Context Navigation

source: trunk/install.php @ 808

Last change on this file since 808 was 808, checked in by plg, 19 years ago

new : external authentication in another users table. Previous users table is divided between users (common properties with any web application) and user_infos (phpwebgallery specific informations). External table and fields can be configured.

modification : profile.php is not reachable through administration anymore (not useful).

modification : in profile.php, current password is mandatory only if user tries to change his password. Username can't be changed.

deletion : of obsolete functions get_user_restrictions, update_user_restrictions, get_user_all_restrictions, is_user_allowed, update_user

modification : $userforbidden_categories equals at least "-1" so that category_id NOT IN ($userforbidden_categories) can always be used.

modification : user_forbidden table becomes user_cache so that not only restriction informations can be stored in this table.

Property svn:eol-style set to native
Property svn:keywords set to Author Date Id Revision

File size: 12.6 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| PhpWebGallery - a PHP based picture gallery \|
4	// \| Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net \|
5	// \| Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net \|
6	// +-----------------------------------------------------------------------+
7	// \| branch : BSF (Best So Far)
8	// \| file : $RCSfile$
9	// \| last update : $Date: 2005-08-08 20:52:19 +0000 (Mon, 08 Aug 2005) $
10	// \| last modifier : $Author: plg $
11	// \| revision : $Revision: 808 $
12	// +-----------------------------------------------------------------------+
13	// \| This program is free software; you can redistribute it and/or modify \|
14	// \| it under the terms of the GNU General Public License as published by \|
15	// \| the Free Software Foundation \|
16	// \| \|
17	// \| This program is distributed in the hope that it will be useful, but \|
18	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
19	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
20	// \| General Public License for more details. \|
21	// \| \|
22	// \| You should have received a copy of the GNU General Public License \|
23	// \| along with this program; if not, write to the Free Software \|
24	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
25	// \| USA. \|
26	// +-----------------------------------------------------------------------+
27
28	//----------------------------------------------------------- include
29	define('PHPWG_ROOT_PATH','./');
30
31	// Guess an initial language ...
32	function guess_lang()
33	{
34	return 'en_UK.iso-8859-1';
35
36	// $languages = array();
37	// $i = 0;
38	// if ($opendir = opendir(PHPWG_ROOT_PATH.'language/'))
39	// {
40	// while ( $file = readdir ( $opendir ) )
41	// {
42	// if ( is_dir ( PHPWG_ROOT_PATH.'language/'.$file )&& !substr_count($file,'.'))
43	// {
44	// $languages[$i++] =$file;
45	// }
46	// }
47	// }
48
49	// if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE']))
50	// {
51	// $accept_lang_ary = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']);
52	// for ($i = 0; $i < sizeof($accept_lang_ary); $i++)
53	// {
54	// for ($j=0; $j<sizeof($languages); $j++)
55	// {
56	// if (preg_match('#' . substr($languages[$j],0,2) . '#i', substr(trim($accept_lang_ary[$i]),0,2)))
57	// {
58	// if (file_exists(PHPWG_ROOT_PATH . 'language/' . $languages[$j].'/install.lang.php'))
59	// {
60	// return $languages[$j];
61	// }
62	// }
63	// }
64	// }
65	// }
66	// return 'en_EN';
67	}
68
69	/**
70	* loads an sql file and executes all queries
71	*
72	* Before executing a query, $replaced is... replaced by $replacing. This is
73	* useful when the SQL file contains generic words. Drop table queries are
74	* not executed.
75	*
76	* @param string filepath
77	* @param string replaced
78	* @param string replacing
79	* @return void
80	*/
81	function execute_sqlfile($filepath, $replaced, $replacing)
82	{
83	$sql_lines = file($filepath);
84	$query = '';
85	foreach ($sql_lines as $sql_line)
86	{
87	$sql_line = trim($sql_line);
88	if (preg_match('/(^--\|^$)/', $sql_line))
89	{
90	continue;
91	}
92	$query.= ' '.$sql_line;
93	// if we reached the end of query, we execute it and reinitialize the
94	// variable "query"
95	if (preg_match('/;$/', $sql_line))
96	{
97	$query = trim($query);
98	$query = str_replace($replaced, $replacing, $query);
99	// we don't execute "DROP TABLE" queries
100	if (!preg_match('/^DROP TABLE/i', $query))
101	{
102	mysql_query($query);
103	}
104	$query = '';
105	}
106	}
107	}
108
109	set_magic_quotes_runtime(0); // Disable magic_quotes_runtime
110	//
111	// addslashes to vars if magic_quotes_gpc is off this is a security
112	// precaution to prevent someone trying to break out of a SQL statement.
113	//
114	if( !get_magic_quotes_gpc() )
115	{
116	if( is_array($_POST) )
117	{
118	while( list($k, $v) = each($_POST) )
119	{
120	if( is_array($_POST[$k]) )
121	{
122	while( list($k2, $v2) = each($_POST[$k]) )
123	{
124	$_POST[$k][$k2] = addslashes($v2);
125	}
126	@reset($_POST[$k]);
127	}
128	else
129	{
130	$_POST[$k] = addslashes($v);
131	}
132	}
133	@reset($_POST);
134	}
135
136	if( is_array($_COOKIE) )
137	{
138	while( list($k, $v) = each($_COOKIE) )
139	{
140	if( is_array($_COOKIE[$k]) )
141	{
142	while( list($k2, $v2) = each($_COOKIE[$k]) )
143	{
144	$_COOKIE[$k][$k2] = addslashes($v2);
145	}
146	@reset($_COOKIE[$k]);
147	}
148	else
149	{
150	$_COOKIE[$k] = addslashes($v);
151	}
152	}
153	@reset($_COOKIE);
154	}
155	}
156
157	//----------------------------------------------------- variable initialization
158	$install_style = 'default';
159
160	// Obtain various vars
161	$dbhost = (!empty($_POST['dbhost'])) ? $_POST['dbhost'] : 'localhost';
162	$dbuser = (!empty($_POST['dbuser'])) ? $_POST['dbuser'] : '';
163	$dbpasswd = (!empty($_POST['dbpasswd'])) ? $_POST['dbpasswd'] : '';
164	$dbname = (!empty($_POST['dbname'])) ? $_POST['dbname'] : '';
165
166	$table_prefix = (!empty($_POST['prefix'])) ? $_POST['prefix'] : 'phpwebgallery_';
167
168	$admin_name = (!empty($_POST['admin_name'])) ? $_POST['admin_name'] : '';
169	$admin_pass1 = (!empty($_POST['admin_pass1'])) ? $_POST['admin_pass1'] : '';
170	$admin_pass2 = (!empty($_POST['admin_pass2'])) ? $_POST['admin_pass2'] : '';
171	$admin_mail = (!empty($_POST['admin_mail'])) ? $_POST['admin_mail'] : '';
172
173	$infos = array();
174	$errors = array();
175
176	// Open config.php ... if it exists
177	$config_file = PHPWG_ROOT_PATH.'include/mysql.inc.php';
178	if (@file_exists($config_file))
179	{
180	include($config_file);
181	// Is PhpWebGallery already installed ?
182	if (defined("PHPWG_INSTALLED"))
183	{
184	die('PhpWebGallery is already installed');
185	}
186	}
187
188	$prefixeTable = $table_prefix;
189	include(PHPWG_ROOT_PATH . 'include/constants.php');
190	include(PHPWG_ROOT_PATH . 'include/functions.inc.php');
191	include(PHPWG_ROOT_PATH . 'include/template.php');
192
193	if ( isset( $_POST['language'] ))
194	{
195	$language = strip_tags($_POST['language']);
196	}
197	else
198	{
199	$language = guess_lang();
200	}
201
202	if (!file_exists(PHPWG_ROOT_PATH.'language/'.$language.'/install.lang.php'))
203	{
204	$language = 'en_UK.iso-8859-1';
205	}
206
207	include( './language/'.$language.'/common.lang.php' );
208	include( './language/'.$language.'/admin.lang.php' );
209	include( './language/'.$language.'/install.lang.php' );
210	//----------------------------------------------------- template initialization
211	$template=setup_style($install_style);
212	$template->set_filenames( array('install'=>'install.tpl') );
213	$step = 1;
214	//---------------------------------------------------------------- form analyze
215	if ( isset( $_POST['install'] ))
216	{
217	if ( @mysql_connect( $_POST['dbhost'],
218	$_POST['dbuser'],
219	$_POST['dbpasswd'] ) )
220	{
221	if ( @mysql_select_db($_POST['dbname'] ) )
222	{
223	array_push( $infos, $lang['step1_confirmation'] );
224	}
225	else
226	{
227	array_push( $errors, $lang['step1_err_db'] );
228	}
229	}
230	else
231	{
232	array_push( $errors, $lang['step1_err_server'] );
233	}
234
235	$webmaster = trim(preg_replace( '/\s{2,}/', ' ', $admin_name ));
236	if ( empty($webmaster))
237	array_push( $errors, $lang['step2_err_login1'] );
238	else if ( preg_match( '/[\'"]/', $webmaster ) )
239	array_push( $errors, $lang['step2_err_login3'] );
240	if ( $admin_pass1 != $admin_pass2 \|\| empty($admin_pass1) )
241	array_push( $errors, $lang['step2_err_pass'] );
242	if ( empty($admin_mail))
243	array_push( $errors, $lang['reg_err_mail_address'] );
244	else
245	{
246	$error_mail_address = validate_mail_address($admin_mail);
247	if (!empty($error_mail_address))
248	array_push( $errors, $error_mail_address );
249	}
250
251	if ( count( $errors ) == 0 )
252	{
253	$step = 2;
254	$file_content = "<?php";
255	$file_content.= "\n\$cfgBase = '". $dbname."';";
256	$file_content.= "\n\$cfgUser = '". $dbuser."';";
257	$file_content.= "\n\$cfgPassword = '". $dbpasswd."';";
258	$file_content.= "\n\$cfgHote = '". $dbhost."';";
259	$file_content.= "\n";
260	$file_content.= "\n\$prefixeTable = '".$table_prefix."';";
261	$file_content.= "\n";
262	$file_content.= "\ndefine('PHPWG_INSTALLED', true);";
263	$file_content.= "\n?".">";
264
265	@umask(0111);
266	// writing the configuration file
267	if ( !($fp = @fopen( $config_file, 'w' )))
268	{
269	$html_content = htmlentities( $file_content, ENT_QUOTES );
270	$html_content = nl2br( $html_content );
271	$template->assign_block_vars('error_copy',
272	array('FILE_CONTENT'=>$html_content));
273	}
274	@fputs($fp, $file_content, strlen($file_content));
275	@fclose($fp);
276
277	// tables creation, based on phpwebgallery_structure.sql
278	execute_sqlfile( PHPWG_ROOT_PATH.'install/phpwebgallery_structure.sql'
279	, 'phpwebgallery_'
280	, $table_prefix );
281	// We fill the tables with basic informations
282	execute_sqlfile( PHPWG_ROOT_PATH.'install/config.sql'
283	, 'phpwebgallery_'
284	, $table_prefix );
285
286	$query = 'UPDATE '.CONFIG_TABLE;
287	$query.= " SET value = '".$admin_mail."'";
288	$query.= " WHERE param = 'mail_webmaster'";
289	$query.= ';';
290	mysql_query( $query );
291
292	$query = 'UPDATE '.CONFIG_TABLE;
293	$query.= " SET value = '".$language."'";
294	$query.= " WHERE param = 'default_language'";
295	$query.= ';';
296	mysql_query( $query );
297
298	$query = 'INSERT INTO '.SITES_TABLE;
299	$query.= " (id,galleries_url) VALUES (1, '".PHPWG_ROOT_PATH."galleries/');";
300	mysql_query( $query );
301
302	// webmaster admin user
303	$query = '
304	INSERT INTO '.USERS_TABLE.'
305	(id,username,password,mail_address)
306	VALUES
307	(1,\''.$admin_name.'\',\''.md5($admin_pass1).'\',\''.$admin_mail.'\')
308	;';
309	mysql_query($query);
310
311	$query = '
312	INSERT INTO '.USER_INFOS_TABLE.'
313	(user_id,status,language)
314	VALUES
315	(1, \'admin\', \''.$language.'\')
316	;';
317	mysql_query($query);
318
319	$query = '
320	UPDATE '.USER_INFOS_TABLE.'
321	SET feed_id = \''.find_available_feed_id().'\'
322	WHERE user_id = 1
323	;';
324	mysql_query($query);
325
326	// guest user
327	$query = '
328	INSERT INTO '.USERS_TABLE.'
329	(id,username,password,mail_address)
330	VALUES
331	(2,\'guest\',\'\',\'\')
332	;';
333	mysql_query($query);
334
335	$query = '
336	INSERT INTO '.USER_INFOS_TABLE.'
337	(user_id,status,language)
338	VALUES
339	(2, \'guest\', \''.$language.'\')
340	;';
341	mysql_query($query);
342	}
343	}
344
345	$template->assign_vars(
346	array(
347	'RELEASE'=>PHPWG_VERSION,
348
349	'L_BASE_TITLE'=>$lang['Initial_config'],
350	'L_LANG_TITLE'=>$lang['Default_lang'],
351	'L_DB_TITLE'=>$lang['step1_title'],
352	'L_DB_HOST'=>$lang['step1_host'],
353	'L_DB_HOST_INFO'=>$lang['step1_host_info'],
354	'L_DB_USER'=>$lang['step1_user'],
355	'L_DB_USER_INFO'=>$lang['step1_user_info'],
356	'L_DB_PASS'=>$lang['step1_pass'],
357	'L_DB_PASS_INFO'=>$lang['step1_pass_info'],
358	'L_DB_NAME'=>$lang['step1_database'],
359	'L_DB_NAME_INFO'=>$lang['step1_database_info'],
360	'L_DB_PREFIX'=>$lang['step1_prefix'],
361	'L_DB_PREFIX_INFO'=>$lang['step1_prefix_info'],
362	'L_ADMIN_TITLE'=>$lang['step2_title'],
363	'L_ADMIN'=>$lang['install_webmaster'],
364	'L_ADMIN_INFO'=>$lang['install_webmaster_info'],
365	'L_ADMIN_PASSWORD'=>$lang['step2_pwd'],
366	'L_ADMIN_PASSWORD_INFO'=>$lang['step2_pwd_info'],
367	'L_ADMIN_CONFIRM_PASSWORD'=>$lang['step2_pwd_conf'],
368	'L_ADMIN_CONFIRM_PASSWORD_INFO'=>$lang['step2_pwd_conf_info'],
369	'L_ADMIN_EMAIL'=>$lang['conf_mail_webmaster'],
370	'L_ADMIN_EMAIL_INFO'=>$lang['conf_mail_webmaster_info'],
371	'L_SUBMIT'=>$lang['Start_Install'],
372	'L_HELP'=>$lang['install_help'],
373	'L_ERR_COPY'=>$lang['step1_err_copy'],
374	'L_END_TITLE'=>$lang['install_end_title'],
375	'L_END_MESSAGE'=>$lang['install_end_message'],
376
377	'F_ACTION'=>'install.php',
378	'F_DB_HOST'=>$dbhost,
379	'F_DB_USER'=>$dbuser,
380	'F_DB_NAME'=>$dbname,
381	'F_DB_PREFIX'=>$table_prefix,
382	'F_ADMIN'=>$admin_name,
383	'F_ADMIN_EMAIL'=>$admin_mail,
384	'F_LANG_SELECT'=>language_select($language),
385
386	'T_CONTENT_ENCODING' => $lang_info['charset']
387	));
388
389	//------------------------------------------------------ errors & infos display
390	if ( sizeof( $errors ) != 0 )
391	{
392	$template->assign_block_vars('errors',array());
393	for ( $i = 0; $i < sizeof( $errors ); $i++ )
394	{
395	$template->assign_block_vars('errors.error',array('ERROR'=>$errors[$i]));
396	}
397	}
398
399	if ( sizeof( $infos ) != 0 )
400	{
401	$template->assign_block_vars('infos',array());
402	for ( $i = 0; $i < sizeof( $infos ); $i++ )
403	{
404	$template->assign_block_vars('infos.info',array('INFO'=>$infos[$i]));
405	}
406	}
407
408	if ($step ==1)
409	{
410	$template->assign_block_vars('install',array());
411	}
412	else
413	{
414	$template->assign_block_vars('install_end',array());
415	}
416
417	//----------------------------------------------------------- html code display
418	$template->pparse('install');
419	?>

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: trunk/install.php @ 808

Download in other formats: