[218] | 1 | <?php |
---|
[354] | 2 | // +-----------------------------------------------------------------------+ |
---|
[2297] | 3 | // | Piwigo - a PHP based picture gallery | |
---|
| 4 | // +-----------------------------------------------------------------------+ |
---|
| 5 | // | Copyright(C) 2008 Piwigo Team http://piwigo.org | |
---|
| 6 | // | Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net | |
---|
| 7 | // | Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick | |
---|
| 8 | // +-----------------------------------------------------------------------+ |
---|
| 9 | // | This program is free software; you can redistribute it and/or modify | |
---|
| 10 | // | it under the terms of the GNU General Public License as published by | |
---|
| 11 | // | the Free Software Foundation | |
---|
| 12 | // | | |
---|
| 13 | // | This program is distributed in the hope that it will be useful, but | |
---|
| 14 | // | WITHOUT ANY WARRANTY; without even the implied warranty of | |
---|
| 15 | // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
---|
| 16 | // | General Public License for more details. | |
---|
| 17 | // | | |
---|
| 18 | // | You should have received a copy of the GNU General Public License | |
---|
| 19 | // | along with this program; if not, write to the Free Software | |
---|
| 20 | // | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, | |
---|
| 21 | // | USA. | |
---|
| 22 | // +-----------------------------------------------------------------------+ |
---|
[218] | 23 | |
---|
[2747] | 24 | //------------------------------------------------- check php version |
---|
| 25 | if (version_compare(PHP_VERSION, '5', '<')) |
---|
| 26 | { |
---|
| 27 | die('Piwigo requires PHP 5 or above.'); |
---|
| 28 | } |
---|
| 29 | |
---|
[367] | 30 | //----------------------------------------------------------- include |
---|
| 31 | define('PHPWG_ROOT_PATH','./'); |
---|
[345] | 32 | |
---|
[529] | 33 | /** |
---|
| 34 | * loads an sql file and executes all queries |
---|
| 35 | * |
---|
| 36 | * Before executing a query, $replaced is... replaced by $replacing. This is |
---|
| 37 | * useful when the SQL file contains generic words. Drop table queries are |
---|
| 38 | * not executed. |
---|
| 39 | * |
---|
| 40 | * @param string filepath |
---|
| 41 | * @param string replaced |
---|
| 42 | * @param string replacing |
---|
| 43 | * @return void |
---|
| 44 | */ |
---|
| 45 | function execute_sqlfile($filepath, $replaced, $replacing) |
---|
[382] | 46 | { |
---|
[529] | 47 | $sql_lines = file($filepath); |
---|
[382] | 48 | $query = ''; |
---|
[529] | 49 | foreach ($sql_lines as $sql_line) |
---|
| 50 | { |
---|
| 51 | $sql_line = trim($sql_line); |
---|
| 52 | if (preg_match('/(^--|^$)/', $sql_line)) |
---|
| 53 | { |
---|
| 54 | continue; |
---|
| 55 | } |
---|
[382] | 56 | $query.= ' '.$sql_line; |
---|
| 57 | // if we reached the end of query, we execute it and reinitialize the |
---|
| 58 | // variable "query" |
---|
[529] | 59 | if (preg_match('/;$/', $sql_line)) |
---|
[382] | 60 | { |
---|
[529] | 61 | $query = trim($query); |
---|
| 62 | $query = str_replace($replaced, $replacing, $query); |
---|
[382] | 63 | // we don't execute "DROP TABLE" queries |
---|
[529] | 64 | if (!preg_match('/^DROP TABLE/i', $query)) |
---|
| 65 | { |
---|
[2127] | 66 | global $install_charset_collate; |
---|
| 67 | if ( !empty($install_charset_collate) ) |
---|
| 68 | { |
---|
| 69 | if ( preg_match('/^(CREATE TABLE .*)[\s]*;[\s]*/im', $query, $matches) ) |
---|
| 70 | { |
---|
| 71 | $query = $matches[1].' '.$install_charset_collate.';'; |
---|
| 72 | } |
---|
| 73 | } |
---|
[2884] | 74 | pwg_query($query); |
---|
[529] | 75 | } |
---|
[382] | 76 | $query = ''; |
---|
| 77 | } |
---|
| 78 | } |
---|
| 79 | } |
---|
| 80 | |
---|
[367] | 81 | set_magic_quotes_runtime(0); // Disable magic_quotes_runtime |
---|
| 82 | // |
---|
| 83 | // addslashes to vars if magic_quotes_gpc is off this is a security |
---|
| 84 | // precaution to prevent someone trying to break out of a SQL statement. |
---|
| 85 | // |
---|
| 86 | if( !get_magic_quotes_gpc() ) |
---|
[218] | 87 | { |
---|
[367] | 88 | if( is_array($_POST) ) |
---|
[218] | 89 | { |
---|
[367] | 90 | while( list($k, $v) = each($_POST) ) |
---|
[218] | 91 | { |
---|
[367] | 92 | if( is_array($_POST[$k]) ) |
---|
[218] | 93 | { |
---|
[367] | 94 | while( list($k2, $v2) = each($_POST[$k]) ) |
---|
| 95 | { |
---|
| 96 | $_POST[$k][$k2] = addslashes($v2); |
---|
| 97 | } |
---|
| 98 | @reset($_POST[$k]); |
---|
[218] | 99 | } |
---|
| 100 | else |
---|
| 101 | { |
---|
[367] | 102 | $_POST[$k] = addslashes($v); |
---|
[218] | 103 | } |
---|
| 104 | } |
---|
[367] | 105 | @reset($_POST); |
---|
| 106 | } |
---|
| 107 | |
---|
[1855] | 108 | if( is_array($_GET) ) |
---|
| 109 | { |
---|
| 110 | while( list($k, $v) = each($_GET) ) |
---|
| 111 | { |
---|
| 112 | if( is_array($_GET[$k]) ) |
---|
| 113 | { |
---|
| 114 | while( list($k2, $v2) = each($_GET[$k]) ) |
---|
| 115 | { |
---|
| 116 | $_GET[$k][$k2] = addslashes($v2); |
---|
| 117 | } |
---|
| 118 | @reset($_GET[$k]); |
---|
| 119 | } |
---|
| 120 | else |
---|
| 121 | { |
---|
| 122 | $_GET[$k] = addslashes($v); |
---|
| 123 | } |
---|
| 124 | } |
---|
| 125 | @reset($_GET); |
---|
| 126 | } |
---|
| 127 | |
---|
[367] | 128 | if( is_array($_COOKIE) ) |
---|
| 129 | { |
---|
| 130 | while( list($k, $v) = each($_COOKIE) ) |
---|
[218] | 131 | { |
---|
[367] | 132 | if( is_array($_COOKIE[$k]) ) |
---|
[218] | 133 | { |
---|
[367] | 134 | while( list($k2, $v2) = each($_COOKIE[$k]) ) |
---|
| 135 | { |
---|
| 136 | $_COOKIE[$k][$k2] = addslashes($v2); |
---|
| 137 | } |
---|
| 138 | @reset($_COOKIE[$k]); |
---|
[218] | 139 | } |
---|
| 140 | else |
---|
| 141 | { |
---|
[367] | 142 | $_COOKIE[$k] = addslashes($v); |
---|
[218] | 143 | } |
---|
| 144 | } |
---|
[367] | 145 | @reset($_COOKIE); |
---|
[218] | 146 | } |
---|
[367] | 147 | } |
---|
[218] | 148 | |
---|
[367] | 149 | //----------------------------------------------------- variable initialization |
---|
[1147] | 150 | |
---|
[2339] | 151 | define('DEFAULT_PREFIX_TABLE', 'piwigo_'); |
---|
[1147] | 152 | |
---|
[367] | 153 | // Obtain various vars |
---|
| 154 | $dbhost = (!empty($_POST['dbhost'])) ? $_POST['dbhost'] : 'localhost'; |
---|
| 155 | $dbuser = (!empty($_POST['dbuser'])) ? $_POST['dbuser'] : ''; |
---|
| 156 | $dbpasswd = (!empty($_POST['dbpasswd'])) ? $_POST['dbpasswd'] : ''; |
---|
| 157 | $dbname = (!empty($_POST['dbname'])) ? $_POST['dbname'] : ''; |
---|
| 158 | |
---|
[1147] | 159 | if (isset($_POST['install'])) |
---|
| 160 | { |
---|
| 161 | $table_prefix = $_POST['prefix']; |
---|
| 162 | } |
---|
| 163 | else |
---|
| 164 | { |
---|
| 165 | $table_prefix = DEFAULT_PREFIX_TABLE; |
---|
| 166 | } |
---|
[367] | 167 | |
---|
| 168 | $admin_name = (!empty($_POST['admin_name'])) ? $_POST['admin_name'] : ''; |
---|
| 169 | $admin_pass1 = (!empty($_POST['admin_pass1'])) ? $_POST['admin_pass1'] : ''; |
---|
| 170 | $admin_pass2 = (!empty($_POST['admin_pass2'])) ? $_POST['admin_pass2'] : ''; |
---|
| 171 | $admin_mail = (!empty($_POST['admin_mail'])) ? $_POST['admin_mail'] : ''; |
---|
| 172 | |
---|
| 173 | $infos = array(); |
---|
| 174 | $errors = array(); |
---|
| 175 | |
---|
| 176 | // Open config.php ... if it exists |
---|
| 177 | $config_file = PHPWG_ROOT_PATH.'include/mysql.inc.php'; |
---|
| 178 | if (@file_exists($config_file)) |
---|
| 179 | { |
---|
[529] | 180 | include($config_file); |
---|
[2339] | 181 | // Is Piwigo already installed ? |
---|
[529] | 182 | if (defined("PHPWG_INSTALLED")) |
---|
| 183 | { |
---|
[2339] | 184 | die('Piwigo is already installed'); |
---|
[529] | 185 | } |
---|
[367] | 186 | } |
---|
| 187 | |
---|
[682] | 188 | $prefixeTable = $table_prefix; |
---|
[819] | 189 | include(PHPWG_ROOT_PATH . 'include/config_default.inc.php'); |
---|
[1079] | 190 | @include(PHPWG_ROOT_PATH. 'include/config_local.inc.php'); |
---|
[529] | 191 | include(PHPWG_ROOT_PATH . 'include/constants.php'); |
---|
| 192 | include(PHPWG_ROOT_PATH . 'include/functions.inc.php'); |
---|
[1221] | 193 | include(PHPWG_ROOT_PATH . 'admin/include/functions.php'); |
---|
[2102] | 194 | include(PHPWG_ROOT_PATH . 'admin/include/functions_upgrade.php'); |
---|
[529] | 195 | |
---|
[2248] | 196 | if (isset($_GET['language'])) |
---|
[405] | 197 | { |
---|
[2248] | 198 | $language = strip_tags($_GET['language']); |
---|
[367] | 199 | } |
---|
[2127] | 200 | else |
---|
[1855] | 201 | { |
---|
[2127] | 202 | $language = 'en_UK'; |
---|
[2248] | 203 | // Try to get browser language |
---|
| 204 | foreach (get_languages('utf-8') as $language_code => $language_name) |
---|
| 205 | { |
---|
| 206 | if (substr($language_code,0,2) == @substr($_SERVER["HTTP_ACCEPT_LANGUAGE"],0,2)) |
---|
| 207 | { |
---|
| 208 | $language = $language_code; |
---|
| 209 | break; |
---|
| 210 | } |
---|
| 211 | } |
---|
[1855] | 212 | } |
---|
[367] | 213 | |
---|
[2479] | 214 | load_language( 'common.lang', '', array('language'=>$language, 'target_charset'=>'utf-8') ); |
---|
| 215 | load_language( 'admin.lang', '', array('language'=>$language, 'target_charset'=>'utf-8') ); |
---|
| 216 | load_language( 'install.lang', '', array('language'=>$language, 'target_charset'=>'utf-8') ); |
---|
[529] | 217 | |
---|
[367] | 218 | //----------------------------------------------------- template initialization |
---|
[2747] | 219 | $template=new Template(PHPWG_ROOT_PATH.'admin/template/goto', 'roma'); |
---|
[367] | 220 | $template->set_filenames( array('install'=>'install.tpl') ); |
---|
| 221 | $step = 1; |
---|
[529] | 222 | //---------------------------------------------------------------- form analyze |
---|
[367] | 223 | if ( isset( $_POST['install'] )) |
---|
| 224 | { |
---|
[382] | 225 | if ( @mysql_connect( $_POST['dbhost'], |
---|
| 226 | $_POST['dbuser'], |
---|
| 227 | $_POST['dbpasswd'] ) ) |
---|
| 228 | { |
---|
| 229 | if ( @mysql_select_db($_POST['dbname'] ) ) |
---|
[367] | 230 | { |
---|
[2201] | 231 | array_push( $infos, l10n('step1_confirmation') ); |
---|
[218] | 232 | } |
---|
[367] | 233 | else |
---|
| 234 | { |
---|
[2201] | 235 | array_push( $errors, l10n('step1_err_db') ); |
---|
[367] | 236 | } |
---|
[2127] | 237 | if ( version_compare(mysql_get_server_info(), '4.1.0', '>=') ) |
---|
| 238 | { |
---|
| 239 | $pwg_charset='utf-8'; |
---|
| 240 | $pwg_db_charset='utf8'; |
---|
| 241 | $install_charset_collate = "DEFAULT CHARACTER SET $pwg_db_charset"; |
---|
| 242 | } |
---|
| 243 | else |
---|
| 244 | { |
---|
| 245 | $pwg_charset='iso-8859-1'; |
---|
| 246 | $pwg_db_charset='latin1'; |
---|
| 247 | $install_charset_collate = ''; |
---|
| 248 | if ( !array_key_exists($language, get_languages($pwg_charset) ) ) |
---|
| 249 | { |
---|
| 250 | $language='en_UK'; |
---|
| 251 | } |
---|
| 252 | } |
---|
[382] | 253 | } |
---|
| 254 | else |
---|
| 255 | { |
---|
[2201] | 256 | array_push( $errors, l10n('step1_err_server') ); |
---|
[382] | 257 | } |
---|
[2127] | 258 | |
---|
[382] | 259 | $webmaster = trim(preg_replace( '/\s{2,}/', ' ', $admin_name )); |
---|
| 260 | if ( empty($webmaster)) |
---|
[2201] | 261 | array_push( $errors, l10n('step2_err_login1') ); |
---|
[382] | 262 | else if ( preg_match( '/[\'"]/', $webmaster ) ) |
---|
[2201] | 263 | array_push( $errors, l10n('step2_err_login3') ); |
---|
[382] | 264 | if ( $admin_pass1 != $admin_pass2 || empty($admin_pass1) ) |
---|
[2201] | 265 | array_push( $errors, l10n('step2_err_pass') ); |
---|
[382] | 266 | if ( empty($admin_mail)) |
---|
[2201] | 267 | array_push( $errors, l10n('reg_err_mail_address') ); |
---|
[2127] | 268 | else |
---|
[382] | 269 | { |
---|
[2124] | 270 | $error_mail_address = validate_mail_address(null, $admin_mail); |
---|
[382] | 271 | if (!empty($error_mail_address)) |
---|
| 272 | array_push( $errors, $error_mail_address ); |
---|
| 273 | } |
---|
[2127] | 274 | |
---|
[382] | 275 | if ( count( $errors ) == 0 ) |
---|
| 276 | { |
---|
| 277 | $step = 2; |
---|
[1147] | 278 | $file_content = '<?php |
---|
| 279 | $cfgBase = \''.$dbname.'\'; |
---|
| 280 | $cfgUser = \''.$dbuser.'\'; |
---|
| 281 | $cfgPassword = \''.$dbpasswd.'\'; |
---|
| 282 | $cfgHote = \''.$dbhost.'\'; |
---|
| 283 | |
---|
| 284 | $prefixeTable = \''.$table_prefix.'\'; |
---|
| 285 | |
---|
| 286 | define(\'PHPWG_INSTALLED\', true); |
---|
[2127] | 287 | define(\'PWG_CHARSET\', \''.$pwg_charset.'\'); |
---|
| 288 | define(\'DB_CHARSET\', \''.$pwg_db_charset.'\'); |
---|
| 289 | define(\'DB_COLLATE\', \'\'); |
---|
| 290 | |
---|
[1147] | 291 | ?'.'>'; |
---|
[2127] | 292 | |
---|
[382] | 293 | @umask(0111); |
---|
| 294 | // writing the configuration file |
---|
| 295 | if ( !($fp = @fopen( $config_file, 'w' ))) |
---|
[367] | 296 | { |
---|
[382] | 297 | $html_content = htmlentities( $file_content, ENT_QUOTES ); |
---|
| 298 | $html_content = nl2br( $html_content ); |
---|
[2747] | 299 | $error_copy = l10n('step1_err_copy'); |
---|
| 300 | $error_copy .= '<br />--------------------------------------------------------------------<br />'; |
---|
| 301 | $error_copy .= '<span class="sql_content">' . $html_content . '</span>'; |
---|
| 302 | $error_copy .= '<br />--------------------------------------------------------------------<br />'; |
---|
[382] | 303 | } |
---|
| 304 | @fputs($fp, $file_content, strlen($file_content)); |
---|
| 305 | @fclose($fp); |
---|
[2127] | 306 | |
---|
[2189] | 307 | // Create empty local files to avoid log errors |
---|
| 308 | create_empty_local_files(); |
---|
| 309 | |
---|
[2339] | 310 | // tables creation, based on piwigo_structure.sql |
---|
[1147] | 311 | execute_sqlfile( |
---|
[2339] | 312 | PHPWG_ROOT_PATH.'install/piwigo_structure.sql', |
---|
[1147] | 313 | DEFAULT_PREFIX_TABLE, |
---|
| 314 | $table_prefix |
---|
| 315 | ); |
---|
[382] | 316 | // We fill the tables with basic informations |
---|
[1147] | 317 | execute_sqlfile( |
---|
| 318 | PHPWG_ROOT_PATH.'install/config.sql', |
---|
| 319 | DEFAULT_PREFIX_TABLE, |
---|
| 320 | $table_prefix |
---|
| 321 | ); |
---|
[218] | 322 | |
---|
[1284] | 323 | // fill $conf global array |
---|
| 324 | load_conf_from_db(); |
---|
| 325 | |
---|
| 326 | $insert = array( |
---|
| 327 | 'id' => 1, |
---|
| 328 | 'galleries_url' => PHPWG_ROOT_PATH.'galleries/', |
---|
| 329 | ); |
---|
| 330 | mass_inserts(SITES_TABLE, array_keys($insert), array($insert)); |
---|
[2127] | 331 | |
---|
[382] | 332 | // webmaster admin user |
---|
[1284] | 333 | $inserts = array( |
---|
| 334 | array( |
---|
| 335 | 'id' => 1, |
---|
| 336 | 'username' => $admin_name, |
---|
| 337 | 'password' => md5($admin_pass1), |
---|
| 338 | 'mail_address' => $admin_mail, |
---|
| 339 | ), |
---|
| 340 | array( |
---|
| 341 | 'id' => 2, |
---|
| 342 | 'username' => 'guest', |
---|
| 343 | ), |
---|
| 344 | ); |
---|
| 345 | mass_inserts(USERS_TABLE, array_keys($inserts[0]), $inserts); |
---|
[801] | 346 | |
---|
[1930] | 347 | create_user_infos(array(1,2), array('language' => $language)); |
---|
[808] | 348 | |
---|
[1027] | 349 | // Available upgrades must be ignored after a fresh installation. To |
---|
| 350 | // make PWG avoid upgrading, we must tell it upgrades have already been |
---|
| 351 | // made. |
---|
[1221] | 352 | list($dbnow) = mysql_fetch_row(pwg_query('SELECT NOW();')); |
---|
| 353 | define('CURRENT_DATE', $dbnow); |
---|
| 354 | $datas = array(); |
---|
[1027] | 355 | foreach (get_available_upgrade_ids() as $upgrade_id) |
---|
| 356 | { |
---|
[1221] | 357 | array_push( |
---|
| 358 | $datas, |
---|
| 359 | array( |
---|
| 360 | 'id' => $upgrade_id, |
---|
| 361 | 'applied' => CURRENT_DATE, |
---|
| 362 | 'description' => 'upgrade included in installation', |
---|
| 363 | ) |
---|
| 364 | ); |
---|
[1027] | 365 | } |
---|
[1221] | 366 | mass_inserts( |
---|
| 367 | UPGRADE_TABLE, |
---|
| 368 | array_keys($datas[0]), |
---|
| 369 | $datas |
---|
| 370 | ); |
---|
[382] | 371 | } |
---|
[367] | 372 | } |
---|
[218] | 373 | |
---|
[2248] | 374 | //------------------------------------------------------ start template output |
---|
| 375 | foreach (get_languages('utf-8') as $language_code => $language_name) |
---|
| 376 | { |
---|
| 377 | if ($language == $language_code) |
---|
| 378 | { |
---|
| 379 | $template->assign('language_selection', $language_code); |
---|
| 380 | } |
---|
| 381 | $languages_options[$language_code] = $language_name; |
---|
| 382 | } |
---|
| 383 | $template->assign('language_options', $languages_options); |
---|
| 384 | |
---|
| 385 | $template->assign( |
---|
[529] | 386 | array( |
---|
[2248] | 387 | 'T_CONTENT_ENCODING' => 'utf-8', |
---|
[529] | 388 | 'RELEASE'=>PHPWG_VERSION, |
---|
[2248] | 389 | 'F_ACTION' => 'install.php?language=' . $language, |
---|
[529] | 390 | 'F_DB_HOST'=>$dbhost, |
---|
| 391 | 'F_DB_USER'=>$dbuser, |
---|
| 392 | 'F_DB_NAME'=>$dbname, |
---|
[2248] | 393 | 'F_DB_PREFIX' => $table_prefix, |
---|
[529] | 394 | 'F_ADMIN'=>$admin_name, |
---|
| 395 | 'F_ADMIN_EMAIL'=>$admin_mail, |
---|
[2248] | 396 | 'L_INSTALL_HELP'=>sprintf(l10n('install_help'), 'http://forum.'.PHPWG_DOMAIN.'/'), |
---|
[529] | 397 | )); |
---|
| 398 | |
---|
| 399 | //------------------------------------------------------ errors & infos display |
---|
[2747] | 400 | if ($step == 1) |
---|
| 401 | { |
---|
| 402 | $template->assign('install', true); |
---|
| 403 | } |
---|
| 404 | else |
---|
| 405 | { |
---|
| 406 | array_push($infos, l10n('install_end_message')); |
---|
| 407 | |
---|
| 408 | if (isset($error_copy)) |
---|
| 409 | { |
---|
| 410 | array_push($errors, $error_copy); |
---|
| 411 | } |
---|
| 412 | } |
---|
[2248] | 413 | if (count($errors) != 0) |
---|
[367] | 414 | { |
---|
[2248] | 415 | $template->assign('errors', $errors); |
---|
[367] | 416 | } |
---|
[218] | 417 | |
---|
[2248] | 418 | if (count($infos) != 0 ) |
---|
[367] | 419 | { |
---|
[2248] | 420 | $template->assign('infos', $infos); |
---|
[367] | 421 | } |
---|
[218] | 422 | |
---|
| 423 | //----------------------------------------------------------- html code display |
---|
[367] | 424 | $template->pparse('install'); |
---|
[362] | 425 | ?> |
---|