Revision 2107
Added by darkviper about 10 years ago
- fixed error in finding languages/ dir, some little optimations, all in install/save.php
save.php | ||
---|---|---|
18 | 18 |
|
19 | 19 |
/** |
20 | 20 |
* save.php |
21 |
*
|
|
21 |
* |
|
22 | 22 |
* @category Core |
23 | 23 |
* @package Core_Environment |
24 | 24 |
* @subpackage Installer |
... | ... | |
47 | 47 |
|
48 | 48 |
function errorLogs($error_str) |
49 | 49 |
{ |
50 |
$log_error = true;
|
|
51 |
if ( ! function_exists('error_log') ) { $log_error = false; }
|
|
52 |
$log_file = @ini_get('error_log');
|
|
53 |
if ( !empty($log_file) && ('syslog' != $log_file) && !@is_writable($log_file) ) {
|
|
54 |
$log_error = false;
|
|
55 |
}
|
|
56 |
if ( $log_error ) {@error_log($error_str, 0);}
|
|
50 |
$log_error = true;
|
|
51 |
if ( ! function_exists('error_log') ) { $log_error = false; }
|
|
52 |
$log_file = @ini_get('error_log');
|
|
53 |
if ( !empty($log_file) && ('syslog' != $log_file) && !@is_writable($log_file) ) {
|
|
54 |
$log_error = false;
|
|
55 |
}
|
|
56 |
if ( $log_error ) {@error_log($error_str, 0);}
|
|
57 | 57 |
} |
58 | 58 |
|
59 | 59 |
/** |
60 | 60 |
* Read DB settings from configuration file |
61 | 61 |
* @return string |
62 | 62 |
* @throws RuntimeException |
63 |
*
|
|
63 |
* |
|
64 | 64 |
*/ |
65 |
function _readConfiguration($sRetvalType = 'url') {
|
|
66 |
// check for valid file request. Becomes more stronger in next version
|
|
67 |
$x = debug_backtrace();
|
|
68 |
$bValidRequest = false;
|
|
69 |
if(sizeof($x) != 0) {
|
|
70 |
foreach($x as $aStep) {
|
|
71 |
// define the scripts which can read the configuration
|
|
72 |
if(preg_match('/(save.php|index.php|config.php|upgrade-script.php)$/si', $aStep['file'])) {
|
|
73 |
$bValidRequest = true;
|
|
74 |
break;
|
|
75 |
}
|
|
76 |
}
|
|
77 |
}else {
|
|
78 |
$bValidRequest = true;
|
|
79 |
}
|
|
80 |
if(!$bValidRequest) {
|
|
81 |
throw new RuntimeException('illegal function request!');
|
|
82 |
}
|
|
83 |
$aRetval = array();
|
|
84 |
$sSetupFile = dirname(dirname(__FILE__)).'/setup.ini.php';
|
|
85 |
if(is_readable($sSetupFile)) {
|
|
86 |
$aCfg = parse_ini_file($sSetupFile, true);
|
|
87 |
foreach($aCfg['Constants'] as $key=>$value) {
|
|
88 |
switch($key):
|
|
89 |
case 'DEBUG':
|
|
90 |
$value = filter_var($value, FILTER_VALIDATE_BOOLEAN);
|
|
91 |
break;
|
|
92 |
case 'WB_URL':
|
|
93 |
case 'AppUrl':
|
|
94 |
$value = trim(str_replace('\\', '/', $value), '/');
|
|
95 |
if(!defined('WB_URL')) { define('WB_URL', $value); }
|
|
96 |
break;
|
|
97 |
case 'ADMIN_DIRECTORY':
|
|
98 |
case 'AcpDir':
|
|
99 |
$value = trim(str_replace('\\', '/', $value), '/');
|
|
100 |
if(!defined('ADMIN_DIRECTORY')) { define('ADMIN_DIRECTORY', $value); }
|
|
101 |
break;
|
|
102 |
default:
|
|
103 |
if(!defined($key)) { define($key, $value); }
|
|
104 |
break;
|
|
105 |
endswitch;
|
|
106 |
}
|
|
107 |
$db = $aCfg['DataBase'];
|
|
108 |
$db['type'] = isset($db['type']) ? $db['type'] : 'mysql';
|
|
109 |
$db['user'] = isset($db['user']) ? $db['user'] : 'foo';
|
|
110 |
$db['pass'] = isset($db['pass']) ? $db['pass'] : 'bar';
|
|
111 |
$db['host'] = isset($db['host']) ? $db['host'] : 'localhost';
|
|
112 |
$db['port'] = isset($db['port']) ? $db['port'] : '3306';
|
|
113 |
$db['port'] = ($db['port'] != '3306') ? $db['port'] : '';
|
|
114 |
$db['name'] = isset($db['name']) ? $db['name'] : 'dummy';
|
|
115 |
$db['charset'] = isset($db['charset']) ? $db['charset'] : 'utf8';
|
|
116 |
$db['table_prefix'] = (isset($db['table_prefix']) ? $db['table_prefix'] : '');
|
|
117 |
if(!defined('TABLE_PREFIX')) {define('TABLE_PREFIX', $db['table_prefix']);}
|
|
118 |
if($sRetvalType == 'dsn') {
|
|
119 |
$aRetval[0] = $db['type'].':dbname='.$db['name'].';host='.$db['host'].';'
|
|
120 |
. ($db['port'] != '' ? 'port='.(int)$db['port'].';' : '');
|
|
121 |
$aRetval[1] = array('CHARSET' => $db['charset'], 'TABLE_PREFIX' => $db['table_prefix']);
|
|
122 |
$aRetval[2] = array( 'user' => $db['user'], 'pass' => $db['pass']);
|
|
123 |
}else { // $sRetvalType == 'url'
|
|
124 |
$aRetval[0] = $db['type'].'://'.$db['user'].':'.$db['pass'].'@'
|
|
125 |
. $db['host'].($db['port'] != '' ? ':'.$db['port'] : '').'/'.$db['name']
|
|
126 |
. '?Charset='.$db['charset'].'&TablePrefix='.$db['table_prefix'];
|
|
127 |
}
|
|
128 |
unset($db, $aCfg);
|
|
129 |
return $aRetval;
|
|
130 |
}
|
|
131 |
throw new RuntimeException('unable to read setup.ini.php');
|
|
132 |
}
|
|
65 |
function _readConfiguration($sRetvalType = 'url') {
|
|
66 |
// check for valid file request. Becomes more stronger in next version
|
|
67 |
$x = debug_backtrace();
|
|
68 |
$bValidRequest = false;
|
|
69 |
if(sizeof($x) != 0) {
|
|
70 |
foreach($x as $aStep) {
|
|
71 |
// define the scripts which can read the configuration
|
|
72 |
if(preg_match('/(save.php|index.php|config.php|upgrade-script.php)$/si', $aStep['file'])) {
|
|
73 |
$bValidRequest = true;
|
|
74 |
break;
|
|
75 |
}
|
|
76 |
}
|
|
77 |
}else {
|
|
78 |
$bValidRequest = true;
|
|
79 |
}
|
|
80 |
if(!$bValidRequest) {
|
|
81 |
throw new RuntimeException('illegal function request!');
|
|
82 |
}
|
|
83 |
$aRetval = array();
|
|
84 |
$sSetupFile = dirname(dirname(__FILE__)).'/setup.ini.php';
|
|
85 |
if(is_readable($sSetupFile)) {
|
|
86 |
$aCfg = parse_ini_file($sSetupFile, true);
|
|
87 |
foreach($aCfg['Constants'] as $key=>$value) {
|
|
88 |
switch($key):
|
|
89 |
case 'DEBUG':
|
|
90 |
$value = filter_var($value, FILTER_VALIDATE_BOOLEAN);
|
|
91 |
break;
|
|
92 |
case 'WB_URL':
|
|
93 |
case 'AppUrl':
|
|
94 |
$value = trim(str_replace('\\', '/', $value), '/');
|
|
95 |
if(!defined('WB_URL')) { define('WB_URL', $value); }
|
|
96 |
break;
|
|
97 |
case 'ADMIN_DIRECTORY':
|
|
98 |
case 'AcpDir':
|
|
99 |
$value = trim(str_replace('\\', '/', $value), '/');
|
|
100 |
if(!defined('ADMIN_DIRECTORY')) { define('ADMIN_DIRECTORY', $value); }
|
|
101 |
break;
|
|
102 |
default:
|
|
103 |
if(!defined($key)) { define($key, $value); }
|
|
104 |
break;
|
|
105 |
endswitch;
|
|
106 |
}
|
|
107 |
$db = $aCfg['DataBase'];
|
|
108 |
$db['type'] = isset($db['type']) ? $db['type'] : 'mysql';
|
|
109 |
$db['user'] = isset($db['user']) ? $db['user'] : 'foo';
|
|
110 |
$db['pass'] = isset($db['pass']) ? $db['pass'] : 'bar';
|
|
111 |
$db['host'] = isset($db['host']) ? $db['host'] : 'localhost';
|
|
112 |
$db['port'] = isset($db['port']) ? $db['port'] : '3306';
|
|
113 |
$db['port'] = ($db['port'] != '3306') ? $db['port'] : '';
|
|
114 |
$db['name'] = isset($db['name']) ? $db['name'] : 'dummy';
|
|
115 |
$db['charset'] = isset($db['charset']) ? $db['charset'] : 'utf8';
|
|
116 |
$db['table_prefix'] = (isset($db['table_prefix']) ? $db['table_prefix'] : '');
|
|
117 |
if(!defined('TABLE_PREFIX')) {define('TABLE_PREFIX', $db['table_prefix']);}
|
|
118 |
if($sRetvalType == 'dsn') {
|
|
119 |
$aRetval[0] = $db['type'].':dbname='.$db['name'].';host='.$db['host'].';'
|
|
120 |
. ($db['port'] != '' ? 'port='.(int)$db['port'].';' : '');
|
|
121 |
$aRetval[1] = array('CHARSET' => $db['charset'], 'TABLE_PREFIX' => $db['table_prefix']);
|
|
122 |
$aRetval[2] = array( 'user' => $db['user'], 'pass' => $db['pass']);
|
|
123 |
}else { // $sRetvalType == 'url'
|
|
124 |
$aRetval[0] = $db['type'].'://'.$db['user'].':'.$db['pass'].'@'
|
|
125 |
. $db['host'].($db['port'] != '' ? ':'.$db['port'] : '').'/'.$db['name']
|
|
126 |
. '?Charset='.$db['charset'].'&TablePrefix='.$db['table_prefix'];
|
|
127 |
}
|
|
128 |
unset($db, $aCfg);
|
|
129 |
return $aRetval;
|
|
130 |
}
|
|
131 |
throw new RuntimeException('unable to read setup.ini.php');
|
|
132 |
}
|
|
133 | 133 |
|
134 | 134 |
if (true === $debug) { |
135 |
ini_set('display_errors', 1);
|
|
136 |
error_reporting(E_ALL);
|
|
135 |
ini_set('display_errors', 1);
|
|
136 |
error_reporting(E_ALL);
|
|
137 | 137 |
} |
138 | 138 |
// Start a session |
139 | 139 |
if(!defined('SESSION_STARTED')) { |
140 |
session_name('wb_session_id');
|
|
141 |
session_start();
|
|
142 |
define('SESSION_STARTED', true);
|
|
140 |
session_name('wb_session_id');
|
|
141 |
session_start();
|
|
142 |
define('SESSION_STARTED', true);
|
|
143 | 143 |
} |
144 | 144 |
// get random-part for session_name() |
145 | 145 |
list($usec,$sec) = explode(' ',microtime()); |
... | ... | |
148 | 148 |
|
149 | 149 |
// Function to set error |
150 | 150 |
function set_error($message, $field_name = '') { |
151 |
global $_POST;
|
|
152 |
if(isset($message) AND $message != '') {
|
|
153 |
// Copy values entered into session so user doesn't have to re-enter everything
|
|
154 |
if(isset($_POST['website_title'])) {
|
|
155 |
$_SESSION['website_title'] = $_POST['website_title'];
|
|
156 |
$_SESSION['default_timezone'] = $_POST['default_timezone'];
|
|
157 |
$_SESSION['default_language'] = $_POST['default_language'];
|
|
158 |
if(!isset($_POST['operating_system'])) {
|
|
159 |
$_SESSION['operating_system'] = 'linux';
|
|
160 |
} else {
|
|
161 |
$_SESSION['operating_system'] = $_POST['operating_system'];
|
|
162 |
}
|
|
163 |
if(!isset($_POST['world_writeable'])) {
|
|
164 |
$_SESSION['world_writeable'] = false;
|
|
165 |
} else {
|
|
166 |
$_SESSION['world_writeable'] = true;
|
|
167 |
}
|
|
168 |
$_SESSION['database_host'] = $_POST['database_host'];
|
|
169 |
$_SESSION['database_username'] = $_POST['database_username'];
|
|
170 |
$_SESSION['database_password'] = '';
|
|
171 |
$_SESSION['database_name'] = $_POST['database_name'];
|
|
172 |
$_SESSION['table_prefix'] = $_POST['table_prefix'];
|
|
173 |
if(!isset($_POST['install_tables'])) {
|
|
174 |
$_SESSION['install_tables'] = true;
|
|
175 |
} else {
|
|
176 |
$_SESSION['install_tables'] = true;
|
|
177 |
}
|
|
178 |
$_SESSION['website_title'] = $_POST['website_title'];
|
|
179 |
$_SESSION['admin_username'] = $_POST['admin_username'];
|
|
180 |
$_SESSION['admin_email'] = $_POST['admin_email'];
|
|
181 |
$_SESSION['admin_password'] = '';
|
|
182 |
$_SESSION['admin_repassword'] = '';
|
|
183 |
}
|
|
184 |
// Set the message
|
|
185 |
$_SESSION['message'] = $message;
|
|
186 |
// Set the element(s) to highlight
|
|
187 |
if($field_name != '') {
|
|
188 |
$_SESSION['ERROR_FIELD'] = $field_name;
|
|
189 |
}
|
|
190 |
// Specify that session support is enabled
|
|
191 |
$_SESSION['session_support'] = '<font class="good">Enabled</font>';
|
|
192 |
// Redirect to first page again and exit
|
|
193 |
header('Location: index.php?sessions_checked=true');
|
|
194 |
exit();
|
|
195 |
}
|
|
151 |
global $_POST;
|
|
152 |
if(isset($message) AND $message != '') {
|
|
153 |
// Copy values entered into session so user doesn't have to re-enter everything
|
|
154 |
if(isset($_POST['website_title'])) {
|
|
155 |
$_SESSION['website_title'] = $_POST['website_title'];
|
|
156 |
$_SESSION['default_timezone'] = $_POST['default_timezone'];
|
|
157 |
$_SESSION['default_language'] = $_POST['default_language'];
|
|
158 |
if(!isset($_POST['operating_system'])) {
|
|
159 |
$_SESSION['operating_system'] = 'linux';
|
|
160 |
} else {
|
|
161 |
$_SESSION['operating_system'] = $_POST['operating_system'];
|
|
162 |
}
|
|
163 |
if(!isset($_POST['world_writeable'])) {
|
|
164 |
$_SESSION['world_writeable'] = false;
|
|
165 |
} else {
|
|
166 |
$_SESSION['world_writeable'] = true;
|
|
167 |
}
|
|
168 |
$_SESSION['database_host'] = $_POST['database_host'];
|
|
169 |
$_SESSION['database_username'] = $_POST['database_username'];
|
|
170 |
$_SESSION['database_password'] = '';
|
|
171 |
$_SESSION['database_name'] = $_POST['database_name'];
|
|
172 |
$_SESSION['table_prefix'] = $_POST['table_prefix'];
|
|
173 |
if(!isset($_POST['install_tables'])) {
|
|
174 |
$_SESSION['install_tables'] = true;
|
|
175 |
} else {
|
|
176 |
$_SESSION['install_tables'] = true;
|
|
177 |
}
|
|
178 |
$_SESSION['website_title'] = $_POST['website_title'];
|
|
179 |
$_SESSION['admin_username'] = $_POST['admin_username'];
|
|
180 |
$_SESSION['admin_email'] = $_POST['admin_email'];
|
|
181 |
$_SESSION['admin_password'] = '';
|
|
182 |
$_SESSION['admin_repassword'] = '';
|
|
183 |
}
|
|
184 |
// Set the message
|
|
185 |
$_SESSION['message'] = $message;
|
|
186 |
// Set the element(s) to highlight
|
|
187 |
if($field_name != '') {
|
|
188 |
$_SESSION['ERROR_FIELD'] = $field_name;
|
|
189 |
}
|
|
190 |
// Specify that session support is enabled
|
|
191 |
$_SESSION['session_support'] = '<font class="good">Enabled</font>';
|
|
192 |
// Redirect to first page again and exit
|
|
193 |
header('Location: index.php?sessions_checked=true');
|
|
194 |
exit();
|
|
195 |
}
|
|
196 | 196 |
} |
197 | 197 |
/* */ |
198 | 198 |
|
199 | 199 |
// Function to workout what the default permissions are for files created by the webserver |
200 | 200 |
function default_file_mode($temp_dir) { |
201 |
$v = explode(".",PHP_VERSION);
|
|
202 |
$v = $v[0].$v[1];
|
|
203 |
if($v > 41 AND is_writable($temp_dir)) {
|
|
204 |
$filename = $temp_dir.'/test_permissions.txt';
|
|
205 |
$handle = fopen($filename, 'w');
|
|
206 |
fwrite($handle, 'This file is to get the default file permissions');
|
|
207 |
fclose($handle);
|
|
208 |
$default_file_mode = '0'.substr(sprintf('%o', fileperms($filename)), -3);
|
|
209 |
unlink($filename);
|
|
210 |
} else {
|
|
211 |
$default_file_mode = '0666';
|
|
212 |
}
|
|
213 |
return $default_file_mode;
|
|
201 |
$v = explode(".",PHP_VERSION);
|
|
202 |
$v = $v[0].$v[1];
|
|
203 |
if($v > 41 AND is_writable($temp_dir)) {
|
|
204 |
$filename = $temp_dir.'/test_permissions.txt';
|
|
205 |
$handle = fopen($filename, 'w');
|
|
206 |
fwrite($handle, 'This file is to get the default file permissions');
|
|
207 |
fclose($handle);
|
|
208 |
$default_file_mode = '0'.substr(sprintf('%o', fileperms($filename)), -3);
|
|
209 |
unlink($filename);
|
|
210 |
} else {
|
|
211 |
$default_file_mode = '0666';
|
|
212 |
}
|
|
213 |
return $default_file_mode;
|
|
214 | 214 |
} |
215 | 215 |
|
216 | 216 |
// Function to workout what the default permissions are for directories created by the webserver |
217 | 217 |
function default_dir_mode($temp_dir) { |
218 |
$v = explode(".",PHP_VERSION);
|
|
219 |
$v = $v[0].$v[1];
|
|
220 |
if($v > 41 AND is_writable($temp_dir)) {
|
|
221 |
$dirname = $temp_dir.'/test_permissions/';
|
|
222 |
mkdir($dirname);
|
|
223 |
$default_dir_mode = '0'.substr(sprintf('%o', fileperms($dirname)), -3);
|
|
224 |
rmdir($dirname);
|
|
225 |
} else {
|
|
226 |
$default_dir_mode = '0777';
|
|
227 |
}
|
|
228 |
return $default_dir_mode;
|
|
218 |
$v = explode(".",PHP_VERSION);
|
|
219 |
$v = $v[0].$v[1];
|
|
220 |
if($v > 41 AND is_writable($temp_dir)) {
|
|
221 |
$dirname = $temp_dir.'/test_permissions/';
|
|
222 |
mkdir($dirname);
|
|
223 |
$default_dir_mode = '0'.substr(sprintf('%o', fileperms($dirname)), -3);
|
|
224 |
rmdir($dirname);
|
|
225 |
} else {
|
|
226 |
$default_dir_mode = '0777';
|
|
227 |
}
|
|
228 |
return $default_dir_mode;
|
|
229 | 229 |
} |
230 | 230 |
|
231 | 231 |
function add_slashes($input) { |
232 |
if ( get_magic_quotes_gpc() || ( !is_string($input) ) ) {
|
|
233 |
return $input;
|
|
234 |
}
|
|
235 |
$output = addslashes($input);
|
|
236 |
return $output;
|
|
232 |
if ( get_magic_quotes_gpc() || ( !is_string($input) ) ) {
|
|
233 |
return $input;
|
|
234 |
}
|
|
235 |
$output = addslashes($input);
|
|
236 |
return $output;
|
|
237 | 237 |
} |
238 | 238 |
|
239 | 239 |
// Begin check to see if form was even submitted |
240 | 240 |
// Set error if no post vars found |
241 | 241 |
if(!isset($_POST['website_title'])) { |
242 |
set_error('Please fill-in the wesite title below');
|
|
242 |
set_error('Please fill-in the wesite title below');
|
|
243 | 243 |
} |
244 | 244 |
// End check to see if form was even submitted |
245 | 245 |
|
... | ... | |
247 | 247 |
|
248 | 248 |
// Check if user has entered the installation url |
249 | 249 |
if(!isset($_POST['wb_url']) OR $_POST['wb_url'] == '') { |
250 |
set_error('Please enter an absolute URL', 'wb_url');
|
|
250 |
set_error('Please enter an absolute URL', 'wb_url');
|
|
251 | 251 |
} else { |
252 |
$wb_url = $_POST['wb_url'];
|
|
252 |
$wb_url = $_POST['wb_url'];
|
|
253 | 253 |
} |
254 | 254 |
// Remove any slashes at the end of the URL |
255 | 255 |
$wb_url = trim(str_replace('\\', '/', $wb_url), '/').'/'; |
256 | 256 |
// Get the default time zone |
257 | 257 |
if(!isset($_POST['default_timezone']) OR !is_numeric($_POST['default_timezone'])) { |
258 |
set_error('Please select a valid default timezone', 'default_timezone');
|
|
258 |
set_error('Please select a valid default timezone', 'default_timezone');
|
|
259 | 259 |
} else { |
260 |
$default_timezone = $_POST['default_timezone']*60*60;
|
|
260 |
$default_timezone = $_POST['default_timezone']*60*60;
|
|
261 | 261 |
} |
262 | 262 |
// End path and timezone details code |
263 | 263 |
|
264 | 264 |
// Get the default language |
265 |
$sLanguageDirectory = dirname(__DIR__).'languages/'; |
|
266 |
$allowed_languages = array_keys(InstallHelper::getAvailableLanguages($sLanguageDirectory)); |
|
267 |
if(!isset($_POST['default_language']) OR !in_array($_POST['default_language'], $allowed_languages)) { |
|
268 |
set_error('Please select a valid default backend language','default_language'); |
|
265 |
$sLanguageDirectory = dirname(__DIR__).'/languages/'; |
|
266 |
$allowed_languages = InstallHelper::getAvailableLanguages($sLanguageDirectory); |
|
267 |
if ( |
|
268 |
!isset($_POST['default_language']) || |
|
269 |
!array_key_exists($_POST['default_language'], $allowed_languages) |
|
270 |
) { |
|
271 |
set_error('Please select a valid default backend language','default_language'); |
|
269 | 272 |
} else { |
270 |
$default_language = $_POST['default_language'];
|
|
271 |
// make sure the selected language file exists in the language folder
|
|
272 |
if(!file_exists('../languages/' .$default_language .'.php')) {
|
|
273 |
set_error('The language file: \'' .$default_language .'.php\' is missing. Upload file to language folder or choose another language','default_language');
|
|
274 |
}
|
|
273 |
$default_language = $_POST['default_language'];
|
|
274 |
// make sure the selected language file exists in the language folder
|
|
275 |
if(!file_exists('../languages/' .$default_language .'.php')) {
|
|
276 |
set_error('The language file: \'' .$default_language .'.php\' is missing. Upload file to language folder or choose another language','default_language');
|
|
277 |
}
|
|
275 | 278 |
} |
276 | 279 |
// End default language details code |
277 | 280 |
|
278 | 281 |
// Begin operating system specific code |
279 | 282 |
// Get operating system |
280 | 283 |
if(!isset($_POST['operating_system']) OR $_POST['operating_system'] != 'linux' AND $_POST['operating_system'] != 'windows') { |
281 |
set_error('Please select a valid operating system');
|
|
284 |
set_error('Please select a valid operating system');
|
|
282 | 285 |
} else { |
283 |
$operating_system = $_POST['operating_system'];
|
|
286 |
$operating_system = $_POST['operating_system'];
|
|
284 | 287 |
} |
285 | 288 |
// Work-out file permissions |
286 | 289 |
if($operating_system == 'windows') { |
287 |
$file_mode = '0777';
|
|
288 |
$dir_mode = '0666';
|
|
290 |
$file_mode = '0777';
|
|
291 |
$dir_mode = '0666';
|
|
289 | 292 |
} elseif(isset($_POST['world_writeable']) AND $_POST['world_writeable'] == 'true') { |
290 |
$file_mode = '0666';
|
|
291 |
$dir_mode = '0777';
|
|
293 |
$file_mode = '0666';
|
|
294 |
$dir_mode = '0777';
|
|
292 | 295 |
} else { |
293 |
$file_mode = default_file_mode('../temp');
|
|
294 |
$dir_mode = default_dir_mode('../temp');
|
|
296 |
$file_mode = default_file_mode('../temp');
|
|
297 |
$dir_mode = default_dir_mode('../temp');
|
|
295 | 298 |
} |
296 | 299 |
// End operating system specific code |
297 | 300 |
|
298 | 301 |
// Begin database details code |
299 | 302 |
// Check if user has entered a database host |
300 | 303 |
if(!isset($_POST['database_host']) OR $_POST['database_host'] == '') { |
301 |
set_error('Please enter a database host name', 'database_host');
|
|
304 |
set_error('Please enter a database host name', 'database_host');
|
|
302 | 305 |
} else { |
303 |
$database_host = $_POST['database_host'];
|
|
306 |
$database_host = $_POST['database_host'];
|
|
304 | 307 |
} |
305 | 308 |
// Check if user has entered a database name |
306 | 309 |
if(!isset($_POST['database_name']) OR $_POST['database_name'] == '') { |
307 |
set_error('Please enter a database name', 'database_name');
|
|
310 |
set_error('Please enter a database name', 'database_name');
|
|
308 | 311 |
} else { |
309 |
// make sure only allowed characters are specified
|
|
310 |
if(!preg_match('/^[a-z0-9_-]*$/i', $_POST['database_name'])) {
|
|
311 |
// contains invalid characters (only a-z, A-Z, 0-9 and _ allowed to avoid problems with table/field names)
|
|
312 |
set_error('Only characters a-z, A-Z, 0-9, - and _ allowed in database name.', 'database_name');
|
|
313 |
}
|
|
314 |
$database_name = $_POST['database_name'];
|
|
312 |
// make sure only allowed characters are specified
|
|
313 |
if(!preg_match('/^[a-z0-9_-]*$/i', $_POST['database_name'])) {
|
|
314 |
// contains invalid characters (only a-z, A-Z, 0-9 and _ allowed to avoid problems with table/field names)
|
|
315 |
set_error('Only characters a-z, A-Z, 0-9, - and _ allowed in database name.', 'database_name');
|
|
316 |
}
|
|
317 |
$database_name = $_POST['database_name'];
|
|
315 | 318 |
} |
316 | 319 |
// Get table prefix |
317 | 320 |
if(!preg_match('/^[a-z0-9_]*$/i', $_POST['table_prefix'])) { |
318 |
// contains invalid characters (only a-z, A-Z, 0-9 and _ allowed to avoid problems with table/field names)
|
|
319 |
set_error('Only characters a-z, A-Z, 0-9 and _ allowed in table_prefix.', 'table_prefix');
|
|
321 |
// contains invalid characters (only a-z, A-Z, 0-9 and _ allowed to avoid problems with table/field names)
|
|
322 |
set_error('Only characters a-z, A-Z, 0-9 and _ allowed in table_prefix.', 'table_prefix');
|
|
320 | 323 |
} else { |
321 |
$table_prefix = $_POST['table_prefix'];
|
|
324 |
$table_prefix = $_POST['table_prefix'];
|
|
322 | 325 |
} |
323 | 326 |
|
324 | 327 |
// Check if user has entered a database username |
325 | 328 |
if(!isset($_POST['database_username']) OR $_POST['database_username'] == '') { |
326 |
set_error('Please enter a database username','database_username');
|
|
329 |
set_error('Please enter a database username','database_username');
|
|
327 | 330 |
} else { |
328 |
$database_username = $_POST['database_username'];
|
|
331 |
$database_username = $_POST['database_username'];
|
|
329 | 332 |
} |
330 | 333 |
// Check if user has entered a database password |
331 | 334 |
if(!isset($_POST['database_password'])&& ($_POST['database_password']==='') ) { |
332 |
set_error('Please enter a database password', 'database_password');
|
|
335 |
set_error('Please enter a database password', 'database_password');
|
|
333 | 336 |
} else { |
334 |
$database_password = $_POST['database_password'];
|
|
337 |
$database_password = $_POST['database_password'];
|
|
335 | 338 |
} |
336 | 339 |
|
337 | 340 |
// Find out if the user wants to install tables and data |
... | ... | |
341 | 344 |
// Begin website title code |
342 | 345 |
// Get website title |
343 | 346 |
if(!isset($_POST['website_title']) OR $_POST['website_title'] == '') { |
344 |
set_error('Please enter a website title', 'website_title');
|
|
347 |
set_error('Please enter a website title', 'website_title');
|
|
345 | 348 |
} else { |
346 |
$website_title = add_slashes($_POST['website_title']);
|
|
349 |
$website_title = add_slashes($_POST['website_title']);
|
|
347 | 350 |
} |
348 | 351 |
// End website title code |
349 | 352 |
|
350 | 353 |
// Begin admin user details code |
351 | 354 |
// Get admin username |
352 | 355 |
if(!isset($_POST['admin_username']) OR $_POST['admin_username'] == '') { |
353 |
set_error('Please enter a username for the Administrator account','admin_username');
|
|
356 |
set_error('Please enter a username for the Administrator account','admin_username');
|
|
354 | 357 |
} else { |
355 |
$admin_username = $_POST['admin_username'];
|
|
358 |
$admin_username = $_POST['admin_username'];
|
|
356 | 359 |
} |
357 | 360 |
// Get admin email and validate it |
358 | 361 |
if(!isset($_POST['admin_email']) OR $_POST['admin_email'] == '') { |
359 |
set_error('Please enter an email for the Administrator account','admin_email');
|
|
362 |
set_error('Please enter an email for the Administrator account','admin_email');
|
|
360 | 363 |
} else { |
361 |
if(preg_match('/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,})$/i', $_POST['admin_email'])) {
|
|
362 |
$admin_email = $_POST['admin_email'];
|
|
363 |
} else {
|
|
364 |
set_error('Please enter a valid email address for the Administrator account','admin_email');
|
|
365 |
}
|
|
364 |
if(preg_match('/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,})$/i', $_POST['admin_email'])) {
|
|
365 |
$admin_email = $_POST['admin_email'];
|
|
366 |
} else {
|
|
367 |
set_error('Please enter a valid email address for the Administrator account','admin_email');
|
|
368 |
}
|
|
366 | 369 |
} |
367 | 370 |
// Get the two admin passwords entered, and check that they match |
368 | 371 |
if(!isset($_POST['admin_password']) OR $_POST['admin_password'] == '') { |
369 |
set_error('Please enter a password for the Administrator account','admin_password');
|
|
372 |
set_error('Please enter a password for the Administrator account','admin_password');
|
|
370 | 373 |
} else { |
371 |
$admin_password = $_POST['admin_password'];
|
|
374 |
$admin_password = $_POST['admin_password'];
|
|
372 | 375 |
} |
373 | 376 |
if(!isset($_POST['admin_repassword']) OR $_POST['admin_repassword'] == '') { |
374 |
set_error('Please make sure you re-enter the password for the Administrator account','admin_repassword');
|
|
377 |
set_error('Please make sure you re-enter the password for the Administrator account','admin_repassword');
|
|
375 | 378 |
} else { |
376 |
$admin_repassword = $_POST['admin_repassword'];
|
|
379 |
$admin_repassword = $_POST['admin_repassword'];
|
|
377 | 380 |
} |
378 | 381 |
if($admin_password != $admin_repassword) { |
379 |
set_error('Sorry, the two Administrator account passwords you entered do not match','admin_repassword');
|
|
382 |
set_error('Sorry, the two Administrator account passwords you entered do not match','admin_repassword');
|
|
380 | 383 |
} |
381 | 384 |
if (mb_strlen($admin_password) < 6) { |
382 |
set_error('Sorry, the password must have 6 chars at last','admin_password');
|
|
385 |
set_error('Sorry, the password must have 6 chars at last','admin_password');
|
|
383 | 386 |
} |
384 | 387 |
|
385 | 388 |
// End admin user details code |
386 | 389 |
|
387 | 390 |
// Try and write settings to config file |
388 |
$sConfigContent =
|
|
391 |
$sConfigContent = |
|
389 | 392 |
";<?php die('sorry, illegal file access'); ?>#####\n" |
390 | 393 |
.";################################################\n" |
391 | 394 |
."; WebsiteBaker configuration file\n" |
... | ... | |
412 | 415 |
$sConfigName = basename($sConfigFile); |
413 | 416 |
// Check if the file exists and is writable first. |
414 | 417 |
if(file_exists($sConfigFile) && is_writable($sConfigFile)) { |
415 |
if(!$handle = fopen($sConfigFile, 'w')) {
|
|
416 |
set_error("Cannot open the configuration file ($sConfigName)");
|
|
417 |
} else {
|
|
418 |
if (fwrite($handle, $sConfigContent) === FALSE) {
|
|
419 |
set_error("Cannot write to the configuration file ($sConfigName)");
|
|
420 |
}
|
|
421 |
// Close file
|
|
422 |
fclose($handle);
|
|
423 |
}
|
|
418 |
if(!$handle = fopen($sConfigFile, 'w')) {
|
|
419 |
set_error("Cannot open the configuration file ($sConfigName)");
|
|
420 |
} else {
|
|
421 |
if (fwrite($handle, $sConfigContent) === FALSE) {
|
|
422 |
set_error("Cannot write to the configuration file ($sConfigName)");
|
|
423 |
}
|
|
424 |
// Close file
|
|
425 |
fclose($handle);
|
|
426 |
}
|
|
424 | 427 |
} else { |
425 |
set_error("The configuration file $sConfigName is not writable. Change its permissions so it is, then re-run step 4.");
|
|
428 |
set_error("The configuration file $sConfigName is not writable. Change its permissions so it is, then re-run step 4.");
|
|
426 | 429 |
} |
427 | 430 |
|
428 | 431 |
//_SetInstallPathConstants(); |
... | ... | |
436 | 439 |
$aSqlData = _readConfiguration($sDbConnectType); |
437 | 440 |
|
438 | 441 |
if(!file_exists(WB_PATH.'/framework/class.admin.php')) { |
439 |
set_error('It appears the Absolute path that you entered is incorrect');
|
|
442 |
set_error('It appears the Absolute path that you entered is incorrect');
|
|
440 | 443 |
} |
441 | 444 |
|
442 | 445 |
$database = WbDatabase::getInstance(); |
443 | 446 |
try{ |
444 |
if($sDbConnectType == 'dsn') {
|
|
445 |
$bTmp = @$database->doConnect($aSqlData[0], $aSqlData[1]['user'], $aSqlData[1]['pass'], $aSqlData[2]);
|
|
446 |
}else {
|
|
447 |
$bTmp = @$database->doConnect($aSqlData[0], TABLE_PREFIX);
|
|
448 |
}
|
|
447 |
if($sDbConnectType == 'dsn') {
|
|
448 |
$bTmp = @$database->doConnect($aSqlData[0], $aSqlData[1]['user'], $aSqlData[1]['pass'], $aSqlData[2]);
|
|
449 |
}else {
|
|
450 |
$bTmp = @$database->doConnect($aSqlData[0], TABLE_PREFIX);
|
|
451 |
}
|
|
449 | 452 |
} catch (WbDatabaseException $e) { |
450 |
if(!file_put_contents($sConfigFile,"<?php\n")) {
|
|
451 |
set_error("Cannot write to the configuration file ($sSetupFile)");
|
|
452 |
}
|
|
453 |
set_error($e->getMessage());
|
|
453 |
if(!file_put_contents($sConfigFile,"<?php\n")) {
|
|
454 |
set_error("Cannot write to the configuration file ($sSetupFile)");
|
|
455 |
}
|
|
456 |
set_error($e->getMessage());
|
|
454 | 457 |
} |
455 | 458 |
|
456 | 459 |
unset($aSqlData); |
... | ... | |
461 | 464 |
."include_once(dirname(__FILE__).'/framework/initialize.php');\n"; |
462 | 465 |
$sSetupFile = WB_PATH.'/config.php'; |
463 | 466 |
if(!file_put_contents($sSetupFile,$sConfigContent)) { |
464 |
set_error("Cannot write to the configuration file ($sSetupFile)");
|
|
467 |
set_error("Cannot write to the configuration file ($sSetupFile)");
|
|
465 | 468 |
} |
466 | 469 |
$sSecMod = (defined('SECURE_FORM_MODULE') && SECURE_FORM_MODULE != '') ? '.'.SECURE_FORM_MODULE : ''; |
467 | 470 |
$sSecMod = WB_PATH.'/framework/SecureForm'.$sSecMod.'.php'; |
... | ... | |
471 | 474 |
/***************************** |
472 | 475 |
Begin Create Database Tables |
473 | 476 |
*****************************/ |
474 |
if (is_readable(__DIR__.'/sql/install-struct.sql')) { |
|
475 |
if (! $database->SqlImport(__DIR__.'/sql/install-struct.sql', TABLE_PREFIX, false)) { |
|
476 |
set_error('unable to import install-struct.sql'); |
|
477 |
$oSqlInst = new SqlInstall($database, __DIR__.'/sql/install-struct.sql'); |
|
478 |
if ($oSqlInst) { |
|
479 |
if (!$oSqlInst->doImport('install')) { |
|
480 |
set_error($oSqlInst->getError()); |
|
477 | 481 |
} |
478 | 482 |
} |
479 |
if (is_readable(__DIR__.'/sql/install-data.sql')) { |
|
480 |
if (! $database->SqlImport(__DIR__.'/sql/install-data.sql', TABLE_PREFIX)) { |
|
481 |
set_error('unable to import install-data.sql'); |
|
483 |
$oSqlInst = new SqlInstall($database, __DIR__.'/sql/install-data.sql'); |
|
484 |
if ($oSqlInst) { |
|
485 |
if (!$oSqlInst->doImport('install')) { |
|
486 |
set_error($oSqlInst->getError()); |
|
482 | 487 |
} |
483 | 488 |
} |
489 |
unset $oSqlInst; |
|
484 | 490 |
$sql = // additional settings from install input |
485 | 491 |
'REPLACE INTO `'.TABLE_PREFIX.'settings` (`name`, `value`) VALUES ' |
486 | 492 |
. '(\'wb_version\', \''.VERSION.'\'), ' |
... | ... | |
531 | 537 |
} |
532 | 538 |
} |
533 | 539 |
// Include WB functions file |
534 |
require_once(WB_PATH.'/framework/functions.php');
|
|
540 |
require_once(WB_PATH.'/framework/functions.php');
|
|
535 | 541 |
// Re-connect to the database, this time using in-build database class |
536 |
// require_once(WB_PATH.'/framework/class.login.php');
|
|
537 |
// Include the PclZip class file (thanks to
|
|
538 |
require_once(WB_PATH.'/include/pclzip/pclzip.lib.php');
|
|
539 |
// Install add-ons
|
|
540 |
$admin=new admin_dummy('Start','',false,false);
|
|
542 |
// require_once(WB_PATH.'/framework/class.login.php');
|
|
543 |
// Include the PclZip class file (thanks to
|
|
544 |
require_once(WB_PATH.'/include/pclzip/pclzip.lib.php');
|
|
545 |
// Install add-ons
|
|
546 |
$admin=new admin_dummy('Start','',false,false);
|
|
541 | 547 |
// Load addons and templates into DB |
542 | 548 |
$aScanDirs = array( |
543 | 549 |
'module' => dirname(__DIR__).'/modules/', |
... | ... | |
565 | 571 |
} |
566 | 572 |
|
567 | 573 |
// Check if there was a database error |
568 |
if($database->is_error()) {
|
|
569 |
set_error($database->get_error());
|
|
570 |
}
|
|
574 |
if($database->is_error()) {
|
|
575 |
set_error($database->get_error());
|
|
576 |
}
|
|
571 | 577 |
|
572 |
if ( sizeof(createFolderProtectFile( WB_PATH.MEDIA_DIRECTORY )) ) { }
|
|
573 |
if ( sizeof(createFolderProtectFile( WB_PATH.MEDIA_DIRECTORY.'/home' )) ) { }
|
|
574 |
if ( sizeof(createFolderProtectFile( WB_PATH.PAGES_DIRECTORY )) ) { }
|
|
578 |
if ( sizeof(createFolderProtectFile( WB_PATH.MEDIA_DIRECTORY )) ) { }
|
|
579 |
if ( sizeof(createFolderProtectFile( WB_PATH.MEDIA_DIRECTORY.'/home' )) ) { }
|
|
580 |
if ( sizeof(createFolderProtectFile( WB_PATH.PAGES_DIRECTORY )) ) { }
|
|
575 | 581 |
|
576 | 582 |
// end of if install_tables |
577 | 583 |
|
... | ... | |
581 | 587 |
|
582 | 588 |
// Log the user in and go to Website Baker Administration |
583 | 589 |
$thisApp = new Login( |
584 |
array(
|
|
585 |
"MAX_ATTEMPS" => "50",
|
|
586 |
"WARNING_URL" => $ThemeUrl."/warning.html",
|
|
587 |
"USERNAME_FIELDNAME" => 'admin_username',
|
|
588 |
"PASSWORD_FIELDNAME" => 'admin_password',
|
|
589 |
"REMEMBER_ME_OPTION" => SMART_LOGIN,
|
|
590 |
"MIN_USERNAME_LEN" => "2",
|
|
591 |
"MIN_PASSWORD_LEN" => "3",
|
|
592 |
"MAX_USERNAME_LEN" => "30",
|
|
593 |
"MAX_PASSWORD_LEN" => "30",
|
|
594 |
'LOGIN_URL' => ADMIN_URL."/login/index.php",
|
|
595 |
'DEFAULT_URL' => ADMIN_URL."/start/index.php",
|
|
596 |
'TEMPLATE_DIR' => $ThemePath,
|
|
597 |
'TEMPLATE_FILE' => 'loginBox.htt',
|
|
598 |
'FRONTEND' => false,
|
|
599 |
'FORGOTTEN_DETAILS_APP' => ADMIN_URL."/login/forgot/index.php",
|
|
600 |
'USERS_TABLE' => TABLE_PREFIX."users",
|
|
601 |
'GROUPS_TABLE' => TABLE_PREFIX."groups",
|
|
602 |
)
|
|
590 |
array(
|
|
591 |
"MAX_ATTEMPS" => "50",
|
|
592 |
"WARNING_URL" => $ThemeUrl."/warning.html",
|
|
593 |
"USERNAME_FIELDNAME" => 'admin_username',
|
|
594 |
"PASSWORD_FIELDNAME" => 'admin_password',
|
|
595 |
"REMEMBER_ME_OPTION" => SMART_LOGIN,
|
|
596 |
"MIN_USERNAME_LEN" => "2",
|
|
597 |
"MIN_PASSWORD_LEN" => "3",
|
|
598 |
"MAX_USERNAME_LEN" => "30",
|
|
599 |
"MAX_PASSWORD_LEN" => "30",
|
|
600 |
'LOGIN_URL' => ADMIN_URL."/login/index.php",
|
|
601 |
'DEFAULT_URL' => ADMIN_URL."/start/index.php",
|
|
602 |
'TEMPLATE_DIR' => $ThemePath,
|
|
603 |
'TEMPLATE_FILE' => 'loginBox.htt',
|
|
604 |
'FRONTEND' => false,
|
|
605 |
'FORGOTTEN_DETAILS_APP' => ADMIN_URL."/login/forgot/index.php",
|
|
606 |
'USERS_TABLE' => TABLE_PREFIX."users",
|
|
607 |
'GROUPS_TABLE' => TABLE_PREFIX."groups",
|
|
608 |
)
|
|
603 | 609 |
); |
Also available in: Unified diff