Context Navigation

source: trunk/install.php @ 4385

Last change on this file since 4385 was 4385, checked in by nikrou, 14 years ago

Feature_1255 :

single quotes in queries
start using $confdblayer

Property svn:eol-style set to LF

File size: 13.7 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| Piwigo - a PHP based picture gallery \|
4	// +-----------------------------------------------------------------------+
5	// \| Copyright(C) 2008-2009 Piwigo Team http://piwigo.org \|
6	// \| Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net \|
7	// \| Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick \|
8	// +-----------------------------------------------------------------------+
9	// \| This program is free software; you can redistribute it and/or modify \|
10	// \| it under the terms of the GNU General Public License as published by \|
11	// \| the Free Software Foundation \|
12	// \| \|
13	// \| This program is distributed in the hope that it will be useful, but \|
14	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
15	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
16	// \| General Public License for more details. \|
17	// \| \|
18	// \| You should have received a copy of the GNU General Public License \|
19	// \| along with this program; if not, write to the Free Software \|
20	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
21	// \| USA. \|
22	// +-----------------------------------------------------------------------+
23
24	//----------------------------------------------------------- include
25	define('PHPWG_ROOT_PATH','./');
26
27	/**
28	* loads an sql file and executes all queries
29	*
30	* Before executing a query, $replaced is... replaced by $replacing. This is
31	* useful when the SQL file contains generic words. Drop table queries are
32	* not executed.
33	*
34	* @param string filepath
35	* @param string replaced
36	* @param string replacing
37	* @return void
38	*/
39	function execute_sqlfile($filepath, $replaced, $replacing)
40	{
41	$sql_lines = file($filepath);
42	$query = '';
43	foreach ($sql_lines as $sql_line)
44	{
45	$sql_line = trim($sql_line);
46	if (preg_match('/(^--\|^$)/', $sql_line))
47	{
48	continue;
49	}
50	$query.= ' '.$sql_line;
51	// if we reached the end of query, we execute it and reinitialize the
52	// variable "query"
53	if (preg_match('/;$/', $sql_line))
54	{
55	$query = trim($query);
56	$query = str_replace($replaced, $replacing, $query);
57	// we don't execute "DROP TABLE" queries
58	if (!preg_match('/^DROP TABLE/i', $query))
59	{
60	global $install_charset_collate;
61	if ( !empty($install_charset_collate) )
62	{
63	if ( preg_match('/^(CREATE TABLE .)[\s];[\s]*/im', $query, $matches) )
64	{
65	$query = $matches[1].' '.$install_charset_collate.';';
66	}
67	}
68	pwg_query($query);
69	}
70	$query = '';
71	}
72	}
73	}
74
75	@set_magic_quotes_runtime(0); // Disable magic_quotes_runtime
76	//
77	// addslashes to vars if magic_quotes_gpc is off this is a security
78	// precaution to prevent someone trying to break out of a SQL statement.
79	//
80	if( !@get_magic_quotes_gpc() )
81	{
82	if( is_array($_POST) )
83	{
84	while( list($k, $v) = each($_POST) )
85	{
86	if( is_array($_POST[$k]) )
87	{
88	while( list($k2, $v2) = each($_POST[$k]) )
89	{
90	$_POST[$k][$k2] = addslashes($v2);
91	}
92	@reset($_POST[$k]);
93	}
94	else
95	{
96	$_POST[$k] = addslashes($v);
97	}
98	}
99	@reset($_POST);
100	}
101
102	if( is_array($_GET) )
103	{
104	while( list($k, $v) = each($_GET) )
105	{
106	if( is_array($_GET[$k]) )
107	{
108	while( list($k2, $v2) = each($_GET[$k]) )
109	{
110	$_GET[$k][$k2] = addslashes($v2);
111	}
112	@reset($_GET[$k]);
113	}
114	else
115	{
116	$_GET[$k] = addslashes($v);
117	}
118	}
119	@reset($_GET);
120	}
121
122	if( is_array($_COOKIE) )
123	{
124	while( list($k, $v) = each($_COOKIE) )
125	{
126	if( is_array($_COOKIE[$k]) )
127	{
128	while( list($k2, $v2) = each($_COOKIE[$k]) )
129	{
130	$_COOKIE[$k][$k2] = addslashes($v2);
131	}
132	@reset($_COOKIE[$k]);
133	}
134	else
135	{
136	$_COOKIE[$k] = addslashes($v);
137	}
138	}
139	@reset($_COOKIE);
140	}
141	}
142
143	//----------------------------------------------------- variable initialization
144
145	define('DEFAULT_PREFIX_TABLE', 'piwigo_');
146
147	// Obtain various vars
148	$dbhost = (!empty($_POST['dbhost'])) ? $_POST['dbhost'] : 'localhost';
149	$dbuser = (!empty($_POST['dbuser'])) ? $_POST['dbuser'] : '';
150	$dbpasswd = (!empty($_POST['dbpasswd'])) ? $_POST['dbpasswd'] : '';
151	$dbname = (!empty($_POST['dbname'])) ? $_POST['dbname'] : '';
152
153	if (isset($_POST['install']))
154	{
155	$table_prefix = $_POST['prefix'];
156	}
157	else
158	{
159	$table_prefix = DEFAULT_PREFIX_TABLE;
160	}
161
162	$admin_name = (!empty($_POST['admin_name'])) ? $_POST['admin_name'] : '';
163	$admin_pass1 = (!empty($_POST['admin_pass1'])) ? $_POST['admin_pass1'] : '';
164	$admin_pass2 = (!empty($_POST['admin_pass2'])) ? $_POST['admin_pass2'] : '';
165	$admin_mail = (!empty($_POST['admin_mail'])) ? $_POST['admin_mail'] : '';
166
167	$infos = array();
168	$errors = array();
169
170	// Open config.php ... if it exists
171	$config_file = PHPWG_ROOT_PATH.'include/config_database.inc.php';
172	if (@file_exists($config_file))
173	{
174	include($config_file);
175	// Is Piwigo already installed ?
176	if (defined("PHPWG_INSTALLED"))
177	{
178	die('Piwigo is already installed');
179	}
180	}
181
182	$prefixeTable = $table_prefix;
183	include(PHPWG_ROOT_PATH . 'include/config_default.inc.php');
184	@include(PHPWG_ROOT_PATH. 'include/config_local.inc.php');
185	include(PHPWG_ROOT_PATH . 'include/dblayer/functions_mysql.inc.php');
186	include(PHPWG_ROOT_PATH . 'include/constants.php');
187	include(PHPWG_ROOT_PATH . 'include/functions.inc.php');
188	include(PHPWG_ROOT_PATH . 'admin/include/functions.php');
189	include(PHPWG_ROOT_PATH . 'admin/include/functions_upgrade.php');
190
191	if (isset($_GET['language']))
192	{
193	$language = strip_tags($_GET['language']);
194	}
195	else
196	{
197	$language = 'en_UK';
198	// Try to get browser language
199	foreach (get_languages('utf-8') as $language_code => $language_name)
200	{
201	if (substr($language_code,0,2) == @substr($_SERVER["HTTP_ACCEPT_LANGUAGE"],0,2))
202	{
203	$language = $language_code;
204	break;
205	}
206	}
207	}
208
209	if ('fr_FR' == $language) {
210	define('PHPWG_DOMAIN', 'fr.piwigo.org');
211	}
212	else if ('de_DE' == $language) {
213	define('PHPWG_DOMAIN', 'de.piwigo.org');
214	}
215	else if ('es_ES' == $language) {
216	define('PHPWG_DOMAIN', 'es.piwigo.org');
217	}
218	else {
219	define('PHPWG_DOMAIN', 'piwigo.org');
220	}
221	define('PHPWG_URL', 'http://'.PHPWG_DOMAIN);
222
223	load_language( 'common.lang', '', array('language'=>$language, 'target_charset'=>'utf-8') );
224	load_language( 'admin.lang', '', array('language'=>$language, 'target_charset'=>'utf-8') );
225	load_language( 'install.lang', '', array('language'=>$language, 'target_charset'=>'utf-8') );
226
227	//------------------------------------------------- check php version
228	if (version_compare(PHP_VERSION, REQUIRED_PHP_VERSION, '<'))
229	{
230	include(PHPWG_ROOT_PATH.'install/php5_apache_configuration.php');
231	}
232
233	//----------------------------------------------------- template initialization
234	include( PHPWG_ROOT_PATH .'include/template.class.php');
235	$template=new Template(PHPWG_ROOT_PATH.'admin/template/goto', 'roma');
236	$template->set_filenames( array('install'=>'install.tpl') );
237	$step = 1;
238	//---------------------------------------------------------------- form analyze
239	if ( isset( $_POST['install'] ))
240	{
241	if ( @mysql_connect( $_POST['dbhost'],
242	$_POST['dbuser'],
243	$_POST['dbpasswd'] ) )
244	{
245	if ( @mysql_select_db($_POST['dbname'] ) )
246	{
247	array_push( $infos, l10n('step1_confirmation') );
248	}
249	else
250	{
251	array_push( $errors, l10n('step1_err_db') );
252	}
253	if ( version_compare(mysql_get_server_info(), '4.1.0', '>=') )
254	{
255	$pwg_charset='utf-8';
256	$pwg_db_charset='utf8';
257	$install_charset_collate = "DEFAULT CHARACTER SET $pwg_db_charset";
258	}
259	else
260	{
261	$pwg_charset='iso-8859-1';
262	$pwg_db_charset='latin1';
263	$install_charset_collate = '';
264	if ( !array_key_exists($language, get_languages($pwg_charset) ) )
265	{
266	$language='en_UK';
267	}
268	}
269	}
270	else
271	{
272	array_push( $errors, l10n('step1_err_server') );
273	}
274
275	$webmaster = trim(preg_replace( '/\s{2,}/', ' ', $admin_name ));
276	if ( empty($webmaster))
277	array_push( $errors, l10n('step2_err_login1') );
278	else if ( preg_match( '/[\'"]/', $webmaster ) )
279	array_push( $errors, l10n('step2_err_login3') );
280	if ( $admin_pass1 != $admin_pass2 \|\| empty($admin_pass1) )
281	array_push( $errors, l10n('step2_err_pass') );
282	if ( empty($admin_mail))
283	array_push( $errors, l10n('reg_err_mail_address') );
284	else
285	{
286	$error_mail_address = validate_mail_address(null, $admin_mail);
287	if (!empty($error_mail_address))
288	array_push( $errors, $error_mail_address );
289	}
290
291	if ( count( $errors ) == 0 )
292	{
293	$step = 2;
294	$file_content = '<?php
295	$conf[\'dblayer\'] = \'mysql\';
296	$conf[\'db_base\'] = \''.$dbname.'\';
297	$conf[\'db_user\'] = \''.$dbuser.'\';
298	$conf[\'db_password\'] = \''.$dbpasswd.'\';
299	$conf[\'db_host\'] = \''.$dbhost.'\';
300
301	$prefixeTable = \''.$table_prefix.'\';
302
303	define(\'PHPWG_INSTALLED\', true);
304	define(\'PWG_CHARSET\', \''.$pwg_charset.'\');
305	define(\'DB_CHARSET\', \''.$pwg_db_charset.'\');
306	define(\'DB_COLLATE\', \'\');
307
308	?'.'>';
309
310	@umask(0111);
311	// writing the configuration file
312	if ( !($fp = @fopen( $config_file, 'w' )))
313	{
314	$html_content = htmlentities( $file_content, ENT_QUOTES );
315	$html_content = nl2br( $html_content );
316	$error_copy = l10n('step1_err_copy');
317	$error_copy .= '<br>--------------------------------------------------------------------<br>';
318	$error_copy .= '<span class="sql_content">' . $html_content . '</span>';
319	$error_copy .= '<br>--------------------------------------------------------------------<br>';
320	}
321	@fputs($fp, $file_content, strlen($file_content));
322	@fclose($fp);
323
324	// Create empty local files to avoid log errors
325	create_empty_local_files();
326
327	// tables creation, based on piwigo_structure.sql
328	execute_sqlfile(
329	PHPWG_ROOT_PATH.'install/piwigo_structure.sql',
330	DEFAULT_PREFIX_TABLE,
331	$table_prefix
332	);
333	// We fill the tables with basic informations
334	execute_sqlfile(
335	PHPWG_ROOT_PATH.'install/config.sql',
336	DEFAULT_PREFIX_TABLE,
337	$table_prefix
338	);
339
340	// fill $conf global array
341	load_conf_from_db();
342
343	$insert = array(
344	'id' => 1,
345	'galleries_url' => PHPWG_ROOT_PATH.'galleries/',
346	);
347	mass_inserts(SITES_TABLE, array_keys($insert), array($insert));
348
349	// webmaster admin user
350	$inserts = array(
351	array(
352	'id' => 1,
353	'username' => $admin_name,
354	'password' => md5($admin_pass1),
355	'mail_address' => $admin_mail,
356	),
357	array(
358	'id' => 2,
359	'username' => 'guest',
360	),
361	);
362	mass_inserts(USERS_TABLE, array_keys($inserts[0]), $inserts);
363
364	create_user_infos(array(1,2), array('language' => $language));
365
366	// Available upgrades must be ignored after a fresh installation. To
367	// make PWG avoid upgrading, we must tell it upgrades have already been
368	// made.
369	list($dbnow) = pwg_db_fetch_row(pwg_query('SELECT NOW();'));
370	define('CURRENT_DATE', $dbnow);
371	$datas = array();
372	foreach (get_available_upgrade_ids() as $upgrade_id)
373	{
374	array_push(
375	$datas,
376	array(
377	'id' => $upgrade_id,
378	'applied' => CURRENT_DATE,
379	'description' => 'upgrade included in installation',
380	)
381	);
382	}
383	mass_inserts(
384	UPGRADE_TABLE,
385	array_keys($datas[0]),
386	$datas
387	);
388	}
389	}
390
391	//------------------------------------------------------ start template output
392	foreach (get_languages('utf-8') as $language_code => $language_name)
393	{
394	if ($language == $language_code)
395	{
396	$template->assign('language_selection', $language_code);
397	}
398	$languages_options[$language_code] = $language_name;
399	}
400	$template->assign('language_options', $languages_options);
401
402	$template->assign(
403	array(
404	'T_CONTENT_ENCODING' => 'utf-8',
405	'RELEASE'=>PHPWG_VERSION,
406	'F_ACTION' => 'install.php?language=' . $language,
407	'F_DB_HOST'=>$dbhost,
408	'F_DB_USER'=>$dbuser,
409	'F_DB_NAME'=>$dbname,
410	'F_DB_PREFIX' => $table_prefix,
411	'F_ADMIN'=>$admin_name,
412	'F_ADMIN_EMAIL'=>$admin_mail,
413	'L_INSTALL_HELP'=>sprintf(l10n('install_help'), PHPWG_URL.'/forum'),
414	));
415
416	//------------------------------------------------------ errors & infos display
417	if ($step == 1)
418	{
419	$template->assign('install', true);
420	}
421	else
422	{
423	array_push($infos, l10n('install_end_message'));
424
425	if (isset($error_copy))
426	{
427	array_push($errors, $error_copy);
428	}
429	else
430	{
431	session_set_save_handler('pwg_session_open',
432	'pwg_session_close',
433	'pwg_session_read',
434	'pwg_session_write',
435	'pwg_session_destroy',
436	'pwg_session_gc'
437	);
438	if ( function_exists('ini_set') )
439	{
440	ini_set('session.use_cookies', $conf['session_use_cookies']);
441	ini_set('session.use_only_cookies', $conf['session_use_only_cookies']);
442	ini_set('session.use_trans_sid', intval($conf['session_use_trans_sid']));
443	ini_set('session.cookie_httponly', 1);
444	}
445	session_name($conf['session_name']);
446	session_set_cookie_params(0, cookie_path());
447	$user = build_user(1, true);
448	log_user($user['id'], false);
449	}
450
451	$template->assign(
452	'SUBSCRIBE_BASE_URL',
453	get_newsletter_subscribe_base_url($language)
454	);
455	}
456	if (count($errors) != 0)
457	{
458	$template->assign('errors', $errors);
459	}
460
461	if (count($infos) != 0 )
462	{
463	$template->assign('infos', $infos);
464	}
465
466	//----------------------------------------------------------- html code display
467	$template->pparse('install');
468	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: