isset($_POST['database_name']) OR $_POST['database_name'] == '') {
305
	set_error('Please enter a database name', 'database_name');
306
} else {
307
	// make sure only allowed characters are specified
308 1770 Luisehahne
	if(!preg_match('/^[a-z0-9_-]*$/i', $_POST['database_name'])) {
309 1470 Luisehahne
		// contains invalid characters (only a-z, A-Z, 0-9 and _ allowed to avoid problems with table/field names)
310
		set_error('Only characters a-z, A-Z, 0-9, - and _ allowed in database name.', 'database_name');
311
	}
312
	$database_name = $_POST['database_name'];
313
}
314
// Get table prefix
315 1770 Luisehahne
if(!preg_match('/^[a-z0-9_]*$/i', $_POST['table_prefix'])) {
316 1470 Luisehahne
	// contains invalid characters (only a-z, A-Z, 0-9 and _ allowed to avoid problems with table/field names)
317
	set_error('Only characters a-z, A-Z, 0-9 and _ allowed in table_prefix.', 'table_prefix');
318
} else {
319
	$table_prefix = $_POST['table_prefix'];
320
}
321
322 1770 Luisehahne
// Check if user has entered a database username
323
if(!isset($_POST['database_username']) OR $_POST['database_username'] == '') {
324
	set_error('Please enter a database username','database_username');
325
} else {
326
	$database_username = $_POST['database_username'];
327
}
328
// Check if user has entered a database password
329 1884 Luisehahne
if(!isset($_POST['database_password'])&& ($_POST['database_password']==='') ) {
330 1770 Luisehahne
	set_error('Please enter a database password', 'database_password');
331
} else {
332
	$database_password = $_POST['database_password'];
333
}
334
335 1470 Luisehahne
// Find out if the user wants to install tables and data
336 1695 Luisehahne
$install_tables = ((isset($_POST['install_tables']) AND $_POST['install_tables'] == 'true'));
337 1470 Luisehahne
// End database details code
338
339
// Begin website title code
340
// Get website title
341
if(!isset($_POST['website_title']) OR $_POST['website_title'] == '') {
342
	set_error('Please enter a website title', 'website_title');
343
} else {
344
	$website_title = add_slashes($_POST['website_title']);
345
}
346
// End website title code
347
348
// Begin admin user details code
349
// Get admin username
350
if(!isset($_POST['admin_username']) OR $_POST['admin_username'] == '') {
351
	set_error('Please enter a username for the Administrator account','admin_username');
352
} else {
353
	$admin_username = $_POST['admin_username'];
354
}
355
// Get admin email and validate it
356
if(!isset($_POST['admin_email']) OR $_POST['admin_email'] == '') {
357
	set_error('Please enter an email for the Administrator account','admin_email');
358
} else {
359
	if(preg_match('/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})$/i', $_POST['admin_email'])) {
360
		$admin_email = $_POST['admin_email'];
361
	} else {
362
		set_error('Please enter a valid email address for the Administrator account','admin_email');
363
	}
364
}
365
// Get the two admin passwords entered, and check that they match
366
if(!isset($_POST['admin_password']) OR $_POST['admin_password'] == '') {
367
	set_error('Please enter a password for the Administrator account','admin_password');
368
} else {
369
	$admin_password = $_POST['admin_password'];
370
}
371
if(!isset($_POST['admin_repassword']) OR $_POST['admin_repassword'] == '') {
372
	set_error('Please make sure you re-enter the password for the Administrator account','admin_repassword');
373
} else {
374
	$admin_repassword = $_POST['admin_repassword'];
375
}
376
if($admin_password != $admin_repassword) {
377
	set_error('Sorry, the two Administrator account passwords you entered do not match','admin_repassword');
378
}
379
// End admin user details code
380
381
// Try and write settings to config file
382 1884 Luisehahne
$sConfigContent =
383
 ";<?php die('sorry, illegal file access'); ?>#####\n"
384
.";################################################\n"
385
."; WebsiteBaker configuration file\n"
386
."; auto generated ".date('Y-m-d h:i:s A e ')."\n"
387
.";################################################\n"
388
."[Constants]\n"
389 1885 Luisehahne
."DEBUG   = false\n"
390 2016 darkviper
."AppUrl  = \"".$wb_url."\"\n"
391
."AcpDir  = \"admin/\"\n"
392 1884 Luisehahne
.";##########\n"
393
."[DataBase]\n"
394
."type    = \"mysql\"\n"
395
."user    = \"".$database_username."\"\n"
396
."pass    = \"".$database_password."\"\n"
397
."host    = \"".$database_host."\"\n"
398
."port    = \"3306\"\n"
399
."name    = \"".$database_name."\"\n"
400
."charset = \"utf8\"\n"
401
."table_prefix = \"".$table_prefix."\"\n"
402
.";\n"
403
.";################################################\n";
404
$sConfigFile = realpath('../setup.ini.php');
405
$sConfigName = basename($sConfigFile);
406 1470 Luisehahne
// Check if the file exists and is writable first.
407 1884 Luisehahne
if(file_exists($sConfigFile) && is_writable($sConfigFile)) {
408
	if(!$handle = fopen($sConfigFile, 'w')) {
409
		set_error("Cannot open the configuration file ($sConfigName)");
410 1470 Luisehahne
	} else {
411 1884 Luisehahne
		if (fwrite($handle, $sConfigContent) === FALSE) {
412
			set_error("Cannot write to the configuration file ($sConfigName)");
413 1470 Luisehahne
		}
414
		// Close file
415
		fclose($handle);
416
	}
417
} else {
418 1884 Luisehahne
	set_error("The configuration file $sConfigName is not writable. Change its permissions so it is, then re-run step 4.");
419 1470 Luisehahne
}
420
421 1887 Luisehahne
//_SetInstallPathConstants();
422 1896 Luisehahne
if(!defined('WB_INSTALL_PROCESS')){ define('WB_INSTALL_PROCESS', true ); }
423
if(!defined('WB_URL')){ define('WB_URL', trim( $wb_url,'/' )); }
424 1887 Luisehahne
if(!defined('WB_PATH')){ define('WB_PATH', dirname(dirname(__FILE__))); }
425
if(!defined('ADMIN_URL')){ define('ADMIN_URL', WB_URL.'/admin'); }
426
if(!defined('ADMIN_PATH')){ define('ADMIN_PATH', WB_PATH.'/admin'); }
427 1896 Luisehahne
// load db configuration ---
428
$sDbConnectType = 'url'; // depending from class WbDatabase it can be 'url' or 'dsn'
429
$aSqlData = _readConfiguration($sDbConnectType);
430 1884 Luisehahne
431
if(!file_exists(WB_PATH.'/framework/class.admin.php')) {
432
	set_error('It appears the Absolute path that you entered is incorrect');
433
}
434
435
$database = WbDatabase::getInstance();
436
try{
437
	if($sDbConnectType == 'dsn') {
438
		$bTmp = @$database->doConnect($aSqlData[0], $aSqlData[1]['user'], $aSqlData[1]['pass'], $aSqlData[2]);
439
	}else {
440
		$bTmp = @$database->doConnect($aSqlData[0], TABLE_PREFIX);
441 1870 Luisehahne
	}
442 1885 Luisehahne
} catch (WbDatabaseException $e) {
443 1884 Luisehahne
	if(!file_put_contents($sConfigFile,"<?php\n")) {
444
		set_error("Cannot write to the configuration file ($sSetupFile)");
445
	}
446
	set_error($e->getMessage());
447
}
448 1470 Luisehahne
449 1884 Luisehahne
unset($aSqlData);
450
// write the config.php
451
$sConfigContent = "<?php\n"
452
    ."/* this file is for backward compatibility only */\n"
453 1934 darkviper
    ."/* never put any code in this file! */\n"
454 1884 Luisehahne
    ."include_once(dirname(__FILE__).'/framework/initialize.php');\n";
455
$sSetupFile = WB_PATH.'/config.php';
456
if(!file_put_contents($sSetupFile,$sConfigContent)) {
457
	set_error("Cannot write to the configuration file ($sSetupFile)");
458
}
459
$sSecMod = (defined('SECURE_FORM_MODULE') && SECURE_FORM_MODULE != '') ? '.'.SECURE_FORM_MODULE : '';
460
$sSecMod = WB_PATH.'/framework/SecureForm'.$sSecMod.'.php';
461
require_once($sSecMod);
462
require_once(WB_PATH.'/framework/class.admin.php');
463 1470 Luisehahne
464 1529 Luisehahne
// Dummy class to allow modules' install scripts to call $admin->print_error
465 1686 darkviper
	class admin_dummy extends admin
466 1529 Luisehahne
	{
467 1686 darkviper
		var $error='';
468
		function print_error($message, $link = 'index.php', $auto_footer = true)
469
		{
470
			$this->error=$message;
471
		}
472 1529 Luisehahne
	}
473 1470 Luisehahne
474 1822 Luisehahne
//  core tables only structure
475 1870 Luisehahne
	$sSqlFileName = dirname(__FILE__).'/sql/websitebaker.sql';
476
	if(!$database->SqlImport($sSqlFileName,TABLE_PREFIX, false)) { set_error($database->get_error()); }
477 1684 Luisehahne
478 1470 Luisehahne
	require(ADMIN_PATH.'/interface/version.php');
479 1684 Luisehahne
480 1930 darkviper
	$sql = 'INSERT INTO `'.TABLE_PREFIX.'settings` (`name`, `value`) VALUES '
481
	     . '(\'wb_version\', \''.VERSION.'\'), '
482
	     . '(\'website_title\', \''.$website_title.'\'), '
483
	     . '(\'website_description\', \'\'), '
484
	     . '(\'website_keywords\', \'\'), '
485
	     . '(\'website_header\', \'\'), '
486
	     . '(\'website_footer\', \'\'), '
487
	     . '(\'wysiwyg_style\', \'font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px;\'), '
488
	     . '(\'er_level\', \'0\'), '
489
	     . '(\'default_language\', \''.$default_language.'\'), '
490
	     . '(\'app_name\', \'wb_'.$session_rand.'\'), '
491
	     . '(\'sec_anchor\', \'Sec\'), '
492 1963 darkviper
	     . '(\'server_timezone\', \'UTC\'), '
493 1930 darkviper
	     . '(\'default_timezone\', \''.$default_timezone.'\'), '
494
	     . '(\'default_date_format\', \'Y-m-d\'), '
495
	     . '(\'default_time_format\', \'h:i A\'), '
496
	     . '(\'redirect_timer\', \'1500\'), '
497 2030 Luisehahne
	     . '(\'home_folders\', \'false\'), '
498 1930 darkviper
	     . '(\'warn_page_leave\', \'1\'), '
499
	     . '(\'default_template\', \'round\'), '
500 2090 darkviper
	     . '(\'default_theme\', \'WbTheme\'), '
501 1930 darkviper
	     . '(\'default_charset\', \'utf-8\'), '
502
	     . '(\'multiple_menus\', \'true\'), '
503
	     . '(\'page_level_limit\', \'6\'), '
504
	     . '(\'intro_page\', \'false\'), '
505
	     . '(\'page_trash\', \'inline\'), '
506
	     . '(\'homepage_redirection\', \'false\'), '
507 2030 Luisehahne
	     . '(\'page_languages\', \'false\'), '
508 1930 darkviper
	     . '(\'wysiwyg_editor\', \'fckeditor\'), '
509
	     . '(\'manage_sections\', \'true\'), '
510
	     . '(\'section_blocks\', \'false\'), '
511
	     . '(\'smart_login\', \'false\'), '
512
	     . '(\'frontend_login\', \'false\'), '
513
	     . '(\'frontend_signup\', \'false\'), '
514
	     . '(\'search\', \'public\'), '
515
	     . '(\'page_extension\', \'.php\'), '
516
	     . '(\'page_spacer\', \'-\'), '
517
	     . '(\'pages_directory\', \'/pages\'), '
518
	     . '(\'rename_files_on_upload\', \'ph.*?,cgi,pl,pm,exe,com,bat,pif,cmd,src,asp,aspx,js,txt\'), '
519
	     . '(\'media_directory\', \'/media\'), '
520
	     . '(\'operating_system\', \''.$operating_system.'\'), '
521
	     . '(\'string_file_mode\', \''.$file_mode.'\'), '
522
	     . '(\'string_dir_mode\', \''.$dir_mode.'\'), '
523
	     . '(\'wbmailer_routine\', \'phpmail\'), '
524
	     . '(\'server_email\', \''.$admin_email.'\'), '
525
	     . '(\'wbmailer_default_sendername\', \'WebsiteBaker Mailer\'), '
526
	     . '(\'wbmailer_smtp_host\', \'\'), '
527
	     . '(\'wbmailer_smtp_auth\', \'\'), '
528
	     . '(\'wbmailer_smtp_username\', \'\'), '
529
	     . '(\'wbmailer_smtp_password\', \'\'), '
530
	     . '(\'fingerprint_with_ip_octets\', \'2\'), '
531
	     . '(\'secure_form_module\', \'\'), '
532
	     . '(\'mediasettings\', \'\'), '
533
	     . '(\'wb_revision\', \''.REVISION.'\'), '
534
 	     . '(\'wb_sp\', \''.SP.'\'), '
535
	     . '(\'page_icon_dir\', \'/templates/*/title_images\'), '
536
	     . '(\'dev_infos\', \'false\'), '
537
	     . '(\'groups_updated\', \''.time().'\'), '
538
	     . '(\'wbmail_signature\', \'\'), '
539
	     . '(\'confirmed_registration\', \'1\'), '
540
	     . '(\'page_extendet\', \'true\'), '
541
	     . '(\'system_locked\', \'0\'), '
542
	     . '(\'password_crypt_loops\', \'12\'), '
543
	     . '(\'password_hash_type\', \'false\'), '
544
	     . '(\'password_length\', \'10\'), '
545
		 . '(\'password_use_types\', \''.(int)0xFFFF.'\') '
546
	     . '';
547 1931 darkviper
	if(!$database->query($sql)) { set_error($database->get_error()); }
548 1684 Luisehahne
549 1822 Luisehahne
	// Admin group
550 1930 darkviper
	$full_system_permissions  = 'access,addons,admintools,admintools_view,groups,groups_add,groups_delete,'
551
	                          . 'groups_modify,groups_view,languages,languages_install,languages_uninstall,'
552
	                          . 'languages_view,media,media_create,media_delete,media_rename,media_upload,'
553
	                          . 'media_view,modules,modules_advanced,modules_install,modules_uninstall,'
554
	                          . 'modules_view,pages,pages_add,pages_add_l0,pages_delete,pages_intro,'
555
	                          . 'pages_modify,pages_settings,pages_view,preferences,preferences_view,'
556
	                          . 'settings,settings_advanced,settings_basic,settings_view,templates,'
557
	                          . 'templates_install,templates_uninstall,templates_view,users,users_add,'
558
	                          . 'users_delete,users_modify,users_view';
559
	$sql = 'INSERT INTO `'.TABLE_PREFIX.'groups` '
560
	     . 'SET `group_id` =1,'
561
	     .     '`name`=\'Administrators\','
562
		 .     '`system_permissions`=\''.$full_system_permissions.'\','
563
		 .     '`module_permissions`=\'\','
564
		 .     '`template_permissions`=\'\'';
565
	if(!$database->query($sql)) { set_error($database->get_error()); }
566 1822 Luisehahne
567 1821 Luisehahne
// Admin user
568 1870 Luisehahne
	$insert_admin_user = "INSERT INTO `".TABLE_PREFIX."users` VALUES (1, 1, '1', 1, '$admin_username', '".md5($admin_password)."', '', 0, '', 0, 'Administrator', '$admin_email', $default_timezone, '', '', '$default_language', '', 0, '');";
569 1821 Luisehahne
	if(!$database->query($insert_admin_user)) { set_error($database->get_error()); }
570 1684 Luisehahne
571 1822 Luisehahne
// Search layout default data
572 1870 Luisehahne
	$sSqlFileName = dirname(__FILE__).'/sql/wb_search_data.sql';
573
	if(!$database->SqlImport($sSqlFileName,TABLE_PREFIX, false)) { set_error($database->get_error()); }
574 1684 Luisehahne
575 1870 Luisehahne
	require_once(WB_PATH.'/framework/initialize.php');
576 1887 Luisehahne
//
577 1821 Luisehahne
// Include WB functions file
578
	require_once(WB_PATH.'/framework/functions.php');
579
// Re-connect to the database, this time using in-build database class
580
	require_once(WB_PATH.'/framework/class.login.php');
581 1470 Luisehahne
	// Include the PclZip class file (thanks to
582
	require_once(WB_PATH.'/include/pclzip/pclzip.lib.php');
583
	// Install add-ons
584
	if(file_exists(WB_PATH.'/install/modules')) {
585
		// Unpack pre-packaged modules
586
	}
587
	if(file_exists(WB_PATH.'/install/templates')) {
588
		// Unpack pre-packaged templates
589
	}
590
	if(file_exists(WB_PATH.'/install/languages')) {
591
		// Unpack pre-packaged languages
592
	}
593 1734 Luisehahne
594 1529 Luisehahne
	$admin=new admin_dummy('Start','',false,false);
595 1470 Luisehahne
	// Load addons into DB
596
	$dirs['modules'] = WB_PATH.'/modules/';
597
	$dirs['templates'] = WB_PATH.'/templates/';
598
	$dirs['languages'] = WB_PATH.'/languages/';
599 1540 Luisehahne
600 1470 Luisehahne
	foreach($dirs AS $type => $dir) {
601 1686 darkviper
		if(($handle = opendir($dir))) {
602 1470 Luisehahne
			while(false !== ($file = readdir($handle))) {
603
				if($file != '' AND substr($file, 0, 1) != '.' AND $file != 'admin.php' AND $file != 'index.php') {
604
					// Get addon type
605
					if($type == 'modules') {
606
						load_module($dir.'/'.$file, true);
607
						// Pretty ugly hack to let modules run $admin->set_error
608
						// See dummy class definition admin_dummy above
609
						if ($admin->error!='') {
610
							set_error($admin->error);
611
						}
612
					} elseif($type == 'templates') {
613
						load_template($dir.'/'.$file);
614
					} elseif($type == 'languages') {
615
						load_language($dir.'/'.$file);
616
					}
617
				}
618
			}
619 1686 darkviper
			closedir($handle);
620 1470 Luisehahne
		}
621
	}
622 1684 Luisehahne
623 1821 Luisehahne
// Check if there was a database error
624 1470 Luisehahne
	if($database->is_error()) {
625
		set_error($database->get_error());
626
	}
627
628 1870 Luisehahne
	if ( sizeof(createFolderProtectFile( WB_PATH.MEDIA_DIRECTORY )) ) {  }
629
	if ( sizeof(createFolderProtectFile( WB_PATH.MEDIA_DIRECTORY.'/home' )) ) {  }
630
	if ( sizeof(createFolderProtectFile( WB_PATH.PAGES_DIRECTORY )) ) {  }
631 1818 Luisehahne
632 1684 Luisehahne
// end of if install_tables
633
634 1529 Luisehahne
$ThemeUrl = WB_URL.$admin->correct_theme_source('warning.html');
635
// Setup template object, parse vars to it, then parse it
636 1722 Luisehahne
$ThemePath = realpath(WB_PATH.$admin->correct_theme_source('loginBox.htt'));
637 1529 Luisehahne
638 1470 Luisehahne
// Log the user in and go to Website Baker Administration
639
$thisApp = new Login(
640 1821 Luisehahne
	array(
641
			"MAX_ATTEMPS" => "50",
642
			"WARNING_URL" => $ThemeUrl."/warning.html",
643
			"USERNAME_FIELDNAME" => 'admin_username',
644
			"PASSWORD_FIELDNAME" => 'admin_password',
645
			"REMEMBER_ME_OPTION" => SMART_LOGIN,
646
			"MIN_USERNAME_LEN" => "2",
647
			"MIN_PASSWORD_LEN" => "3",
648
			"MAX_USERNAME_LEN" => "30",
649
			"MAX_PASSWORD_LEN" => "30",
650
			'LOGIN_URL' => ADMIN_URL."/login/index.php",
651
			'DEFAULT_URL' => ADMIN_URL."/start/index.php",
652
			'TEMPLATE_DIR' => $ThemePath,
653
			'TEMPLATE_FILE' => 'loginBox.htt',
654
			'FRONTEND' => false,
655
			'FORGOTTEN_DETAILS_APP' => ADMIN_URL."/login/forgot/index.php",
656
			'USERS_TABLE' => TABLE_PREFIX."users",
657
			'GROUPS_TABLE' => TABLE_PREFIX."groups",
658
	)
659 1470 Luisehahne
);