source: branches/1.6/install.php @ 24270

Last change on this file since 24270 was 1282, checked in by plg, 19 years ago

bug 228 fixed one more time ;-): use boolean_to_string on
$confnewuser_default_enabled_high during user infos creation. Useless
use of boolean_to_string on $confnewcat_default_status was removed.

modification: loading configuration parameter from database was moved to a
dedicated function to be called from include/common.inc.php and from
install.php.

improvement: use of clean insert function during install.

bug fixed: during user information creation, support new status
webmaster/normal/guest instead of admin/guest.

bug fixed: during install, no need to insert obsolete mail_webmaster
configuration parameter.

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 12.0 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | PhpWebGallery - a PHP based picture gallery                           |
4// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
5// | Copyright (C) 2003-2006 PhpWebGallery Team - http://phpwebgallery.net |
6// +-----------------------------------------------------------------------+
7// | branch        : BSF (Best So Far)
8// | file          : $RCSfile$
9// | last update   : $Date: 2006-04-27 21:05:07 +0000 (Thu, 27 Apr 2006) $
10// | last modifier : $Author: plg $
11// | revision      : $Revision: 1282 $
12// +-----------------------------------------------------------------------+
13// | This program is free software; you can redistribute it and/or modify  |
14// | it under the terms of the GNU General Public License as published by  |
15// | the Free Software Foundation                                          |
16// |                                                                       |
17// | This program is distributed in the hope that it will be useful, but   |
18// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
19// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
20// | General Public License for more details.                              |
21// |                                                                       |
22// | You should have received a copy of the GNU General Public License     |
23// | along with this program; if not, write to the Free Software           |
24// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
25// | USA.                                                                  |
26// +-----------------------------------------------------------------------+
27
28//----------------------------------------------------------- include
29define('PHPWG_ROOT_PATH','./');
30
31// Guess an initial language ...
32function guess_lang()
33{
34  return 'en_UK.iso-8859-1';
35}
36
37/**
38 * loads an sql file and executes all queries
39 *
40 * Before executing a query, $replaced is... replaced by $replacing. This is
41 * useful when the SQL file contains generic words. Drop table queries are
42 * not executed.
43 *
44 * @param string filepath
45 * @param string replaced
46 * @param string replacing
47 * @return void
48 */
49function execute_sqlfile($filepath, $replaced, $replacing)
50{
51  $sql_lines = file($filepath);
52  $query = '';
53  foreach ($sql_lines as $sql_line)
54  {
55    $sql_line = trim($sql_line);
56    if (preg_match('/(^--|^$)/', $sql_line))
57    {
58      continue;
59    }
60    $query.= ' '.$sql_line;
61    // if we reached the end of query, we execute it and reinitialize the
62    // variable "query"
63    if (preg_match('/;$/', $sql_line))
64    {
65      $query = trim($query);
66      $query = str_replace($replaced, $replacing, $query);
67      // we don't execute "DROP TABLE" queries
68      if (!preg_match('/^DROP TABLE/i', $query))
69      {
70        mysql_query($query);
71      }
72      $query = '';
73    }
74  }
75}
76
77set_magic_quotes_runtime(0); // Disable magic_quotes_runtime
78//
79// addslashes to vars if magic_quotes_gpc is off this is a security
80// precaution to prevent someone trying to break out of a SQL statement.
81//
82if( !get_magic_quotes_gpc() )
83{
84  if( is_array($_POST) )
85  {
86    while( list($k, $v) = each($_POST) )
87    {
88      if( is_array($_POST[$k]) )
89      {
90        while( list($k2, $v2) = each($_POST[$k]) )
91        {
92          $_POST[$k][$k2] = addslashes($v2);
93        }
94        @reset($_POST[$k]);
95      }
96      else
97      {
98        $_POST[$k] = addslashes($v);
99      }
100    }
101    @reset($_POST);
102  }
103
104  if( is_array($_COOKIE) )
105  {
106    while( list($k, $v) = each($_COOKIE) )
107    {
108      if( is_array($_COOKIE[$k]) )
109      {
110        while( list($k2, $v2) = each($_COOKIE[$k]) )
111        {
112          $_COOKIE[$k][$k2] = addslashes($v2);
113        }
114        @reset($_COOKIE[$k]);
115      }
116      else
117      {
118        $_COOKIE[$k] = addslashes($v);
119      }
120    }
121    @reset($_COOKIE);
122  }
123}
124
125//----------------------------------------------------- variable initialization
126
127define('DEFAULT_PREFIX_TABLE', 'phpwebgallery_');
128
129// Obtain various vars
130$dbhost = (!empty($_POST['dbhost'])) ? $_POST['dbhost'] : 'localhost';
131$dbuser = (!empty($_POST['dbuser'])) ? $_POST['dbuser'] : '';
132$dbpasswd = (!empty($_POST['dbpasswd'])) ? $_POST['dbpasswd'] : '';
133$dbname = (!empty($_POST['dbname'])) ? $_POST['dbname'] : '';
134
135if (isset($_POST['install']))
136{
137  $table_prefix = $_POST['prefix'];
138}
139else
140{
141  $table_prefix = DEFAULT_PREFIX_TABLE;
142}
143
144$admin_name = (!empty($_POST['admin_name'])) ? $_POST['admin_name'] : '';
145$admin_pass1 = (!empty($_POST['admin_pass1'])) ? $_POST['admin_pass1'] : '';
146$admin_pass2 = (!empty($_POST['admin_pass2'])) ? $_POST['admin_pass2'] : '';
147$admin_mail = (!empty($_POST['admin_mail'])) ? $_POST['admin_mail'] : '';
148
149$infos = array();
150$errors = array();
151
152// Open config.php ... if it exists
153$config_file = PHPWG_ROOT_PATH.'include/mysql.inc.php';
154if (@file_exists($config_file))
155{
156  include($config_file);
157  // Is PhpWebGallery already installed ?
158  if (defined("PHPWG_INSTALLED"))
159  {
160    die('PhpWebGallery is already installed');
161  }
162}
163
164$prefixeTable = $table_prefix;
165include(PHPWG_ROOT_PATH . 'include/config_default.inc.php');
166@include(PHPWG_ROOT_PATH. 'include/config_local.inc.php');
167include(PHPWG_ROOT_PATH . 'include/constants.php');
168include(PHPWG_ROOT_PATH . 'include/functions.inc.php');
169include(PHPWG_ROOT_PATH . 'admin/include/functions.php');
170include(PHPWG_ROOT_PATH . 'include/template.php');
171
172if ( isset( $_POST['language'] ))
173{
174  $language = strip_tags($_POST['language']);
175}
176else 
177{
178  $language = guess_lang();
179}
180
181if (!file_exists(PHPWG_ROOT_PATH.'language/'.$language.'/install.lang.php'))
182{
183  $language = 'en_UK.iso-8859-1';
184}
185
186include( './language/'.$language.'/common.lang.php' );
187include( './language/'.$language.'/admin.lang.php' );
188include( './language/'.$language.'/install.lang.php' );
189//----------------------------------------------------- template initialization
190$template=setup_style('yoga');
191$template->set_filenames( array('install'=>'install.tpl') );
192$step = 1;
193//---------------------------------------------------------------- form analyze
194if ( isset( $_POST['install'] ))
195{
196  if ( @mysql_connect( $_POST['dbhost'],
197                       $_POST['dbuser'],
198                       $_POST['dbpasswd'] ) )
199  {
200    if ( @mysql_select_db($_POST['dbname'] ) )
201    {
202      array_push( $infos, $lang['step1_confirmation'] );
203    }
204    else
205    {
206      array_push( $errors, $lang['step1_err_db'] );
207    }
208  }
209  else
210  {
211    array_push( $errors, $lang['step1_err_server'] );
212  }
213 
214  $webmaster = trim(preg_replace( '/\s{2,}/', ' ', $admin_name ));
215  if ( empty($webmaster))
216    array_push( $errors, $lang['step2_err_login1'] );
217  else if ( preg_match( '/[\'"]/', $webmaster ) )
218    array_push( $errors, $lang['step2_err_login3'] );
219  if ( $admin_pass1 != $admin_pass2 || empty($admin_pass1) )
220    array_push( $errors, $lang['step2_err_pass'] );
221  if ( empty($admin_mail))
222    array_push( $errors, $lang['reg_err_mail_address'] );
223  else 
224  {
225    $error_mail_address = validate_mail_address($admin_mail);
226    if (!empty($error_mail_address))
227      array_push( $errors, $error_mail_address );
228  }
229 
230  if ( count( $errors ) == 0 )
231  {
232    $step = 2;
233    $file_content = '<?php
234$cfgBase = \''.$dbname.'\';
235$cfgUser = \''.$dbuser.'\';
236$cfgPassword = \''.$dbpasswd.'\';
237$cfgHote = \''.$dbhost.'\';
238
239$prefixeTable = \''.$table_prefix.'\';
240
241define(\'PHPWG_INSTALLED\', true);
242?'.'>';
243   
244    @umask(0111);
245    // writing the configuration file
246    if ( !($fp = @fopen( $config_file, 'w' )))
247    {
248      $html_content = htmlentities( $file_content, ENT_QUOTES );
249      $html_content = nl2br( $html_content );
250      $template->assign_block_vars(
251        'error_copy',
252        array(
253          'FILE_CONTENT' => $html_content,
254          )
255        );
256    }
257    @fputs($fp, $file_content, strlen($file_content));
258    @fclose($fp);
259   
260    // tables creation, based on phpwebgallery_structure.sql
261    execute_sqlfile(
262      PHPWG_ROOT_PATH.'install/phpwebgallery_structure.sql',
263      DEFAULT_PREFIX_TABLE,
264      $table_prefix
265      );
266    // We fill the tables with basic informations
267    execute_sqlfile(
268      PHPWG_ROOT_PATH.'install/config.sql',
269      DEFAULT_PREFIX_TABLE,
270      $table_prefix
271      );
272
273    $query = '
274UPDATE '.CONFIG_TABLE.'
275  SET value = \''.$language.'\'
276  WHERE param = \'default_language\'
277;';
278    mysql_query($query);
279
280    // fill $conf global array
281    load_conf_from_db();
282
283    $insert = array(
284      'id' => 1,
285      'galleries_url' => PHPWG_ROOT_PATH.'galleries/',
286      );
287    mass_inserts(SITES_TABLE, array_keys($insert), array($insert));
288   
289    // webmaster admin user
290    $inserts = array(
291      array(
292        'id'           => 1,
293        'username'     => $admin_name,
294        'password'     => md5($admin_pass1),
295        'mail_address' => $admin_mail,
296        ),
297      array(
298        'id'           => 2,
299        'username'     => 'guest',
300        ),
301      );
302    mass_inserts(USERS_TABLE, array_keys($inserts[0]), $inserts);
303
304    create_user_infos(1);
305    create_user_infos(2);
306
307    $query = '
308UPDATE '.USER_INFOS_TABLE.'
309  SET language = \''.$language.'\'
310;';
311    mysql_query($query);
312
313    // Available upgrades must be ignored after a fresh installation. To
314    // make PWG avoid upgrading, we must tell it upgrades have already been
315    // made.
316    list($dbnow) = mysql_fetch_row(pwg_query('SELECT NOW();'));
317    define('CURRENT_DATE', $dbnow);
318    $datas = array();
319    foreach (get_available_upgrade_ids() as $upgrade_id)
320    {
321      array_push(
322        $datas,
323        array(
324          'id'          => $upgrade_id,
325          'applied'     => CURRENT_DATE,
326          'description' => 'upgrade included in installation',
327          )
328        );
329    }
330    mass_inserts(
331      UPGRADE_TABLE,
332      array_keys($datas[0]),
333      $datas
334      );
335  }
336}
337
338$template->assign_vars(
339  array(
340    'RELEASE'=>PHPWG_VERSION,
341 
342    'L_BASE_TITLE'=>$lang['Initial_config'],
343    'L_LANG_TITLE'=>$lang['Default_lang'],
344    'L_DB_TITLE'=>$lang['step1_title'],
345    'L_DB_HOST'=>$lang['step1_host'],
346    'L_DB_HOST_INFO'=>$lang['step1_host_info'],
347    'L_DB_USER'=>$lang['step1_user'],
348    'L_DB_USER_INFO'=>$lang['step1_user_info'],
349    'L_DB_PASS'=>$lang['step1_pass'],
350    'L_DB_PASS_INFO'=>$lang['step1_pass_info'],
351    'L_DB_NAME'=>$lang['step1_database'],
352    'L_DB_NAME_INFO'=>$lang['step1_database_info'],
353    'L_DB_PREFIX'=>$lang['step1_prefix'],
354    'L_DB_PREFIX_INFO'=>$lang['step1_prefix_info'],
355    'L_ADMIN_TITLE'=>$lang['step2_title'],
356    'L_ADMIN'=>$lang['install_webmaster'],
357    'L_ADMIN_INFO'=>$lang['install_webmaster_info'],
358    'L_ADMIN_PASSWORD'=>$lang['step2_pwd'],
359    'L_ADMIN_PASSWORD_INFO'=>$lang['step2_pwd_info'],
360    'L_ADMIN_CONFIRM_PASSWORD'=>$lang['step2_pwd_conf'],
361    'L_ADMIN_CONFIRM_PASSWORD_INFO'=>$lang['step2_pwd_conf_info'],
362    'L_ADMIN_EMAIL'=>$lang['conf_mail_webmaster'],
363    'L_ADMIN_EMAIL_INFO'=>$lang['conf_mail_webmaster_info'],
364    'L_SUBMIT'=>$lang['Start_Install'],
365    'L_HELP'=>$lang['install_help'],
366    'L_ERR_COPY'=>$lang['step1_err_copy'],
367    'L_END_TITLE'=>$lang['install_end_title'],
368    'L_END_MESSAGE'=>$lang['install_end_message'],
369   
370    'F_ACTION'=>'install.php',
371    'F_DB_HOST'=>$dbhost,
372    'F_DB_USER'=>$dbuser,
373    'F_DB_NAME'=>$dbname,
374    'F_DB_PREFIX' => (
375      $table_prefix != DEFAULT_PREFIX_TABLE
376      ? $table_prefix
377      : DEFAULT_PREFIX_TABLE
378      ),
379    'F_ADMIN'=>$admin_name,
380    'F_ADMIN_EMAIL'=>$admin_mail,
381    'F_LANG_SELECT'=>language_select($language),
382   
383    'T_CONTENT_ENCODING' => $lang_info['charset']
384    ));
385
386//------------------------------------------------------ errors & infos display
387if ( sizeof( $errors ) != 0 )
388{
389  $template->assign_block_vars('errors',array());
390  for ( $i = 0; $i < sizeof( $errors ); $i++ )
391  {
392    $template->assign_block_vars('errors.error',array('ERROR'=>$errors[$i]));
393  }
394}
395
396if ( sizeof( $infos ) != 0 )
397{
398  $template->assign_block_vars('infos',array());
399  for ( $i = 0; $i < sizeof( $infos ); $i++ )
400  {
401    $template->assign_block_vars('infos.info',array('INFO'=>$infos[$i]));
402  }
403}
404
405if ($step ==1)
406{
407  $template->assign_block_vars('install',array());
408}
409else
410{
411  $template->assign_block_vars('install_end',array());
412}
413
414//----------------------------------------------------------- html code display
415$template->pparse('install');
416?>
Note: See TracBrowser for help on using the repository browser.