PageRenderTime 95ms CodeModel.GetById 20ms RepoModel.GetById 0ms app.codeStats 0ms

/install.php

https://code.google.com/p/ezrpg/
PHP | 340 lines | 274 code | 25 blank | 41 comment | 31 complexity | 17201860fd7a784c31f16a4898c1b60e MD5 | raw file
Possible License(s): GPL-3.0
  1. <?php
  2. error_reporting(0);
  3. define('IN_EZRPG', true);
  4. include './lib/func.rand.php';
  5. function displayHeader()
  6. {
  7. echo <<<HEAD
  8. <html>
  9. <head>
  10. <title>ezRPG Installation</title>
  11. <link rel="stylesheet" href="static/default/style.css" type="text/css" />
  12. <style>
  13. #content
  14. {
  15. width: 50%;
  16. margin: auto;
  17. font: 1.0em Verdana, Arial, Sans-serif;
  18. color: #444;
  19. padding: 10px;
  20. border: 1px solid #3182C0;
  21. }
  22. </style>
  23. </head>
  24. <body>
  25. <div id="content">
  26. <h1>ezRPG Installation</h1>
  27. HEAD;
  28. }
  29. function displayFooter()
  30. {
  31. echo <<<FOOT
  32. </div>
  33. </body>
  34. </html>
  35. FOOT;
  36. }
  37. if (!isset($_GET['act']))
  38. {
  39. if (!is_writable('config.php') || !is_writable('smarty/templates_c'))
  40. {
  41. displayHeader();
  42. echo '<h2>Step 1</h2>';
  43. echo '<p>Please make sure the following files and folders are writable:';
  44. echo '<strong>config.php</strong><br />';
  45. echo '<strong>smarty/templates_c</strong><br />';
  46. echo '<\p>';
  47. echo '<p>';
  48. echo 'The below folders are optional to make writable:<br />';
  49. echo '<strong>lib/ext/htmlpurifier/HTMLPurifier/DefinitionCache/Serializer</strong>';
  50. echo '<strong>lib/ext/htmlpurifier/HTMLPurifier/DefinitionCache/Serializer/HTML</strong>';
  51. echo '<strong>lib/ext/htmlpurifier/HTMLPurifier/DefinitionCache/Serializer/URI</strong>';
  52. echo '</p>';
  53. echo '<p>';
  54. echo '<br />Chmod those files and folders to 0755 or 0777.</p>';
  55. echo '<p><a href="install.php">Click here to check again</a></p>';
  56. displayFooter();
  57. exit;
  58. }
  59. else
  60. {
  61. displayHeader();
  62. echo '<h2>Step 1</h2>';
  63. echo '<p>You have given the files/folders the correct file permissions.</p>';
  64. echo '<p><a href="install.php?act=2">Continue to next step</a></p>';
  65. displayFooter();
  66. exit;
  67. }
  68. }
  69. else if ($_GET['act'] == '2')
  70. {
  71. displayHeader();
  72. echo '<h2>Step 2</h2>';
  73. if (!isset($_POST['submit']))
  74. {
  75. $dbhost = 'localhost';
  76. $dbname = 'ezrpg';
  77. $dbuser = '';
  78. $dbpass = '';
  79. $dbprefix = '';
  80. }
  81. else
  82. {
  83. $errors = 0;
  84. $msg = '';
  85. if (isset($_POST['dbhost']) && empty($_POST['dbhost']))
  86. {
  87. $errors = 1;
  88. $msg .= 'You need to enter a host name!<br />';
  89. }
  90. if (isset($_POST['dbname']) && empty($_POST['dbname']))
  91. {
  92. $errors = 1;
  93. $msg .= 'You need to enter a database name!<br />';
  94. }
  95. if (isset($_POST['dbuser']) && empty($_POST['dbuser']))
  96. {
  97. $errors = 1;
  98. $msg .= 'You need to enter a database user!<br />';
  99. }
  100. //so far so good...
  101. if ($errors == 0)
  102. {
  103. //let's test the connection
  104. $db = mysql_connect($_POST['dbhost'], $_POST['dbuser'], $_POST['dbpass']);
  105. if (!$db)
  106. {
  107. $errors = 1;
  108. $msg .= 'ezRPG could not connect to the database with the details you entered!<br />';
  109. }
  110. else
  111. {
  112. $db_selected = mysql_select_db($_POST['dbname']);
  113. if (!$db_selected)
  114. {
  115. $errors = 1;
  116. $msg .= 'ezRPG could not select the database with the database name you entered!<br />';
  117. }
  118. }
  119. }
  120. if ($errors == 0)
  121. {
  122. //No problesm connecting and selecting the database
  123. //Save details to the config file and fill the database
  124. $dbhost = $_POST['dbhost'];
  125. $dbname = $_POST['dbname'];
  126. $dbuser = $_POST['dbuser'];
  127. $dbpass = $_POST['dbpass'];
  128. $dbprefix = $_POST['dbprefix'];
  129. //fill the database first
  130. $query1 = <<<QUERY
  131. CREATE TABLE IF NOT EXISTS `{$dbprefix}players` (
  132. `id` int(11) unsigned NOT NULL auto_increment,
  133. `username` varchar(30) default NULL,
  134. `password` varchar(40) default NULL,
  135. `email` varchar(255) default NULL,
  136. `secret_key` text,
  137. `rank` smallint(5) unsigned NOT NULL default '1',
  138. `registered` int(11) unsigned default NULL,
  139. `last_active` int(11) unsigned default '0',
  140. `last_login` int(11) unsigned default '0',
  141. `money` int(11) unsigned default '100',
  142. `level` int(11) unsigned default '1',
  143. `stat_points` int(11) unsigned default '10',
  144. `exp` int(11) unsigned default '0',
  145. `max_exp` int(11) unsigned default '10',
  146. `hp` int(11) unsigned default '20',
  147. `max_hp` int(11) unsigned default '20',
  148. `energy` int(11) unsigned NOT NULL default '10',
  149. `max_energy` int(11) unsigned NOT NULL default '10',
  150. `strength` int(11) unsigned default '5',
  151. `vitality` int(11) unsigned default '5',
  152. `agility` int(11) unsigned default '5',
  153. `dexterity` int(11) unsigned default '5',
  154. `damage` int(11) unsigned default '0',
  155. `kills` int(11) unsigned NOT NULL default '0',
  156. `deaths` int(11) unsigned NOT NULL default '0',
  157. PRIMARY KEY (`id`),
  158. UNIQUE KEY `username` (`username`),
  159. UNIQUE KEY `email` (`email`)
  160. ) ENGINE=InnoDB DEFAULT CHARSET=latin1;
  161. QUERY;
  162. mysql_query($query1) or die('Something went wrong.');
  163. $query2 = <<<QUERY
  164. CREATE TABLE IF NOT EXISTS `{$dbprefix}player_log` (
  165. `id` int(11) unsigned NOT NULL auto_increment,
  166. `player` int(11) unsigned NOT NULL,
  167. `time` int(11) unsigned NOT NULL,
  168. `message` text NOT NULL,
  169. `status` tinyint(1) unsigned NOT NULL default '0',
  170. PRIMARY KEY (`id`),
  171. KEY `player_log` (`player`,`time`),
  172. KEY `new_logs` (`player`,`status`)
  173. ) ENGINE=InnoDB DEFAULT CHARSET=latin1;
  174. QUERY;
  175. mysql_query($query2) or die('Something went wrong.');
  176. echo '<p>Tables installed.</p>';
  177. //Save data to config file
  178. $secret_key = createKey(24);
  179. $config = <<<CONF
  180. <?php
  181. //This file cannot be viewed, it must be included
  182. defined('IN_EZRPG') or exit;
  183. /*
  184. Title: Config
  185. The most important settings for the game are set here.
  186. */
  187. /*
  188. Variables: Database Connection
  189. Connection settings for the database.
  190. \$config_server - Database server
  191. \$config_dbname - Database name
  192. \$config_username - Username to login to server with
  193. \$config_password - Password to login to server with
  194. \$config_driver - Contains the database driver to use to connect to the database.
  195. */
  196. \$config_server = '{$dbhost}';
  197. \$config_dbname = '{$dbname}';
  198. \$config_username = '{$dbuser}';
  199. \$config_password = '{$dbpass}';
  200. \$config_driver = 'mysql';
  201. /*
  202. Constant:
  203. This secret key is used in the hashing of player passwords and other important data.
  204. Secret keys can be of any length, however longer keys are more effective.
  205. This should only ever be set ONCE! Any changes to it will cause your game to break!
  206. You should save a copy of the key on your computer, just in case the secret key is lost or accidentally changed,.
  207. SECRET_KEY - A long string of random characters.
  208. */
  209. define('SECRET_KEY', '{$secret_key}');
  210. /*
  211. Constants: Settings
  212. Various settings used in ezRPG.
  213. DB_PREFIX - Prefix to the table names
  214. VERSION - Version of ezRPG
  215. SHOW_ERRORS - Turn on to show PHP errors.
  216. DEBUG_MODE - Turn on to show database errors and debug information.
  217. */
  218. define('DB_PREFIX', '{$dbprefix}');
  219. define('VERSION', '1.0');
  220. define('SHOW_ERRORS', 0);
  221. define('DEBUG_MODE', 0);
  222. ?>
  223. CONF;
  224. file_put_contents('config.php', $config);
  225. echo '<p>Config file written.</p>';
  226. echo '<p><a href="install.php?act=3">Continue to next step</a></p>';
  227. displayFooter();
  228. exit;
  229. }
  230. else
  231. {
  232. echo '<p><strong>Sorry, there were some problems:</strong><br />', $msg, '</p>';
  233. $dbhost = $_POST['dbhost'];
  234. $dbname = $_POST['dbname'];
  235. $dbuser = $_POST['dbuser'];
  236. $dbpass = $_POST['dbpass'];
  237. $dbprefix = $_POST['dbprefix'];
  238. }
  239. }
  240. echo '<p>Please fill in the database access details here.</p>';
  241. echo '<form method="post" action="install.php?act=2">';
  242. echo '<label>Host</label>';
  243. echo '<input type="text" name="dbhost" value="', $dbhost, '" />';
  244. echo '<label>Database Name</label>';
  245. echo '<input type="text" name="dbname" value="', $dbname, '" />';
  246. echo '<label>User</label>';
  247. echo '<input type="text" name="dbuser" value="', $dbuser, '" />';
  248. echo '<label>Password</label>';
  249. echo '<input type="password" name="dbpass" value="', $dbpass, '" />';
  250. echo '<label>Table Prefix (Optional)</label>';
  251. echo '<input type="text" name="dbprefix" value="', $dbprefix, '" />';
  252. echo '<p>You can enter a prefix for your table names if you like.<br />This can be useful if you will be sharing the database with other applications, or if you are running more than one ezRPG instance in a single database.</p>';
  253. echo '<input type="submit" name="submit" value="Submit" class="button" />';
  254. echo '</form>';
  255. displayFooter();
  256. exit;
  257. }
  258. else if ($_GET['act'] == '3')
  259. {
  260. displayHeader();
  261. echo '<h1>Step 3</h1>';
  262. if (isset($_POST['submit']))
  263. {
  264. $errors = 0;
  265. $msg = '';
  266. if (empty($_POST['username']) || empty($_POST['email']) || empty($_POST['password']) || empty($_POST['password']))
  267. {
  268. $errors = 1;
  269. $msg .= 'You forgot to fill in something!';
  270. }
  271. if ($_POST['password'] != $_POST['password2'])
  272. {
  273. $errors = 1;
  274. $msg .= 'You didn\'t verify your password correctly.';
  275. }
  276. if ($errors == 0)
  277. {
  278. include 'config.php';
  279. mysql_connect($config_server, $config_username, $config_password);
  280. mysql_select_db($config_dbname);
  281. $secret_key = createKey(16);
  282. $query = 'INSERT INTO `' . DB_PREFIX . 'players` (`username`, `password`, `email`, `secret_key`, `registered`, `rank`) VALUES(\'' . mysql_real_escape_string($_POST['username']) . '\', \'' . mysql_real_escape_string(sha1($secret_key . $_POST['password'] . SECRET_KEY)) . '\', \'' . mysql_real_escape_string($_POST['email']) . '\', \'' . mysql_real_escape_string($secret_key) . '\', ' . time() . ', 10)';
  283. mysql_query($query);
  284. echo '<p>Your admin account has been created! You may now login to the game. You can access the admin panel at <em>/admin</em>.</p>';
  285. echo '<p><strong>Please delete install.php immediately!</strong></p>';
  286. echo '<p><a href="index.php">Visit your ezRPG!</a></p>';
  287. displayFooter();
  288. exit;
  289. }
  290. else
  291. {
  292. echo '<p><strong>Sorry, there were some problems:</strong><br />', $msg, '</p>';
  293. }
  294. }
  295. echo '<p>Create your admin account for ezRPG.</p>';
  296. echo '<form method="post" action="install.php?act=3">';
  297. echo '<label>Username</label>';
  298. echo '<input type="text" name="username" value="', $_POST['username'], '" />';
  299. echo '<label>Email</label>';
  300. echo '<input type="text" name="email" value="', $_POST['email'], '" />';
  301. echo '<label>Password</label>';
  302. echo '<input type="password" name="password" />';
  303. echo '<label>Verify Password</label>';
  304. echo '<input type="password" name="password2" />';
  305. echo '<br />';
  306. echo '<input type="submit" value="Create" name="submit" class="button" />';
  307. echo '</form>';
  308. displayFooter();
  309. exit;
  310. }
  311. ?>