PageRenderTime 66ms CodeModel.GetById 21ms RepoModel.GetById 1ms app.codeStats 0ms

/setup.php

https://github.com/paulheaney/sitracker
PHP | 1516 lines | 1217 code | 120 blank | 179 comment | 195 complexity | 59aebe696f0a7c71c63d1104b0b8b744 MD5 | raw file
Possible License(s): LGPL-2.1, LGPL-2.0, BSD-3-Clause, GPL-2.0

Large files files are truncated, but you can click here to view the full file

    

  1. <?php
    2. 

  2. // setup.php - Install/Upgrade and set up plugins
    3. 

  3. //
    4. 

  4. // SiT (Support Incident Tracker) - Support call tracking system
    5. 

  5. // Copyright (C) 2000-2009 Salford Software Ltd. and Contributors
    6. 

  6. //
    7. 

  7. // This software may be used and distributed according to the terms
    8. 

  8. // of the GNU General Public License, incorporated herein by reference.
    9. 

  9. //
    10. 

  10. 

  11. // Author: Ivan Lucas <ivanlucas[at]users.sourceforge.net>
    12. 

  12. 

  13. // Define path constants, we don't include core.php so we do this here
    14. 

  14. define ('APPLICATION_FSPATH', realpath(dirname( __FILE__ ) . DIRECTORY_SEPARATOR) . DIRECTORY_SEPARATOR);
    15. 

  15. define ('APPLICATION_LIBPATH', realpath(dirname( __FILE__ ).DIRECTORY_SEPARATOR . 'lib') . DIRECTORY_SEPARATOR);
    16. 

  16. define ('APPLICATION_HELPPATH', realpath(dirname( __FILE__ ).DIRECTORY_SEPARATOR . 'help') . DIRECTORY_SEPARATOR);
    17. 

  17. define ('APPLICATION_INCPATH', realpath(dirname( __FILE__ ).DIRECTORY_SEPARATOR . 'inc') . DIRECTORY_SEPARATOR);
    18. 

  18. define ('APPLICATION_I18NPATH', realpath(dirname( __FILE__ ).DIRECTORY_SEPARATOR . 'i18n') . DIRECTORY_SEPARATOR);
    19. 

  19. define ('APPLICATION_PORTALPATH', realpath(dirname( __FILE__ ).DIRECTORY_SEPARATOR . 'portal') . DIRECTORY_SEPARATOR);
    20. 

  20. define ('APPLICATION_PLUGINPATH', realpath(dirname( __FILE__ ).DIRECTORY_SEPARATOR . 'plugins') . DIRECTORY_SEPARATOR);
    21. 

  21. 

  22. 

  23. // Load config defaults
    24. 

  24. @include (APPLICATION_LIBPATH . 'defaults.inc.php');
    25. 

  25. // Keep the defaults as a seperate array
    26. 

  26. $DEFAULTS = $CONFIG;
    27. 

  27. 

  28. // Load config file with customisations
    29. 

  29. // @include ("config.inc-dist.php");
    30. 

  30. if (file_exists(APPLICATION_FSPATH . "config.inc.php")
    31. 

  31.     AND !include (APPLICATION_FSPATH . "config.inc.php"))
    32. 

  32.     {
    33. 

  33.         die('Could not read config file config.inc.php');
    34. 

  34.     }
    35. 

  35. // Server Configuration
    36. 

  36. 

  37. // for legacy systems
    38. 

  38. if (file_exists('/etc/webtrack.conf')
    39. 

  39.     AND !include ('/etc/webtrack.conf'))
    40. 

  40.     {
    41. 

  41.         die('Could not read config file webtrack.conf');
    42. 

  42.     }
    43. 

  43. 

  44. if (file_exists('/etc/sit.conf')
    45. 

  45.     AND !include ('/etc/sit.conf'))
    46. 

  46.     {
    47. 

  47.         die('Cound not read config file sit.conf');
    48. 

  48.     }
    49. 

  49. 

  50. // // Some actions require authentication
    51. 

  51. // if ($_REQUEST['action'] == 'reconfigure')
    52. 

  52. // {
    53. 

  53. //     $permission = 22;
    54. 

  54. //     $_REQUEST['config'] = 'advanced'; // set advanced mode
    55. 

  55. //     require (APPLICATION_LIBPATH . 'functions.inc.php');
    56. 

  56. //     require (APPLICATION_LIBPATH . 'auth.inc.php');
    57. 

  57. // }
    58. 

  58. 

  59. // These are the required variables we want to configure during installation
    60. 

  60. $SETUP = array('db_hostname','db_database','db_username','db_password', 'db_tableprefix','application_webpath');
    61. 

  61. 

  62. require(APPLICATION_LIBPATH . 'configvars.inc.php');
    63. 

  63. 

  64. $upgradeok = FALSE;
    65. 

  65. $config_filename = APPLICATION_FSPATH . 'config.inc.php';
    66. 

  66. 

  67. $configfiles = get_included_files();
    68. 

  68. 

  69. $systemhash = md5(date('Y-m-d') . $_SERVER['REMOTE_ADDR']
    70. 

  70.                 . $_SERVER['SCRIPT_FILENAME'] . $_SERVER['HTTP_USER_AGENT']
    71. 

  71.                 . $CONFIG['attachment_fspath'] . $_SERVER['SERVER_SIGNATURE'] );
    72. 

  72. 

  73. 

  74. /**
    75. 

  75.     * Array filter callback to check to see if a config file is a recognised file
    76. 

  76.     * @author Ivan Lucas
    77. 

  77.     * @param string $var. Filename to check
    78. 

  78.     * @retval bool TRUE : recognised
    79. 

  79.     * @retval bool FALSE : unrecognised
    80. 

  80. */
    81. 

  81. function filterconfigfiles($var)
    82. 

  82. {
    83. 

  83.     $poss_config_files = array('config.inc.php', 'sit.conf', 'webtrack.conf');
    84. 

  84.     $recognised = FALSE;
    85. 

  85.     foreach ($poss_config_files AS $poss)
    86. 

  86.     {
    87. 

  87.         if (substr($var, strlen($var)-strlen($poss)) == $poss) $recognised = TRUE;
    88. 

  88.     }
    89. 

  89.     return $recognised;
    90. 

  90. }
    91. 

  91. 

  92. 

  93. $configfiles = array_filter($configfiles, 'filterconfigfiles');
    94. 

  94. $configfiles = array_values($configfiles);
    95. 

  95. $numconfigfiles = count($configfiles);
    96. 

  96. if ($numconfigfiles == 1)
    97. 

  97. {
    98. 

  98.     $config_filename = $configfiles[0];
    99. 

  99. }
    100. 

  100. elseif ($numconfigfiles < 1)
    101. 

  101. {
    102. 

  102.     $configfiles[] = './config.inc.php';
    103. 

  103. }
    104. 

  104. 

  105. $cfg_file_exists = FALSE;
    106. 

  106. $cfg_file_writable = FALSE;
    107. 

  107. foreach ($configfiles AS $conf_filename)
    108. 

  108. {
    109. 

  109.     if (file_exists($conf_filename)) $cfg_file_exists = TRUE;
    110. 

  110.     if (is_writable($conf_filename)) $cfg_file_writable = TRUE;
    111. 

  111. }
    112. 

  112. 

  113. 

  114. // Detect whether an array is associative
    115. 

  115. // From http://uk.php.net/manual/en/function.is-array.php#77744
    116. 

  116. //function is_assoc($array)
    117. 

  117. //{
    118. 

  118. //    return is_array($array) && count($array) !== array_reduce(array_keys($array), 'is_assoc_callback', 0);
    119. 

  119. //}
    120. 

  120. 

  121. 

  122. //function is_assoc_callback($a, $b)
    123. 

  123. //{
    124. 

  124. //    return $a === $b ? $a + 1 : 0;
    125. 

  125. //}
    126. 

  126. 

  127. /**
    128. 

  128.     * Setup configuration form
    129. 

  129.     * @author Ivan Lucas
    130. 

  130.     * @retval string HTML
    131. 

  131. */
    132. 

  132. function setup_configure()
    133. 

  133. {
    134. 

  134.     global $SETUP, $CFGVAR, $CONFIG, $configfiles, $config_filename, $cfg_file_exists;
    135. 

  135.     global $cfg_file_writable, $numconfigfiles;
    136. 

  136.     $html = '';
    137. 

  137. 

  138.     if ($cfg_file_exists AND $_REQUEST['configfile'] != 'new')
    139. 

  139.     {
    140. 

  140.         if ($_SESSION['new'])
    141. 

  141.         {
    142. 

  142.             if ($numconfigfiles < 2)
    143. 

  143.             {
    144. 

  144.                 $html .= "<h4>Found an existing config file <var>{$config_filename}</var></h4>";
    145. 

  145.             }
    146. 

  146.             else
    147. 

  147.             {
    148. 

  148.                 $html .= "<p class='error'>Found more than one existing config file</p>";
    149. 

  149.                 if ($cfg_file_writable)
    150. 

  150.                 {
    151. 

  151.                     $html .= "<ul>";
    152. 

  152.                     foreach ($configfiles AS $conf_filename)
    153. 

  153.                     {
    154. 

  154.                         $html .= "<li><var>{$conf_filename}</var></li>";
    155. 

  155.                     }
    156. 

  156.                     $html .= "</ul>";
    157. 

  157.                 }
    158. 

  158.             }
    159. 

  159.         }
    160. 

  160.         //$html .= "<p>Since you already have a config file we assume you are upgrading or reconfiguring, if this is not the case please delete the existing config file.</p>";
    161. 

  161.         if ($cfg_file_writable)
    162. 

  162.         {
    163. 

  163.             $html .= "<p class='error'>Important: The file permissions on the configuration file ";
    164. 

  164.             $html .= "allow it to be modified, we recommend you make this file read-only once SiT! is configured.";
    165. 

  165.             $html .= "</p>";
    166. 

  166.         }
    167. 

  167.         else
    168. 

  168.         {
    169. 

  169.             $html .= "<p><a href='setup.php?action=reconfigure&amp;configfile=new' >Create a new config file</a>.</p>";
    170. 

  170.         }
    171. 

  171.     }
    172. 

  172.     else $html .= "<h2>New Configuration</h2><p>Please complete this form to create a new configuration file for SiT!</p>";
    173. 

  173. 

  174.     if ($cfg_file_writable OR $_SESSION['new'] === 1 OR $cfg_file_exists == FALSE OR $_REQUEST['configfile'] == 'new')
    175. 

  175.     {
    176. 

  176.         $html .= "\n<form action='setup.php' method='post'>\n";
    177. 

  177. 

  178.         if ($_REQUEST['config'] == 'advanced')
    179. 

  179.         {
    180. 

  180.             $html .= "<input type='hidden' name='config' value='advanced' />\n";
    181. 

  181.             foreach ($CFGVAR AS $setupvar => $setupval)
    182. 

  182.             {
    183. 

  183.                 $SETUP[] = $setupvar;
    184. 

  184.             }
    185. 

  185.         }
    186. 

  186. 

  187.         $c=1;
    188. 

  188.         foreach ($SETUP AS $setupvar)
    189. 

  189.         {
    190. 

  190.             $html .= "<div class='configvar{$c}'>";
    191. 

  191.             if ($CFGVAR[$setupvar]['title']!='') $title = $CFGVAR[$setupvar]['title'];
    192. 

  192.             else $title = $setupvar;
    193. 

  193.             $html .= "<h4>{$title}</h4>";
    194. 

  194.             if ($CFGVAR[$setupvar]['help']!='') $html .= "<p class='helptip'>{$CFGVAR[$setupvar]['help']}</p>\n";
    195. 

  195. 

  196.             $html .= "<var>\$CONFIG['$setupvar']</var> = ";
    197. 

  197. 

  198.             $value = '';
    199. 

  199.             if (!$cfg_file_exists OR ($cfg_file_exists AND $cfg_file_writable))
    200. 

  200.             {
    201. 

  201.                 $value = $CONFIG[$setupvar];
    202. 

  202.                 if (is_bool($value))
    203. 

  203.                 {
    204. 

  204.                     if ($value==TRUE) $value='TRUE';
    205. 

  205.                     else $value='FALSE';
    206. 

  206.                 }
    207. 

  207.                 elseif (is_array($value))
    208. 

  208.                 {
    209. 

  209.                     if (is_assoc($value))
    210. 

  210.                     {
    211. 

  211.                         $value = "array(".implode_assoc('=>',',',$value).")";
    212. 

  212.                     }
    213. 

  213.                     else
    214. 

  214.                     {
    215. 

  215.                         $value="array(".implode(',',$value).")";
    216. 

  216.                     }
    217. 

  217.                 }
    218. 

  218.                 if ($setupvar=='db_password' AND $_REQUEST['action']!='reconfigure') $value='';
    219. 

  219.             }
    220. 

  220. 

  221.             if (!$cfg_file_exists OR $_REQUEST['configfile'] == 'new')
    222. 

  222.             {
    223. 

  223.                 // Dynamic defaults
    224. 

  224.                     // application_fspath was removed, leaving this code just-in-case
    225. 

  225.                     // DEPRECATED - remove for >= 3.50
    226. 

  226.                 if ($setupvar == 'application_fspath')
    227. 

  227.                 {
    228. 

  228.                     $value = str_replace('htdocs' . DIRECTORY_SEPARATOR, '', dirname( __FILE__ ) . DIRECTORY_SEPARATOR);
    229. 

  229.                 }
    230. 

  230. 

  231.                 if ($setupvar == 'application_webpath')
    232. 

  232.                 {
    233. 

  233.                     $value = dirname( strip_tags( $_SERVER['PHP_SELF'] ) );
    234. 

  234.                     if ($value == '/' OR $value == '\\') $value = '/';
    235. 

  235.                     else $value = $value . '/';
    236. 

  236.                 }
    237. 

  237.             }
    238. 

  238. 

  239.             switch ($CFGVAR[$setupvar]['type'])
    240. 

  240.             {
    241. 

  241.                 case 'select':
    242. 

  242.                     $html .= "<select name='$setupvar'>";
    243. 

  243.                     if (empty($CFGVAR[$setupvar]['options'])) $CFGVAR[$setupvar]['options'] = "TRUE|FALSE";
    244. 

  244.                     $options = explode('|', $CFGVAR[$setupvar]['options']);
    245. 

  245.                     foreach ($options AS $option)
    246. 

  246.                     {
    247. 

  247.                         $html .= "<option value=\"{$option}\"";
    248. 

  248.                         if ($option == $value) $html .= " selected='selected'";
    249. 

  249.                         $html .= ">{$option}</option>\n";
    250. 

  250.                     }
    251. 

  251.                     $html .= "</select>";
    252. 

  252.                 break;
    253. 

  253. 

  254.                 case 'percent':
    255. 

  255.                     $html .= "<select name='$setupvar'>";
    256. 

  256.                     for($i = 0; $i <= 100; $i++)
    257. 

  257.                     {
    258. 

  258.                         $html .= "<option value=\"{$i}\"";
    259. 

  259.                         if ($i == $value) $html .= " selected='selected'";
    260. 

  260.                         $html .= ">{$i}</option>\n";
    261. 

  261.                     }
    262. 

  262.                     $html .= "</select>";
    263. 

  263.                 break;
    264. 

  264. 

  265.                 case 'text':
    266. 

  266.                 default:
    267. 

  267.                     if (strlen($CONFIG[$setupvar]) < 65)
    268. 

  268.                     {
    269. 

  269.                         $html .= "<input type='text' name='$setupvar' size='60' value=\"{$value}\" />";
    270. 

  270.                     }
    271. 

  271.                     else
    272. 

  272.                     {
    273. 

  273.                         $html .= "<textarea name='$setupvar' cols='60' rows='10'>{$value}</textarea>";
    274. 

  274.                     }
    275. 

  275.             }
    276. 

  276.             if ($setupvar=='db_password' AND $_REQUEST['action']!='reconfigure' AND $value != '') $html .= "<p class='info'>The current password setting is not shown</p>";
    277. 

  277.             $html .= "</div>";
    278. 

  278.             $html .= "<br />\n";
    279. 

  279.             if ($c==1) $c==2; else $c=1;
    280. 

  280.         }
    281. 

  281.         $html .= "<input type='hidden' name='action' value='save_config' />";
    282. 

  282.         $html .= "<br /><input type='submit' name='submit' value='Save Configuration' />";
    283. 

  283.         $html .= "</form>\n";
    284. 

  284.     }
    285. 

  285.     return $html;
    286. 

  286. }
    287. 

  287. 

  288. 

  289. /**
    290. 

  290.     * Execute a list of SQL queries
    291. 

  291.     * @author Ivan Lucas
    292. 

  292.     * @note Attempts to be clever and print helpful messages in the case
    293. 

  293.     * of an error
    294. 

  294. */
    295. 

  295. function setup_exec_sql($sqlquerylist)
    296. 

  296. {
    297. 

  297.     global $CONFIG, $dbSystem, $installed_schema, $application_version;
    298. 

  298.     if (!empty($sqlquerylist))
    299. 

  299.     {
    300. 

  300.         if (!is_array($sqlquerylist)) $sqlquerylist = array($sqlquerylist);
    301. 

  301. 

  302. //         echo "<pre>".print_r($sqlquerylist,true)."</pre>";
    303. 

  303. 

  304.         // Loop around the queries
    305. 

  305.         foreach ($sqlquerylist AS $schemaversion => $queryelement)
    306. 

  306.         {
    307. 

  307.             if ($schemaversion != '0') $schemaversion = substr($schemaversion, 1);
    308. 

  308. //             echo "<p>Schema version $schemaversion, installed schema $installed_schema, query $queryelement</p>";
    309. 

  309.             if ($schemaversion == 0 OR $installed_schema < $schemaversion)
    310. 

  310.             {
    311. 

  311.                 $sqlqueries = explode( ';', $queryelement);
    312. 

  312.                 // We don't need the last entry it's blank, as we end with a ;
    313. 

  313.                 array_pop($sqlqueries);
    314. 

  314.                 $errors = 0;
    315. 

  315.                 foreach ($sqlqueries AS $sql)
    316. 

  316.                 {
    317. 

  317.                     if (!empty($sql))
    318. 

  318.                     {
    319. 

  319.                         mysql_query($sql);
    320. 

  320.                         if (mysql_error())
    321. 

  321.                         {
    322. 

  322.                             $errno = mysql_errno();
    323. 

  323.                             $errstr = '';
    324. 

  324.                             // See http://dev.mysql.com/doc/refman/5.0/en/error-messages-server.html
    325. 

  325.                             // For list of mysql error numbers
    326. 

  326.                             switch ($errno)
    327. 

  327.                             {
    328. 

  328.                                 case 1022:
    329. 

  329.                                 case 1050:
    330. 

  330.                                 case 1060:
    331. 

  331.                                 case 1061:
    332. 

  332.                                 case 1062:
    333. 

  333.                                     $severity = 'info';
    334. 

  334.                                     $errstr = "This could be because this part of the database schema is already up to date.";
    335. 

  335.                                 break;
    336. 

  336. 

  337.                                 case 1058:
    338. 

  338.                                     $severity = 'error';
    339. 

  339.                                     $errstr = "This looks suspiciously like a bug, if you think this is the case please report it.";
    340. 

  340.                                 break;
    341. 

  341. 

  342. //                                 case 1054:
    343. 

  343. //                                     if (preg_match("/ALTER TABLE/", $sql) >= 1)
    344. 

  344. //                                     {
    345. 

  345. //                                         $severity = 'info';
    346. 

  346. //                                         $errstr = "This could be because this part of the database schema is already up to date.";
    347. 

  347. //                                     }
    348. 

  348. //                                 break;
    349. 

  349. 

  350.                                 case 1051:
    351. 

  351.                                 case 1091:
    352. 

  352.                                     if (preg_match("/DROP/", $sql) >= 1)
    353. 

  353.                                     {
    354. 

  354.                                         $severity = 'info';
    355. 

  355.                                         $errstr = "We expected to find something in order to remove it but it doesn't exist. This could be because this part of the database schema is already up to date..";
    356. 

  356.                                     }
    357. 

  357.                                 break;
    358. 

  358. 

  359. 

  360. 

  361.                                 case 1044:
    362. 

  362.                                 case 1045:
    363. 

  363.                                 case 1142:
    364. 

  364.                                 case 1143:
    365. 

  365.                                 case 1227:
    366. 

  366.                                     $severity = 'error';
    367. 

  367.                                     $errstr = "This could be because the MySQL user '{$CONFIG['db_username']}' does not have appropriate permission to modify the database schema.<br />";
    368. 

  368.                                     $errstr .= "<strong>Check your MySQL permissions allow the schema to be modified</strong>.";
    369. 

  369. 

  370.                                 default:
    371. 

  371.                                     $severity = 'error';
    372. 

  372.                                     $errstr = "You may have found a bug, if you think this is the case please report it.";
    373. 

  373.                             }
    374. 

  374.                             $html .= "<p class='$severity'>";
    375. 

  375.                             if ($severity == 'info')
    376. 

  376.                             {
    377. 

  377.                                 $html .= "<strong>Information:</strong>";
    378. 

  378.                             }
    379. 

  379.                             else
    380. 

  380.                             {
    381. 

  381.                                 $html .= "<strong>A MySQL error occurred:</strong>";
    382. 

  382.                                 $errors ++;
    383. 

  383.                             }
    384. 

  384.                             $html .= " [".mysql_errno()."] ".mysql_error()."<br />";
    385. 

  385.                             if (!empty($errstr)) $html .= $errstr."<br />";
    386. 

  386.                             $html .= "Raw SQL: <code class='small'>".htmlspecialchars($sql)."</code>";
    387. 

  387.                         }
    388. 

  388.                     }
    389. 

  389.                 }
    390. 

  390.             }
    391. 

  391.         }
    392. 

  392.     }
    393. 

  393.     echo $html;
    394. 

  394.     return $errors;
    395. 

  395. }
    396. 

  396. 

  397. 

  398. /**
    399. 

  399.     * Create a blank SiT database
    400. 

  400.     * @author Ivan Lucas
    401. 

  401.     * @retval bool TRUE database created OK
    402. 

  402.     * @retval bool FALSE database not created, error.
    403. 

  403. */
    404. 

  404. function setup_createdb()
    405. 

  405. {
    406. 

  406.     global $CONFIG;
    407. 

  407. 

  408.     $res = FALSE;
    409. 

  409.     $sql = "CREATE DATABASE `{$CONFIG['db_database']}` DEFAULT CHARSET utf8";
    410. 

  410.     $db = @mysql_connect($CONFIG['db_hostname'], $CONFIG['db_username'], $CONFIG['db_password']);
    411. 

  411.     if (!@mysql_error())
    412. 

  412.     {
    413. 

  413.         // See Mantis 506 for sql_mode discussion
    414. 

  414.         @mysql_query("SET SESSION sql_mode = '';");
    415. 

  415. 

  416.         // Connected to database
    417. 

  417.         echo "<h2>Creating empty database...</h2>";
    418. 

  418.         $result = mysql_query($sql);
    419. 

  419.         if ($result)
    420. 

  420.         {
    421. 

  421.             $res = TRUE;
    422. 

  422.             echo "<p><strong>OK</strong> Database '{$CONFIG['db_database']}' created.</p>";
    423. 

  423.             echo setup_button('', 'Next');
    424. 

  424.         }
    425. 

  425.         else $res = FALSE;
    426. 

  426.     }
    427. 

  427.     else
    428. 

  428.     {
    429. 

  429.         $res = FALSE;
    430. 

  430.     }
    431. 

  431. 

  432.     if ($res == FALSE)
    433. 

  433.     {
    434. 

  434.         echo "<p class='error'>";
    435. 

  435.         if (mysql_error())
    436. 

  436.         {
    437. 

  437.             echo mysql_error()."<br />";
    438. 

  438.         }
    439. 

  439.         echo "The database could not be created automatically, ";
    440. 

  440.         echo "you can create it manually by executing the SQL statement <br /><code>{$sql};</code></p>";
    441. 

  441.         echo setup_button('', 'Next');
    442. 

  442.     }
    443. 

  443.     return $res;
    444. 

  444. }
    445. 

  445. 

  446. 

  447. /**
    448. 

  448.     * Check to see whether an admin user exists
    449. 

  449.     * @author Ivan Lucas
    450. 

  450.     * @retval bool TRUE : an admin account exists
    451. 

  451.     * @retval bool FALSE : an admin account doesn't exist
    452. 

  452. */
    453. 

  453. function setup_check_adminuser()
    454. 

  454. {
    455. 

  455.     global $dbUsers;
    456. 

  456.     $sql = "SELECT id FROM `{$dbUsers}` WHERE id=1 OR username='admin' OR roleid='1'";
    457. 

  457.     $result = @mysql_query($sql);
    458. 

  458.     if (mysql_num_rows($result) >= 1) return TRUE;
    459. 

  459.     else FALSE;
    460. 

  460. }
    461. 

  461. 

  462. 

  463. /**
    464. 

  464.     * An HTML action button, i.e. a form with a single button
    465. 

  465.     * @author Ivan Lucas
    466. 

  466.     * @param string $action.    Value for the hidden 'action' field
    467. 

  467.     * @param string $label.     Label for the submit button
    468. 

  468.     * @param string $extrahtml. Extra HTML to display on the form
    469. 

  469.     * @returns A form with a button
    470. 

  470.     * @retval string HTML form
    471. 

  471. */
    472. 

  472. function setup_button($action, $label, $extrahtml='')
    473. 

  473. {
    474. 

  474.     $html = "\n<form action='{$_SERVER['PHP_SELF']}' method='post'>";
    475. 

  475.     if (!empty($action))
    476. 

  476.     {
    477. 

  477.         $html .= "<input type='hidden' name='action' value=\"{$action}\" />";
    478. 

  478.     }
    479. 

  479.     $html .= "<input type='submit' value=\"{$label}\" />";
    480. 

  480.     if (!empty($extrahtml)) $html .= $extrahtml;
    481. 

  481.     $html .= "</form>\n";
    482. 

  482. 

  483.     return $html;
    484. 

  484. }
    485. 

  485. 

  486. session_name($CONFIG['session_name']);
    487. 

  487. session_start();
    488. 

  488. 

  489. // Force logout
    490. 

  490. $_SESSION['auth'] = FALSE;
    491. 

  491. $_SESSION['portalauth'] = FALSE;
    492. 

  492. 

  493. 

  494. echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"\n";
    495. 

  495. echo " \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n";
    496. 

  496. echo "<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"en\" lang=\"en\">\n";
    497. 

  497. echo "<head>\n";
    498. 

  498. echo "<meta http-equiv=\"Content-Type\" content=\"text/html;charset=UTF-8\" />\n";
    499. 

  499. echo "<style type=\"text/css\">\n";
    500. 

  500. echo "body { background-color: #FFF; font-family: Tahoma, Helvetica, sans-serif; font-size: 10pt;}\n";
    501. 

  501. echo "h1,h2,h3,h4,h5 { color: #203894; padding: 0.1em; border: 1px solid #4D485B; }\n";
    502. 

  502. if (file_exists('./images/sitlogo_270x100.png')) echo "body {background-image: url('images/sitlogo_270x100.png'); background-attachment:fixed; background-position: 98% 98%; background-repeat: no-repeat;}\n";
    503. 

  503. echo "h4 {background-color: transparent; color: #000; border: 0px; margin: 2px 0px 3px 0px; }\n";
    504. 

  504. echo "div.configvar1 {background-color: #F7FAFF; border: 1px solid #4D485B; margin-bottom: 10px; padding: 0px 5px 10px 5px; filter:alpha(opacity=75);  opacity: 0.75;  -moz-opacity:0.75; -moz-border-radius: 3px;} ";
    505. 

  505. echo "div.configvar2 {background-color: green; border: 1px solid #4D485B; margin-bottom: 10px;} ";
    506. 

  506. echo ".error {background-position: 3px 2px;
    507. 

  507.   background-repeat: no-repeat;
    508. 

  508.   padding: 3px 3px 3px 22px;
    509. 

  509.   min-height: 16px;
    510. 

  510.   -moz-border-radius: 5px;
    511. 

  511.   /* display: inline; */
    512. 

  512.   border: 1px solid #000;
    513. 

  513.   margin-left: 2em;
    514. 

  514.   margin-right: 2em;
    515. 

  515.   width: auto;
    516. 

  516.   text-align: left;
    517. 

  517.     background-image: url('images/icons/sit/16x16/warning.png');
    518. 

  518.   color: #5A3612;
    519. 

  519.   border: 1px solid #A26120;
    520. 

  520.   background-color: #FFECD7;
    521. 

  521. }
    522. 

  522. 

  523. .info {
    524. 

  524.  background-position: 3px 2px;
    525. 

  525.   background-repeat: no-repeat;
    526. 

  526.   padding: 3px 3px 3px 22px;
    527. 

  527.   min-height: 16px;
    528. 

  528.   -moz-border-radius: 5px;
    529. 

  529.   /* display: inline; */
    530. 

  530.   border: 1px solid #000;
    531. 

  531.   margin-left: 2em;
    532. 

  532.   margin-right: 2em;
    533. 

  533.   width: auto;
    534. 

  534.   text-align: left;
    535. 

  535. }
    536. 

  536. p.info {
    537. 

  537.   background-image: url('images/icons/sit/16x16/info.png');
    538. 

  538.   color: #17446B;
    539. 

  539.   border: 1px solid #17446B;
    540. 

  540.   background-color: #F4F6FF;
    541. 

  541. }
    542. 

  542. 

  543. a.button:link, a.button:visited
    544. 

  544. {
    545. 

  545.   float: left;
    546. 

  546.   margin: 2px 5px 2px 5px;
    547. 

  547.   padding: 2px;
    548. 

  548.   width: 100px;
    549. 

  549.   border-top: 1px solid #ccc;
    550. 

  550.   border-bottom: 1px solid black;
    551. 

  551.   border-left: 1px solid #ccc;
    552. 

  552.   border-right: 1px solid black;
    553. 

  553.   background: #ccc;
    554. 

  554.   text-align: center;
    555. 

  555.   text-decoration: none;
    556. 

  556.   font: normal 10px Verdana;
    557. 

  557.   color: black;
    558. 

  558. }
    559. 

  559. 

  560. a.button:hover
    561. 

  561. {
    562. 

  562.   background: #eee;
    563. 

  563. }
    564. 

  564. 

  565. a.button:active
    566. 

  566. {
    567. 

  567.   border-bottom: 1px solid #eee;
    568. 

  568.   border-top: 1px solid black;
    569. 

  569.   border-right: 1px solid #eee;
    570. 

  570.   border-left: 1px solid black;
    571. 

  571. }
    572. 

  572. 

  573. var { font-family: Andale Mono, monospace; font-style: normal; }
    574. 

  574. code.small { font-size: 75%; color: #555; }
    575. 

  575. }
    576. 

  576. 

  577. ";
    578. 

  578. echo ".help {background: #F7FAFF; border: 1px solid #3165CD; color: #203894; padding: 2px;}\n";
    579. 

  579. echo ".helptip { color: #203894; }\n";
    580. 

  580. echo ".warning {background: #FFFFE6; border: 2px solid #FFFF31; color: red; padding: 2px;}\n";
    581. 

  581. echo "pre {background:#FFF; border:#999; padding: 1em;}\n";
    582. 

  582. echo "a.button { border: 1px outset #000; padding: 2px; background-color: #EFEFEF;} ";
    583. 

  583. echo "a:link,a:visited { color: #000099; }\n";
    584. 

  584. echo "a:hover { background: #99CCFF; }\n";
    585. 

  585. echo "hr { background-color: #4D485B; margin-top: 3em; }\n";
    586. 

  586. echo "</style>\n";
    587. 

  587. echo "<title>Support Incident Tracker Setup</title>\n";
    588. 

  588. echo "</head>\n<body>\n";
    589. 

  589. 

  590. echo "<h1>Support Incident Tracker - Installation &amp; Setup</h1>";
    591. 

  591. 

  592. //
    593. 

  593. // Pre-flight Checks
    594. 

  594. //
    595. 

  595. 

  596. if (!empty($_REQUEST['msg']))
    597. 

  597. {
    598. 

  598.     $msg = strip_tags(base64_decode(urldecode($_REQUEST['msg'])));
    599. 

  599.     if ($cfg_file_exists === FALSE)
    600. 

  600.     {
    601. 

  601.         echo "<p class='info'><strong>It looks like you are setting up SiT! for the first time</strong> because we could not find a configuration file.<br />";
    602. 

  602.         echo "Please proceed with creating a new configuration file.</p>";
    603. 

  603.     }
    604. 

  604.     else
    605. 

  605.     {
    606. 

  606.         echo "<p class='error'><strong>Configuration Problem</strong>: {$msg}</p>";
    607. 

  607.     }
    608. 

  608. }
    609. 

  609. 

  610. 

  611. 

  612. // Check that includes worked and that we have some config variables set, these two should always be set
    613. 

  613. if ($CONFIG['application_name'] == '' AND $CONFIG['application_shortname'] == '')
    614. 

  614. {
    615. 

  615.     echo "<p class='error'>SiT! Setup couldn't find configuration defaults (defaults.inc.php). Is your lib/ directory missing?</p>";
    616. 

  616. }
    617. 

  617. 

  618. // Check we have the mysql extension
    619. 

  619. if (!extension_loaded('mysql'))
    620. 

  620. {
    621. 

  621.     echo "<p class='error'>Error: Could not find the mysql extension, SiT! requires MySQL to be able to run, you should install and enable the MySQL PHP Extension then run setup again.</p>";
    622. 

  622. }
    623. 

  623. 

  624. if (version_compare(PHP_VERSION, "5.0.0", "<"))
    625. 

  625. {
    626. 

  626.     echo "<p class='error'>You are running an older PHP version (< PHP 5), SiT v3.35 and later require PHP 5.0.0 or newer, some features may not work properly.</p>";
    627. 

  627. }
    628. 

  628. 

  629. echo "\n\n<!-- A:".strip_tags($_REQUEST['action'])." -->\n\n";
    630. 

  630. 

  631. switch ($_REQUEST['action'])
    632. 

  632. {
    633. 

  633.     case 'save_config':
    634. 

  634.         $newcfgfile = "<";
    635. 

  635.         $newcfgfile .= "?php\n";
    636. 

  636.         $newcfgfile .= "# config.inc.php - SiT! Config file generated automatically by setup.php on ".date('r')."\n\n";
    637. 

  637. 

  638.         if ($_REQUEST['config'] == 'advanced')
    639. 

  639.         {
    640. 

  640.             foreach ($CFGVAR AS $setupvar => $setupval)
    641. 

  641.             {
    642. 

  642.                 $SETUP[] = $setupvar;
    643. 

  643.             }
    644. 

  644.         }
    645. 

  645. 

  646.         // Keep the posted setup
    647. 

  647.         foreach ($SETUP AS $setupvar)
    648. 

  648.         {
    649. 

  649.             if ($_POST[$setupvar]==='TRUE') $_POST[$setupvar] = TRUE;
    650. 

  650.             if ($_POST[$setupvar]==='FALSE') $_POST[$setupvar] = FALSE;
    651. 

  651.             $CONFIG[$setupvar]=$_POST[$setupvar];
    652. 

  652.         }
    653. 

  653. 

  654.         // Set up a hard to find attachment path
    655. 

  655.         if ($CONFIG['attachment_fspath'] == '')
    656. 

  656.         {
    657. 

  657.             // We generate a path based on some semi-static values so that it's hard to guess,
    658. 

  658.             // but will still probably be the same if setup is run again the same day
    659. 

  659.             $CONFIG['attachment_fspath'] = dirname( __FILE__ ) . DIRECTORY_SEPARATOR . "attachments-" . $systemhash . DIRECTORY_SEPARATOR;
    660. 

  660.         }
    661. 

  661. 

  662.         // Extract the differences between the defaults and the newly configured items
    663. 

  663.         $CFGDIFF = array_diff_assoc($CONFIG, $DEFAULTS);
    664. 

  664. 

  665.         if (count($CFGDIFF) > 0)
    666. 

  666.         {
    667. 

  667.             foreach ($CFGDIFF AS $setupvar => $setupval)
    668. 

  668.             {
    669. 

  669.                 if ($CFGVAR[$setupvar]['title'] != '')
    670. 

  670.                 {
    671. 

  671.                     $newcfgfile .= "# {$CFGVAR[$setupvar]['title']}\n";
    672. 

  672.                 }
    673. 

  673. 

  674.                 if ($CFGVAR[$setupvar]['help']!='')
    675. 

  675.                 {
    676. 

  676.                     $newcfgfile .= "# {$CFGVAR[$setupvar]['help']}\n";
    677. 

  677.                 }
    678. 

  678. 

  679.                 $newcfgfile .= "\$CONFIG['$setupvar'] = ";
    680. 

  680. 

  681.                 if (is_numeric($setupval))
    682. 

  682.                 {
    683. 

  683.                     $newcfgfile .= "{$setupval}";
    684. 

  684.                 }
    685. 

  685.                 elseif (is_bool($setupval))
    686. 

  686.                 {
    687. 

  687.                     $newcfgfile .= $setupval == TRUE ? "TRUE" : "FALSE";
    688. 

  688.                 }
    689. 

  689.                 elseif (substr($setupval, 0, 6)=='array(')
    690. 

  690.                 {
    691. 

  691.                     $newcfgfile .= stripslashes("{$setupval}");
    692. 

  692.                 }
    693. 

  693.                 else
    694. 

  694.                 {
    695. 

  695.                     $newcfgfile .= "'".addslashes($setupval)."'";
    696. 

  696.                 }
    697. 

  697.                 $newcfgfile .= ";\n\n";
    698. 

  698.             }
    699. 

  699.         }
    700. 

  700.         else
    701. 

  701.         {
    702. 

  702.             $newcfgfile .= "# Nothing configured. This will mean the defaults are used.\n\n";
    703. 

  703.         }
    704. 

  704. 

  705.         // INL if we leave off the php closing tag it saves people having trouble
    706. 

  706.         // with whitespace
    707. 

  707.         //$newcfgfile .= "?";
    708. 

  708.         //$newcfgfile .= ">";
    709. 

  709. 

  710.         $fp = @fopen($config_filename, 'w');
    711. 

  711.         if (!$fp)
    712. 

  712.         {
    713. 

  713.             echo "<p class='error'>Could not write {$config_filename}</p>";
    714. 

  714.             echo "<p class='help'>Copy this text and paste it into a <var>config.inc.php</var> file in the SiT root directory (the folder than contains setup.php for example)<br />";
    715. 

  715.             // or <var>sit.conf</var> in the <var>/etc</var> directory
    716. 

  716.             echo "Or change the permissions on the folder so that it is writable and <a href=\"javascript:location.reload(true)\">refresh</a> this page to try again (if you do this remember to make it ";
    717. 

  717.             echo "read-only again afterwards)</p>";
    718. 

  718.             echo "<script type='text/javascript'>\n
    719. 

  719.                     function selectText(divid)
    720. 

  720.                     {
    721. 

  721.                         if (document.selection)
    722. 

  722.                         {
    723. 

  723.                             var div = document.body.createTextRange();
    724. 

  724.                             div.moveToElementText(document.getElementById(divid));
    725. 

  725.                             div.select();
    726. 

  726.                         }
    727. 

  727.                         else
    728. 

  728.                         {
    729. 

  729.                             var div = document.createRange();
    730. 

  730.                             div.setStartBefore(document.getElementById(divid));
    731. 

  731.                             div.setEndAfter(document.getElementById(divid)) ;
    732. 

  732.                             window.getSelection().addRange(div);
    733. 

  733.                         }
    734. 

  734. 

  735.                     }
    736. 

  736.                 </script>";
    737. 

  737.             echo "<div id='configfile' onclick=\"selectText('configfile');\" style='margin-left: 5%; margin-right: 5%; background-color: #F7FAFF; padding: 1em; border: 1px dashed #ccc;filter:alpha(opacity=75);  opacity: 0.75;  -moz-opacity:0.75; -moz-border-radius: 3px; '>";
    738. 

  738.             highlight_string($newcfgfile);
    739. 

  739.             echo "</div>";
    740. 

  740.             echo "<p>After creating your config file click the 'Next' button below.</p>";
    741. 

  741.         }
    742. 

  742.         else
    743. 

  743.         {
    744. 

  744.             echo "<p>Writing to {$config_filename}</p>";
    745. 

  745.             fwrite($fp, $newcfgfile);
    746. 

  746.             fclose($fp);
    747. 

  747.             echo "<p>Config file modified</p>";
    748. 

  748.             if (!@chmod($config_filename, 0640))
    749. 

  749.             {
    750. 

  750.                 echo "<p class='error'>Important: The file permissions on the file <var>{$config_filename}</var> ";
    751. 

  751.                 echo "allow the file to be modified, we recommend you now make this file read-only.";
    752. 

  752.                 if (DIRECTORY_SEPARATOR == '/')
    753. 

  753.                 {
    754. 

  754.                     $html .= "<br />You can run the command <code>chmod 444</code> to make it read-only.";
    755. 

  755.                 }
    756. 

  756.                 echo "</p>";
    757. 

  757.             }
    758. 

  758.         }
    759. 

  759.         echo setup_button('checkdbstate', 'Next');
    760. 

  760.     break;
    761. 

  761. 

  762.     case 'reconfigure':
    763. 

  763.         echo "<h2>Reconfigure</h2>";
    764. 

  764.         echo "<p>Amend your existing SiT! configuration.  Please take care or you may break your SiT! installation.</p>";
    765. 

  765.         echo setup_configure();
    766. 

  766.     break;
    767. 

  767. 

  768.     case 'checkdbstate':
    769. 

  769.         // Connect to Database server
    770. 

  770.         $db = @mysql_connect($CONFIG['db_hostname'], $CONFIG['db_username'], $CONFIG['db_password']);
    771. 

  771.         if (@mysql_error())
    772. 

  772.         {
    773. 

  773.             echo "<p class='error'>Setup could not connect to the database server '{$CONFIG['db_hostname']}'. MySQL Said: ".mysql_error()."</p>";
    774. 

  774.             echo setup_configure();
    775. 

  775.         }
    776. 

  776.         else
    777. 

  777.         {
    778. 

  778.             // Connected to database
    779. 

  779.             // Select database
    780. 

  780.             mysql_select_db($CONFIG['db_database'], $db);
    781. 

  781.             if (mysql_error())
    782. 

  782.             {
    783. 

  783.                 if (!empty($CONFIG['db_username']))
    784. 

  784.                 {
    785. 

  785.                     if ($cfg_file_exists)
    786. 

  786.                     {
    787. 

  787.                         echo "<p class='error'>".mysql_error()."<br />Could not select database";
    788. 

  788.                         if ($CONFIG['db_database']!='')
    789. 

  789.                         {
    790. 

  790.                             echo " '{$CONFIG['db_database']}', check the database name you have configured matches the database in MySQL";
    791. 

  791.                         }
    792. 

  792.                         else
    793. 

  793.                         {
    794. 

  794.                             echo ", the database name was not configured, please set the <code>\$CONFIG['db_database'] config variable";
    795. 

  795.                             $CONFIG['db_database'] = 'sit';
    796. 

  796.                         }
    797. 

  797.                         echo "</p>";
    798. 

  798.                         if ($_SESSION['new'] == 1)
    799. 

  799.                         {
    800. 

  800.                             echo "<p class='info'>If this is a new installation of SiT and you would like to use the database name '{$CONFIG['db_database']}', you should proceed and create a database</p>";
    801. 

  801.                         }
    802. 

  802.                         echo setup_button('reconfigure', 'Reconfigure SiT!');
    803. 

  803.                         echo "<br />or<br /><br />";
    804. 

  804.                     }
    805. 

  805.                     else
    806. 

  806.                     {
    807. 

  807.                         echo "<p class='info'>You can now go ahead and create a database called '{$CONFIG['db_database']}' for SiT! to use.</p>";
    808. 

  808.                     }
    809. 

  809.                     echo setup_button('createdb', 'Create a database', "<br /><label><input type='checkbox' name='sampledata' value='yes' checked='checked' /> With sample data</label>");
    810. 

  810.                     //echo "<p><a href='{$_SERVER['PHP_SELF']}?action=reconfigure'>Reconfigure</a> SiT!</p>";
    811. 

  811.                 }
    812. 

  812.                 else
    813. 

  813.                 {
    814. 

  814.                     // Username and Password are set, but the db could not be selected
    815. 

  815. 

  816.                 }
    817. 

  817. 

  818.                 // FIMXE INL temp removed
    819. 

  819. //                 else
    820. 

  820. //                 {
    821. 

  821. //                     echo "<p class='help'>If this is the first time you have used SiT! you may need to create the database, ";
    822. 

  822. //                     echo "if you have the necessary MySQL permissions you can create the database automatically.<br />";
    823. 

  823. //                     echo "Alternatively you can create it manually by executing the SQL statement <br /><code>{$sql};</code></p";
    824. 

  824. //                     echo "<p><a href='setup.php?action=createdatabase' class='button'>Create Database</a></p>";
    825. 

  825. //                 }
    826. 

  826. //                 //echo "<p>After creating the database run <a href='setup.php' class='button'>setup</a> again to create the database schema</p>";
    827. 

  827.                 if (empty($CONFIG['db_database']) OR empty($CONFIG['db_username']))
    828. 

  828.                 {
    829. 

  829.                     echo "<p>You need to configure SiT to be able access the MySQL database.</p>";
    830. 

  830.                     echo setup_configure();
    831. 

  831.                 }
    832. 

  832.             }
    833. 

  833.             else
    834. 

  834.             {
    835. 

  835.                 echo "<p class='info'>Sucessfully connected to your database.</p>";
    836. 

  836.                 echo setup_button('checkatttdir', 'Next');
    837. 

  837.             }
    838. 

  838.         }
    839. 

  839.     break;
    840. 

  840. 

  841. 

  842.     case 'createdb':
    843. 

  843.         if ($_REQUEST['sampledata'] == 'yes' ) $_SESSION['sampledata'] = TRUE;
    844. 

  844.         else $_SESSION['sampledata'] = FALSE;
    845. 

  845.         setup_createdb();
    846. 

  846.     break;
    847. 

  847. 

  848.     case 'checkatttdiragain':
    849. 

  849.         $again = TRUE;
    850. 

  850.     case 'checkatttdir':
    851. 

  851.         if (file_exists($CONFIG['attachment_fspath']) == FALSE)
    852. 

  852.         {
    853. 

  853.             echo "<h2>Attachments Directory</h2>";
    854. 

  854.             echo "<p>SiT! requires a directory to store attachments.</p>";
    855. 

  855. 

  856.             echo setup_button('createattdir', "Create attachments directory");
    857. 

  857.             echo "<br />";
    858. 

  858.             if ($again)
    859. 

  859.             {
    860. 

  860.                 echo setup_button('checkatttdiragain', 'Next');
    861. 

  861.                 echo "<p class='error'>The directory <code>{$CONFIG['attachment_fspath']}</code> must be created before setup can continue.</p>";
    862. 

  862.             }
    863. 

  863.         }
    864. 

  864.         elseif (is_writable($CONFIG['attachment_fspath']) == FALSE)
    865. 

  865.         {
    866. 

  866.             echo "<h2>Attachments Directory</h2>";
    867. 

  867.             echo "<p>SiT! requires that the attachments directory is writable by the web server.</p>";
    868. 

  868.             if (DIRECTORY_SEPARATOR == '/')
    869. 

  869.             {
    870. 

  870.                 echo "<br />You can run the following shell command to make it writable.<br /><br /><var>chmod ugo+w {$CONFIG['attachment_fspath']}</var>";
    871. 

  871.             }
    872. 

  872.             else
    873. 

  873.             {
    874. 

  874.                 echo "<br />You may need to set windows file permissions to set the folder <var>{$CONFIG['attachment_fspath']}</var> writable.";
    875. 

  875.             }
    876. 

  876.             echo "</p>";
    877. 

  877. 

  878.             echo setup_button('checkatttdiragain', 'Next');
    879. 

  879.         }
    880. 

  880.         else
    881. 

  881.         {
    882. 

  882.             $sql = "SHOW TABLES LIKE '{$dbUsers}'";
    883. 

  883.             $result = @mysql_query($sql);
    884. 

  884.             if (mysql_error() OR mysql_num_rows($result) < 1)
    885. 

  885.             {
    886. 

  886.                 echo "<p>Next we will create a database schema</p>";
    887. 

  887.                 echo setup_button('', 'Next');
    888. 

  888.             }
    889. 

  889.             else
    890. 

  890.             {
    891. 

  891.                 echo "<p class='info'>You can now go ahead and run SiT!.</p>";
    892. 

  892.                 echo "<form action='index.php' method='get'>";
    893. 

  893.                 echo "<input type='submit' value=\"Run SiT!\" />";
    894. 

  894.                 echo "</form>\n";
    895. 

  895.             }
    896. 

  896.         }
    897. 

  897.     break;
    898. 

  898. 

  899. 

  900.     case 'createattdir':
    901. 

  901.         // Note this creates a directory with 777 permissions!
    902. 

  902.         $dir = @mkdir($CONFIG['attachment_fspath'], '0777');
    903. 

  903.         if ($dir)
    904. 

  904.         {
    905. 

  905.             echo setup_button('checkatttdir', 'Next');
    906. 

  906.         }
    907. 

  907.         else
    908. 

  908.         {
    909. 

  909.             echo "<p class='error'>Sorry, the attachment directory could not be created for you.</p>"; // FIXME more help
    910. 

  910.             echo "<p>Please manually create a directory named <code>{$CONFIG['attachment_fspath']}</code></p>";
    911. 

  911. 

  912.             if (substr($CONFIG['attachment_fspath'], 0, 14) == './attachments-')
    913. 

  913.             {
    914. 

  914.                 echo "<p class='info'>Setup has chosen this random looking directory name on purpose, ";
    915. 

  915.                 echo "please create the directory named exactly as shown above.</p>";
    916. 

  916.             }
    917. 

  917.             echo setup_button('checkatttdiragain', 'Next');
    918. 

  918.         }
    919. 

  919.     break;
    920. 

  920. 

  921.     default:
    922. 

  922.         require (APPLICATION_LIBPATH . 'tablenames.inc.php');
    923. 

  923.         // Connect to Database server
    924. 

  924.         $db = @mysql_connect($CONFIG['db_hostname'], $CONFIG['db_username'], $CONFIG['db_password']);
    925. 

  925.         if (@mysql_error())
    926. 

  926.         {
    927. 

  927.             echo setup_configure();
    928. 

  928.         }
    929. 

  929.         else
    930. 

  930.         {
    931. 

  931.             // Connected to database
    932. 

  932.             // Select database
    933. 

  933.             mysql_select_db($CONFIG['db_database'], $db);
    934. 

  934.             if (mysql_error())
    935. 

  935.             {
    936. 

  936.                 if (!empty($CONFIG['db_username']))
    937. 

  937.                 {
    938. 

  938.                     echo "<p class='error'>".mysql_error()."<br />Could not select database";
    939. 

  939.                     if ($CONFIG['db_database']!='')
    940. 

  940.                     {
    941. 

  941.                         echo " '{$CONFIG['db_database']}', check the database name you have configured matches the database in MySQL";
    942. 

  942.                     }
    943. 

  943.                     else
    944. 

  944.                     {
    945. 

  945.                         echo ", the database name was not configured, please set the <code>\$CONFIG['db_database'] config variable";
    946. 

  946.                         $CONFIG['db_database'] = 'sit';
    947. 

  947.                     }
    948. 

  948.                     echo "</p>";
    949. 

  949.                     echo setup_button('reconfigure', 'Reconfigure SiT!');
    950. 

  950.                     echo "<p>or</p>";
    951. 

  951.                     echo setup_button('createdb', 'Create a database', "<br /><label><input type='checkbox' name='sampledata' value='yes' checked='checked' /> With sample data</label>");
    952. 

  952.                     //echo "<p><a href='{$_SERVER['PHP_SELF']}?action=reconfigure'>Reconfigure</a> SiT!</p>";
    953. 

  953.                 }
    954. 

  954.                 else
    955. 

  955.                 {
    956. 

  956.                     // Username and Password are set, but the db could not be selected
    957. 

  957. 

  958.                 }
    959. 

  959. 

  960.                 // FIMXE INL temp removed
    961. 

  961. //                 else
    962. 

  962. //                 {
    963. 

  963. //                     echo "<p class='help'>If this is the first time you have used SiT! you may need to create the database, ";
    964. 

  964. //                     echo "if you have the necessary MySQL permissions you can create the database automatically.<br />";
    965. 

  965. //                     echo "Alternatively you can create it manually by executing the SQL statement <br /><code>{$sql};</code></p";
    966. 

  966. //                     echo "<p><a href='setup.php?action=createdatabase' class='button'>Create Database</a></p>";
    967. 

  967. //                 }
    968. 

  968. //                 //echo "<p>After creating the database run <a href='setup.php' class='button'>setup</a> again to create the database schema</p>";
    969. 

  969.                 if (empty($CONFIG['db_database']) OR empty($CONFIG['db_username']))
    970. 

  970.                 {
    971. 

  971.                     echo "<p>You need to configure SiT to be able access the MySQL database.</p>";
    972. 

  972.                     echo setup_configure();
    973. 

  973.                 }
    974. 

  974.             }
    975. 

  975.             else
    976. 

  976.             {
    977. 

  977.                 require (APPLICATION_LIBPATH . 'functions.inc.php');
    978. 

  978. 

  979.                 // Load the empty schema
    980. 

  980.                 require ('setup-schema.php');
    981. 

  981. 

  982.                 // Connected to database and db selected
    983. 

  983.                 echo "<p>Connected to database - ok</p>";
    984. 

  984.                 // Check to see if we're already installed
    985. 

  985.                 $sql = "SHOW TABLES LIKE '{$dbUsers}'";
    986. 

  986.                 $result = mysql_query($sql);
    987. 

  987.                 if (mysql_error())
    988. 

  988.                 {
    989. 

  989.                     echo "<p class='error'>Could not find a users table, an error occurred ".mysql_error()."</p>";
    990. 

  990.                     exit;
    991. 

  991.                 }
    992. 

  992.                 if (mysql_num_rows($result) < 1)
    993. 

  993.                 {
    994. 

  994.                     echo "<h2>Creating new database schema...</h2>";
    995. 

  995.                     // No users table or empty users table, proceed to install
    996. 

  996. //                     $installed_schema = 0;
    997. 

  997. //                     $installed_schema = substr(end(array_keys($upgrade_schema[$application_version*100])),1);
    998. 

  998.                     $errors = setup_exec_sql($schema);
    999. 

  999.                     if ($_SESSION['sampledata'] == TRUE)
    1000. 

  1000.                     {
    1001. 

  1001.                         // Install sample data
    1002. 

  1002.                         echo "<p>Installing sample data...</p>";
    1003. 

  1003.                         $errors = $errors + setup_exec_sql($sampledata_sql);
    1004. 

  1004.                     }
    1005. 

  1005.                     // Update the system version
    1006. 

  1006.                     if ($errors < 1)
    1007. 

  1007.                     {
    1008. 

  1008.                         $vsql = "REPLACE INTO `{$dbSystem}` ( `id`, `version`) VALUES (0, $application_version)";
    1009. 

  1009.                         mysql_query($vsql);
    1010. 

  1010.                         if (mysql_error())
    1011. 

  1011.                         {
    1012. 

  1012.                             $html .= "<p class='error'>Could not store new schema version number '{$application_version}'. ".mysql_error()."</p>";
    1013. 

  1013.                         }
    1014. 

  1014.                         else
    1015. 

  1015.                         {
    1016. 

  1016.                             $html .= "<p>Schema successfully created as version {$application_version}</p>";
    1017. 

  1017.                         }
    1018. 

  1018.                     }
    1019. 

  1019.                     else
    1020. 

  1020.                     {
    1021. 

  1021.                         $html .= "<p class='error'><strong>Summary</strong>: {$errors} Error(s) occurred while creating the schema, ";
    1022. 

  1022.                         $html .= "please resolve the problems reported and then try running setup again.</p>";
    1023. 

  1023.                     }
    1024. 

  1024.                     echo $html;
    1025. 

  1025. /*                    // Set the system version number
    1026. 

  1026.                     $sql = "REPLACE INTO `{$dbSystem}` ( id, version) VALUES (0, $application_version)";
    1027. 

  1027.                     mysql_query($sql);
    1028. 

  1028.                     if (mysql_error()) trigger_error(mysql_error(),E_USER_ERROR);*/
    1029. 

  1029.                     $installed_version = $application_version;
    1030. 

  1030.                     echo "<h2>Database schema created</h2>";
    1031. 

  1031.                     if ($errors > 0)
    1032. 

  1032.                     {
    1033. 

  1033.                         echo "<p>If these errors do not appear to be caused by your configuration or setup, ";
    1034. 

  1034.                         echo "please log a bug <a href='http://sitracker.org/wiki/Bugs'>here</a>";
    1035. 

  1035.                         echo ", with the full error message.</p>";
    1036. 

  1036.                     }
    1037. 

  1037.                     else
    1038. 

  1038.                     {
    1039. 

  1039.                         echo "<p>You can now proceed with the next step.</p>";
    1040. 

  1040.                     }
    1041. 

  1041.                     echo setup_button('checkinstallcomplete', 'Next');
    1042. 

  1042.                 }
    1043. 

  1043.                 else
    1044. 

  1044.                 {
    1045. 

  1045.                     // users table exists and has at least one record, must be already installed
    1046. 

  1046.                     // Do upgrade
    1047. 

  1047. 

  1048.                     // Have a look what version is installed
    1049. 

  1049.                     // First look to see if the system table exists
    1050. 

  1050.                     $exists = mysql_query("SELECT 1 FROM `{$dbSystem}` LIMIT 0");
    1051. 

  1051.                     if (!$exists)
    1052. 

  1052.                     {
    1053. 

  1053.                         echo "<p class='error'>Could not find a 'system' table which probably means you have a version prior to v3.21</p>";
    1054. 

  1054.                         $installed_version = 3.00;
    1055. 

  1055.                     }
    1056. 

  1056.                     else
    1057. 

  1057.                     {
    1058. 

  1058.                         $sql = "SELECT `version` FROM `{$dbSystem}` WHERE id = 0";
    1059. 

  1059.                         $result = mysql_query($sql);
    1060. 

  1060.                         if (mysql_error()) trigger_error(mysql_error(),E_USER_WARNING);
    1061. 

  1061.                         list($installed_version) = mysql_fetch_row($result);
    1062. 

  1062. 

  1063. /*                        if ($installed_version >= 3.35)
    1064. 

  1064.                         {
    1065. 

  1065.                             $sql = "SELECT `schemaversion` FROM `{$dbSystem}` WHERE id = 0";
    1066. 

  1066.                             $result = mysql_query($sql);
    1067. 

  1067.                             if (mysql_error()) trigger_error(mysql_error(),E_USER_WARNING);
    1068. 

  1068.                             list($installed_schema) = mysql_fetch_row($result);
    1069. 

  1069.                         }
    1070. 

  1070.                         else
    1071. 

  1071.                         {
    1072. 

  1072.                             $installed_schema = 334;
    1073. 

  1073.                             $sql = "SHOW COLUMNS FROM `{$dbSystem}` WHERE Field='schema'";
    1074. 

  1074.                             $result = mysql_query($sql);
    1075. 

  1075.                             if (mysql_num_rows($result) < 1)
    1076. 

  1076.                             {
    1077. 

  1077.                                 $sql = "ALTER TABLE `{$dbSystem}` ADD `schemaversion` BIGINT UNSIGNED NOT NULL COMMENT 'DateTime in YYYYMMDDHHMM format'";
    1078. 

  1078.                                 $result = mysql_query($sql);
    1079. 

  1079.                                 if (mysql_error()) trigger_error(mysql_error(),E_USER_WARNING);
    1080. 

  1080.                             }
    1081. 

  1081.                         }*/
    1082. 

  1082.                     }
    1083. 

  1083. 

  1084.                     if (empty($installed_version))
    1085. 

  1085.                     {
    1086. 

  1086.                         echo "<p class='error'>Fatal setup error - Could not determine version of installed software.  Try wiping your installation and installing from clean. (sorry)</p>";
    1087. 

  1087.                         echo setup_button('', 'Restart setup');
    1088. 

  1088.                         exit;
    1089. 

  1089.                     }
    1090. 

  1090. 

  1091.                     echo "<h2>Installed OK</h2>";
    1092. 

  1092. 

  1093.                     if ($_REQUEST['action'] == 'upgrade')
    1094. 

  1094.                     {
    1095. 

  1095.                         /*****************************
    1096. 

  1096.                          * Do pre-upgrade tasks here *
    1097. 

  1097.                          *****************************/
    1098. 

  1098. 

  1099.                         if ($installed_version < 3.35)
    1100. 

  1100.                         {
    1101. 

  1101.                             //Get anyone with var_notify_on_reassign on so we can add them a trigger later
    1102. 

  1102.                             $sql = "SELECT * FROM `{$dbUsers}` WHERE var_notify_on_reassign='true'";
    1103. 

  1103.                             if ($result = @mysql_query($sql))
    1104. 

  1104.                             {
    1105. 

  1105.                                 while ($row = mysql_fetch_object($result))
    1106. 

  1106.                                 {
    1107. 

  1107.                                     $assign_notify_users[] = $row->id;
    1108. 

  1108.                                 }
    1109. 

  1109.                             }
    1110. 

  1110. 

  1111.                             //any kbarticles with private content, change whole type
    1112. 

  1112.                             $sql = "SELECT docid, distribution FROM `{$dbKBContent} WHERE distribution!='public'";
    1113. 

  1113.                             if ($result = @mysql_query($sql))
    1114. 

  1114.                             {
    1115. 

  1115.                                 while ($row = @mysql_fetch_object($result))
    1116. 

  1116.                                 {
    1117. 

  1117.                                     if ($row->distribution == 'private')
    1118. 

  1118.                                     {
    1119. 

  1119.                                         $kbprivate[] = $row->docid;
    1120. 

  1120.                                     }
    1121. 

  1121.                                     elseif (!in_array($row->docid, $kbprivate))
    1122. 

  1122.                                     {
    1123. 

  1123.                                         $kbrestricted[] = $row->docid;
    1124. 

  1124.                                     }
    1125. 

  1125.                                 }
    1126. 

  1126.                             }
    1127. 

  1127.                         }
    1128. 

  1128. 

  1129.                         if ($installed_version < 3.45)
    1130. 

  1130.                         {
    1131. 

  1131.                             $sql = "SELECT i.id FROM `{$GLOBALS['dbIncidents']}` AS i, `{$GLOBALS['dbContacts']}` AS c, `{$dbServiceLevels}` AS sl ";
    1132. 

  1132.                             $sql .= "WHERE c.id = i.contact ";
    1133. 

  1133.                             $sql .= "AND sl.tag = i.servicelevel AND sl.priority = i.priority AND sl.timed = 'yes' ";
    1134. 

  1134.                             $sql .= "AND i.status = 2 "; // Only want closed incidents, dont want awaiting closure as they could be reactivated
    1135. 

  1135. 

  1136.                             $result = mysql_query($sql);
    1137. 

  1137.                             if (mysql_error()) trigger_error("MySQL Query Error ".mysql_error(), E_USER_WARNING);
    1138. 

  1138.                             if (mysql_num_rows($result) > 0)
    1139. 

  1139.                             {
    1140. 

  1140.                                 while ($obj = mysql_fetch_object($result))
    1141. 

  1141.                                 {
    1142. 

  1142.                                     $asql = "SELECT DISTINCT origcolref, linkcolref ";
    1143. 

  1143.                                     $asql .= "FROM `{$dbLinks}` AS l, `{$dbLinkTypes}` AS lt ";
    1144. 

  1144.                                     $asql .= "WHERE l.linktype = 6 ";
    1145. 

  1145.                                     $asql .= "AND linkcolref = {$obj->id} ";
    1146. 

  1146.                                     $asql .= "AND direction = 'left'";
    1147. 

  1147.                                     $aresult = mysql_query($asql);
    1148. 

  1148.                                     if (mysql_error()) trigger_error(mysql_error(),E_USER_WARNING);
    1149. 

  1149. 

  1150.                                     if (mysql_num_rows($aresult) == 0)
    1151. 

  1151.                                     {
    1152. 

  1152.                                         $billing_upgrade[] = $obj->id;
    1153. 

  1153.                                     }
    1154. 

  1154.                                 }
    1155. 

  1155.                             }
    1156. 

  1156.                         }
    1157. 

  1157. 

  1158.                         /*****************************
    1159. 

  1159.                          * UPGRADE THE SCHEMA        *
    1160. 

  1160.                          *****************************/
    1161. 

  1161.                         for ($v=(($installed_version*100)+1); $v<=($application_version*100); $v++)
    1162. 

  1162.                         {
    1163. 

  1163.                             $html = '';
    1164. 

  1164.                             if (!empty($upgrade_schema[$v]))
    1165. 

  1165.                             {
    1166. 

  1166.                                 $newversion = number_format(($v/100),2);
    1167. 

  1167.                                 echo "<p>Updating schema from {$installed_version} to v{$newversion}&hellip;</p>";
    1168. 

  1168.                                 $errors = setup_exec_sql($upgrade_schema[$v]);
    1169. 

  1169.                                 // Update the system version
    1170. 

  1170.                                 if ($errors < 1)
    1171. 

  1171.                                 {
    1172. 

  1172.                                     $vsql = "REPLACE INTO `{$dbSystem}` ( `id`, `version`) VALUES (0, $newversion)";
    1173. 

  1173.                                     mysql_query($vsql);
    1174. 

  1174.                                     if (mysql_error())
    1175. 

  1175.                                     {
    1176. 

  1176.                                         $html .= "<p class='error'>Could not store new schema version number '{$newversion}'. ".mysql_error()."</p>";
    1177. 

  1177.                                     }
    1178. 

  1178.                                     else
    1179. 

  1179.                                     {
    1180. 

  1180.                                         $html .= "<p>Schema successfully updated to version {$newversion}.</p>";
    1181. 

  1181.                                     }
    1182. 

  1182.                                     $installed_version = $newversion;
    1183. 

  1183.                                     $upgradeok = TRUE;
    1184. 

  1184.                                 }
    1185. 

  1185.                                 else
    1186. 

  1186.                                 {
    1187. 

  1187.                                     $html .= "<p class='error'><strong>Summary</strong>: {$errors} Error(s) occurred while updating t…
    1188.

Large files files are truncated, but you can click here to view the full file