PageRenderTime 29ms CodeModel.GetById 20ms RepoModel.GetById 0ms app.codeStats 0ms

/setup.php

http://snowcms.googlecode.com/
PHP | 811 lines | 540 code | 89 blank | 182 comment | 65 complexity | f940218ead6cc4242ce8a520aa333749 MD5 | raw file
Possible License(s): CC-BY-SA-3.0 
    

  1. <?php

    2. 

  2. ////////////////////////////////////////////////////////////////////////////

    3. 

  3. //                              SnowCMS v2.0                              //

    4. 

  4. //                           By the SnowCMS Team                          //

    5. 

  5. //                             www.snowcms.com                            //

    6. 

  6. //            Released under the Microsoft Reciprocal License             //

    7. 

  7. //                 www.opensource.org/licenses/ms-rl.html                 //

    8. 

  8. ////////////////////////////////////////////////////////////////////////////

    9. 

  9. //                                                                        //

    10. 

  10. //       SnowCMS originally pawned by soren121 started in early 2008      //

    11. 

  11. //                                                                        //

    12. 

  12. ////////////////////////////////////////////////////////////////////////////

    13. 

  13. //                                                                        //

    14. 

  14. //                  SnowCMS v2.0 began in November 2009                   //

    15. 

  15. //                                                                        //

    16. 

  16. ////////////////////////////////////////////////////////////////////////////

    17. 

  17. //                       File version: SnowCMS 2.0                        //

    18. 

  18. ////////////////////////////////////////////////////////////////////////////

    19. 

  19. 

    20. 

  20. // Title: SnowCMS Installer

    21. 

  21. 

    22. 

  22. // Setting this to true will prevent the setup.php and setup SQL files

    23. 

  23. // from being deleted, just in case any modifications were made to these

    24. 

  24. // files... Wouldn't want any work to be lost!

    25. 

  25. define('INDEVMODE', true);

    26. 

  26. 

    27. 

  27. session_start();

    28. 

  28. 

    29. 

  29. // Magic quotes, what a joke!!!

    30. 

  30. if(function_exists('set_magic_quotes_runtime'))

    31. 

  31. {

    32. 

  32. 	@set_magic_quotes_runtime(0);

    33. 

  33. }

    34. 

  34. 

    35. 

  35. // All time/date stuff should be considered UTC, makes life easier!

    36. 

  36. if(function_exists('date_default_timezone_set'))

    37. 

  37. {

    38. 

  38. 	date_default_timezone_set('UTC');

    39. 

  39. }

    40. 

  40. else

    41. 

  41. {

    42. 

  42. 	@ini_set('date.timezone', 'UTC');

    43. 

  43. }

    44. 

  44. 

    45. 

  45. // We are currently in SnowCMS :)

    46. 

  46. define('INSNOW', true, true);

    47. 

  47. 

    48. 

  48. // We want to see those errors...

    49. 

  49. error_reporting(E_STRICT | E_ALL);

    50. 

  50. 

    51. 

  51. // Remove magic quotes, if it is on...

    52. 

  52. if((function_exists('get_magic_quotes_gpc') && @get_magic_quotes_gpc() == 1) || @ini_get('magic_quotes_sybase'))

    53. 

  53. {

    54. 

  54. 	$_COOKIE = remove_magic($_COOKIE);

    55. 

  55. 	$_GET = remove_magic($_GET);

    56. 

  56. 	$_POST = remove_magic($_POST);

    57. 

  57. }

    58. 

  58. 

    59. 

  59. function remove_magic($array, $depth = 5)

    60. 

  60. {

    61. 

  61. 	// Nothing in the array? No need!

    62. 

  62. 	if(count($array) == 0)

    63. 

  63. 	{

    64. 

  64. 		return array();

    65. 

  65. 	}

    66. 

  66. 	// Exceeded our maximum depth? Just return the array, untouched.

    67. 

  67. 	elseif($depth <= 0)

    68. 

  68. 	{

    69. 

  69. 		return $array;

    70. 

  70. 	}

    71. 

  71. 

    72. 

  72. 	foreach($array as $key => $value)

    73. 

  73. 	{

    74. 

  74. 		// Gotta remember that the key needs to have magic quote crud removed

    75. 

  75. 		// as well!

    76. 

  76. 		if(!is_array($value))

    77. 

  77. 		{

    78. 

  78. 			$array[stripslashes($key)] = stripslashes($value);

    79. 

  79. 		}

    80. 

  80. 		else

    81. 

  81. 		{

    82. 

  82. 			$array[stripslashes($key)] = remove_magic($value, $depth - 1);

    83. 

  83. 		}

    84. 

  84. 	}

    85. 

  85. 

    86. 

  86. 	return $array;

    87. 

  87. }

    88. 

  88. 

    89. 

  89. // Alright, let's do this thing!

    90. 

  90. call_user_func(setup_return_func());

    91. 

  91. 

    92. 

  92. /*

    93. 

  93. 	Function: setup_return_func

    94. 

  94. 

    95. 

  95. 	Returns the function that ought to be called...

    96. 

  96. 

    97. 

  97. 	Parameters:

    98. 

  98. 		none

    99. 

  99. 

    100. 

  100. 	Returns:

    101. 

  101. 		string

    102. 

  102. */

    103. 

  103. function setup_return_func()

    104. 

  104. {

    105. 

  105. 	// We need to check system requirements. If you aren't running PHP 5.0,

    106. 

  106. 	// have the XML Parser extension enabled, or MySQL, then you can't run

    107. 

  107. 	// SnowCMS... Sorry! Oh, and this directory needs to be writeable.

    108. 

  108. 	if(!is_writable(dirname(__FILE__)) || !version_compare(phpversion(), '5.0.0', '>=') || !function_exists('xml_parser_create') || !function_exists('mysql_connect'))

    109. 

  109. 	{

    110. 

  110. 		return 'setup_requirement_fail';

    111. 

  111. 	}

    112. 

  112. 

    113. 

  113. 	// What step do you claim you are on?

    114. 

  114. 	$step = !empty($_GET['step']) && (int)$_GET['step'] > 0 && (int)$_GET['step'] < 4 ? (int)$_GET['step'] : 1;

    115. 

  115. 

    116. 

  116. 	// Which are you really on?

    117. 

  117. 	if(empty($_SESSION['step']) || $_SESSION['step'] != $step)

    118. 

  118. 	{

    119. 

  119. 		$step = 1;

    120. 

  120. 	}

    121. 

  121. 

    122. 

  122. 	// Just a simple session identifier.

    123. 

  123. 	if(empty($_SESSION['id']))

    124. 

  124. 	{

    125. 

  125. 		$_SESSION['id'] = sha1(mt_rand(1, 9999) + str_shuffle('My favorite color is blue... Really. No joke.'));

    126. 

  126. 	}

    127. 

  127. 

    128. 

  128. 	// This is easy enough.

    129. 

  129. 	return 'setup_step_'. $step;

    130. 

  130. }

    131. 

  131. 

    132. 

  132. /*

    133. 

  133. 	Function: setup_requirement_fail

    134. 

  134. 

    135. 

  135. 	Parameters:

    136. 

  136. 		none

    137. 

  137. 

    138. 

  138. 	Returns:

    139. 

  139. 		void

    140. 

  140. */

    141. 

  141. function setup_requirement_fail()

    142. 

  142. {

    143. 

  143. 	template_header();

    144. 

  144. 

    145. 

  145. 	echo '

    146. 

  146. 			<h1>System Requirements Failure</h1>

    147. 

  147. 			<p>Sorry, but it appears that your server does not meet the requirements in order to run SnowCMS. Please read the following for information as to why your server failed this test.</p>

    148. 

  148. 			<br />

    149. 

  149. 			<p>Checking if directory is writable... ', (is_writable(dirname(__FILE__)) ? '<span class="green bold">Writable</span>' : '<span class="red bold">Not Writable</span>'), '</p>

    150. 

  150. 			<p>Checking for at least PHP version 5... ', (version_compare(phpversion(), '5.0.0', '>=') ? '<span class="green bold">OK</span>' : '<span class="red bold">FAIL</span>'), ' (running v', phpversion(), ')</p>

    151. 

  151. 			<p>Checking for <a href="http://www.php.net/manual/en/book.xml.php" target="_blank">XML Parser</a> extension... ', (function_exists('xml_parser_create') ? '<span class="green bold">Enabled</span>' : '<span class="red bold">Not Enabled</span>'), '</p>

    152. 

  152. 			<p>Checking for MySQL extension... ', (function_exists('mysql_connect') ? '<span class="green bold">Enabled</span>' : '<span class="red bold">Not Enabled</span>'), '</p>

    153. 

  153. 			<br />

    154. 

  154. 			<p>Once these issues are resolved, simply refresh this page to check again.</p>';

    155. 

  155. 

    156. 

  156. 	template_footer();

    157. 

  157. }

    158. 

  158. 

    159. 

  159. /*

    160. 

  160. 	Function: setup_step_1

    161. 

  161. 

    162. 

  162. 	Displays and processes everything that occurs within the first step of

    163. 

  163. 	the installation process.

    164. 

  164. 

    165. 

  165. 	Parameters:

    166. 

  166. 		none

    167. 

  167. 

    168. 

  168. 	Returns:

    169. 

  169. 		void

    170. 

  170. */

    171. 

  171. function setup_step_1()

    172. 

  172. {

    173. 

  173. 	if(!empty($_POST['proc_step_1']))

    174. 

  174. 	{

    175. 

  175. 		$error_msg = array();

    176. 

  176. 

    177. 

  177. 		$db_host = !empty($_POST['db_host']) ? $_POST['db_host'] : '';

    178. 

  178. 		$db_user = !empty($_POST['db_user']) ? $_POST['db_user'] : '';

    179. 

  179. 		$db_pass = !empty($_POST['db_pass']) ? $_POST['db_pass'] : '';

    180. 

  180. 		$db_name = !empty($_POST['db_name']) ? $_POST['db_name'] : '';

    181. 

  181. 		$tbl_prefix = !empty($_POST['tbl_prefix']) ? $_POST['tbl_prefix'] : '';

    182. 

  182. 

    183. 

  183. 		// Make sure the session id's match.

    184. 

  184. 		if(empty($_POST['session_id']) || $_POST['session_id'] != $_SESSION['id'])

    185. 

  185. 		{

    186. 

  186. 			$error_msg[] = 'Session verification failed. Please try again.';

    187. 

  187. 		}

    188. 

  188. 

    189. 

  189. 		if(count($error_msg) == 0)

    190. 

  190. 		{

    191. 

  191. 			$connection = @mysql_connect($db_host, $db_user, $db_pass);

    192. 

  192. 

    193. 

  193. 			// So, did it work?

    194. 

  194. 			if(!empty($connection))

    195. 

  195. 			{

    196. 

  196. 				$selected_db = @mysql_select_db($db_name, $connection);

    197. 

  197. 

    198. 

  198. 				// Were we able to select the database?

    199. 

  199. 				if(!empty($selected_db))

    200. 

  200. 				{

    201. 

  201. 					// Sweet! Now to save the configuration file. Hopefully...

    202. 

  202. 					// Shouldn't be a problem, seeing as the directory *ought* to be

    203. 

  203. 					// writable if you are on step #1.

    204. 

  204. 

    205. 

  205. 					if(generate_config($db_host, $db_user, $db_pass, $db_name, $tbl_prefix, $error_msg))

    206. 

  206. 					{

    207. 

  207. 						// You're on to step 2!

    208. 

  208. 						$_SESSION['step'] = 2;

    209. 

  209. 

    210. 

  210. 						// Let's redirect you there...

    211. 

  211. 						header('HTTP/1.1 Temporary Redirect');

    212. 

  212. 						header('Location: setup.php?step=2');

    213. 

  213. 

    214. 

  214. 						exit;

    215. 

  215. 					}

    216. 

  216. 				}

    217. 

  217. 				else

    218. 

  218. 				{

    219. 

  219. 					// No, maybe you didn't assign the right permissions :-/.

    220. 

  220. 					$error_msg[] = 'MySQL Error: ['. mysql_errno(). '] '. mysql_error();

    221. 

  221. 				}

    222. 

  222. 			}

    223. 

  223. 			else

    224. 

  224. 			{

    225. 

  225. 				// Shoot, it didn't!

    226. 

  226. 				$error_msg[] = 'MySQL Error: ['. mysql_errno(). '] '. mysql_error();

    227. 

  227. 			}

    228. 

  228. 		}

    229. 

  229. 	}

    230. 

  230. 

    231. 

  231. 	template_header(1);

    232. 

  232. 

    233. 

  233. 	echo '

    234. 

  234. 			<h1>Let&#039;s Get Started!</h1>

    235. 

  235. 			<p>Simply enter your MySQL credentials below, then click <em>Proceed</em>.</p>';

    236. 

  236. 

    237. 

  237. 	if(!empty($error_msg) && count($error_msg) > 0)

    238. 

  238. 	{

    239. 

  239. 		echo '

    240. 

  240. 			<div class="error-message">';

    241. 

  241. 

    242. 

  242. 		foreach($error_msg as $e_message)

    243. 

  243. 		{

    244. 

  244. 			echo '

    245. 

  245. 				<p>', $e_message, '</p>';

    246. 

  246. 		}

    247. 

  247. 

    248. 

  248. 		echo '

    249. 

  249. 			</div>';

    250. 

  250. 	}

    251. 

  251. 

    252. 

  252. 	echo '

    253. 

  253. 			<form action="setup.php" method="post">

    254. 

  254. 				<table width="60%" style="margin: auto;">

    255. 

  255. 					<tr>

    256. 

  256. 						<td class="label" valign="middle">MySQL host:</td>

    257. 

  257. 						<td><input type="text" name="db_host" value="', isset($_POST['db_host']) ? htmlspecialchars($_POST['db_host'], ENT_QUOTES) : 'localhost', '" /></td>

    258. 

  258. 					</tr>

    259. 

  259. 					<tr>

    260. 

  260. 						<td class="label" valign="middle">MySQL user:</td>

    261. 

  261. 						<td><input type="text" name="db_user" value="', !empty($_POST['db_user']) ? htmlspecialchars($_POST['db_user'], ENT_QUOTES) : '', '" /></td>

    262. 

  262. 					</tr>

    263. 

  263. 					<tr>

    264. 

  264. 						<td class="label" valign="middle">MySQL password:</td>

    265. 

  265. 						<td><input type="password" name="db_pass" value="" /></td>

    266. 

  266. 					</tr>

    267. 

  267. 					<tr>

    268. 

  268. 						<td class="label" valign="middle">MySQL database:</td>

    269. 

  269. 						<td><input type="text" name="db_name" value="', !empty($_POST['db_name']) ? htmlspecialchars($_POST['db_name'], ENT_QUOTES) : '', '" /></td>

    270. 

  270. 					</tr>

    271. 

  271. 					<tr>

    272. 

  272. 						<td class="label" valign="middle">Table prefix:</td>

    273. 

  273. 						<td><input type="text" name="tbl_prefix" value="', !empty($_POST['tbl_prefix']) ? htmlspecialchars($_POST['tbl_prefix'], ENT_QUOTES) : 'snow_', '" /></td>

    274. 

  274. 					</tr>

    275. 

  275. 					<tr>

    276. 

  276. 						<td colspan="2" style="text-align: right; padding: 5px 0;"><input type="submit" name="proc_step_1" value="Proceed &raquo;" /></td>

    277. 

  277. 					</tr>

    278. 

  278. 				</table>

    279. 

  279. 				<input name="session_id" type="hidden" value="', $_SESSION['id'], '" />

    280. 

  280. 			</form>';

    281. 

  281. 

    282. 

  282. 	template_footer();

    283. 

  283. }

    284. 

  284. 

    285. 

  285. /*

    286. 

  286. 	Function: generate_config

    287. 

  287. 

    288. 

  288. 	Generates the config.php file with the supplied information.

    289. 

  289. 

    290. 

  290. 	Parameters:

    291. 

  291. 		string $db_host

    292. 

  292. 		string $db_user

    293. 

  293. 		string $db_pass

    294. 

  294. 		string $db_name

    295. 

  295. 		string $tbl_prefix

    296. 

  296. 		array &$error_msg

    297. 

  297. 

    298. 

  298. 	Returns:

    299. 

  299. 		bool

    300. 

  300. */

    301. 

  301. function generate_config($db_host, $db_user, $db_pass, $db_name, $tbl_prefix, &$error_msg)

    302. 

  302. {

    303. 

  303. 	$bytes = file_put_contents(dirname(__FILE__). '/config.php',

    304. 

  304. 	'<?php

    305. 

  305. ////////////////////////////////////////////////////////////////////////////

    306. 

  306. //                              SnowCMS v2.0                              //

    307. 

  307. //                           By the SnowCMS Team                          //

    308. 

  308. //                             www.snowcms.com                            //

    309. 

  309. //            Released under the Microsoft Reciprocal License             //

    310. 

  310. //                 www.opensource.org/licenses/ms-rl.html                 //

    311. 

  311. ////////////////////////////////////////////////////////////////////////////

    312. 

  312. //                                                                        //

    313. 

  313. //       SnowCMS originally pawned by soren121 started in early 2008      //

    314. 

  314. //                                                                        //

    315. 

  315. ////////////////////////////////////////////////////////////////////////////

    316. 

  316. //                                                                        //

    317. 

  317. //                  SnowCMS v2.0 began in November 2009                   //

    318. 

  318. //                                                                        //

    319. 

  319. ////////////////////////////////////////////////////////////////////////////

    320. 

  320. //                       File version: SnowCMS 2.0                        //

    321. 

  321. ////////////////////////////////////////////////////////////////////////////

    322. 

  322. 

    323. 

  323. if(!defined(\'INSNOW\'))

    324. 

  324. {

    325. 

  325. 	die(\'Nice try...\');

    326. 

  326. }

    327. 

  327. 

    328. 

  328. //

    329. 

  329. // config.php holds all your database information and paths.

    330. 

  330. //

    331. 

  331. 

    332. 

  332. // Database settings:

    333. 

  333. define(\'DBTYPE\', \'mysql\', true); // Your database type, an example would be mysql, sqlite or postgresql

    334. 

  334. define(\'DBHOST\', \''. addcslashes($db_host, '\''). '\', true); // The location of your database, could be localhost or a path (for SQLite)

    335. 

  335. define(\'DBUSER\', \''. addcslashes($db_user, '\''). '\', true); // The user that has access to your database, though not all database systems have this.

    336. 

  336. define(\'DBPASS\', \''. addcslashes($db_pass, '\''). '\', true); // The password to your database user.

    337. 

  337. define(\'DBNAME\', \''. addcslashes($db_name, '\''). '\', true); // The name of the database.

    338. 

  338. define(\'DBPERSIST\', false, true); // Whether or not to have a persistent connection to the database.

    339. 

  339. define(\'DBDEBUG\', false, true); // Enable database debugging? (Outputs queries into a file ;))

    340. 

  340. define(\'TBLPREFIX\', \''. addcslashes($tbl_prefix, '\''). '\', true); // The prefix of the tables, allows multiple installs on the same database.

    341. 

  341. 

    342. 

  342. // The location of your root directory of your SnowCMS installation.

    343. 

  343. define(\'BASEDIR\', defined(\'__DIR__\') ? __DIR__ : dirname(__FILE__), true);

    344. 

  344. 

    345. 

  345. // Some other useful paths...

    346. 

  346. define(\'COREDIR\', basedir. \'/core\', true);

    347. 

  347. define(\'THEMEDIR\', basedir. \'/themes\', true);

    348. 

  348. define(\'PLUGINDIR\', basedir. \'/plugins\', true);

    349. 

  349. define(\'UPLOADDIR\', basedir. \'/uploads\', true);

    350. 

  350. 

    351. 

  351. // The address of where your SnowCMS install is accessible (No trailing /!)

    352. 

  352. define(\'BASEURL\', \'http://'. $_SERVER['HTTP_HOST']. (str_replace('\\', '/', dirname($_SERVER['REQUEST_URI'])) == '/' ? '' : str_replace('\\', '/', dirname($_SERVER['REQUEST_URI']))). '\', true);

    353. 

  353. define(\'THEMEURL\', baseurl. \'/themes\', true);

    354. 

  354. define(\'PLUGINURL\', baseurl. \'/plugins\', true);

    355. 

  355. 

    356. 

  356. // What do you want to be the name of the cookie?

    357. 

  357. define(\'COOKIENAME\', \'SCMS'. mt_rand(100, 999). '\', true);

    358. 

  358. ?>');

    359. 

  359. 

    360. 

  360. 	// Do we need to add an error message?

    361. 

  361. 	if((int)$bytes == 0)

    362. 

  362. 	{

    363. 

  363. 		$error_msg[] = 'Failed to create the configuration file. Make sure the directory is writable.';

    364. 

  364. 	}

    365. 

  365. 

    366. 

  366. 	return (int)$bytes > 0;

    367. 

  367. }

    368. 

  368. 

    369. 

  369. /*

    370. 

  370. 	Function: setup_step_2

    371. 

  371. 

    372. 

  372. 	Displays and processes everything which needs to occur during step #2.

    373. 

  373. 

    374. 

  374. 	Parameters:

    375. 

  375. 		none

    376. 

  376. 

    377. 

  377. 	Returns:

    378. 

  378. 		void

    379. 

  379. */

    380. 

  380. function setup_step_2()

    381. 

  381. {

    382. 

  382. 	if(!empty($_POST['proc_step_2']))

    383. 

  383. 	{

    384. 

  384. 		$error_msg = array();

    385. 

  385. 

    386. 

  386. 		$member_name = !empty($_POST['member_name']) ? trim($_POST['member_name']) : '';

    387. 

  387. 		$member_pass = !empty($_POST['member_pass']) ? $_POST['member_pass'] : '';

    388. 

  388. 		$verify_pass = !empty($_POST['verify_pass']) ? $_POST['verify_pass'] : '';

    389. 

  389. 		$member_email = !empty($_POST['member_email']) ? $_POST['member_email'] : '';

    390. 

  390. 

    391. 

  391. 		// Make sure they pass session verification.

    392. 

  392. 		if(empty($_POST['session_id']) || $_POST['session_id'] != $_SESSION['id'])

    393. 

  393. 		{

    394. 

  394. 			$error_msg[] = 'Session verification failed. Please try again.';

    395. 

  395. 		}

    396. 

  396. 

    397. 

  397. 		// No empty username!

    398. 

  398. 		if(strlen($member_name) == 0)

    399. 

  399. 		{

    400. 

  400. 			$error_msg[] = 'Please enter a username.';

    401. 

  401. 		}

    402. 

  402. 

    403. 

  403. 		// At least a 6 character long password, please.

    404. 

  404. 		if(strlen($member_pass) < 6)

    405. 

  405. 		{

    406. 

  406. 			$error_msg[] = 'Please use a password that is more than 6 characters long.';

    407. 

  407. 		}

    408. 

  408. 		elseif($verify_pass != $member_pass)

    409. 

  409. 		{

    410. 

  410. 			$error_msg[] = 'Your passwords do not match.';

    411. 

  411. 		}

    412. 

  412. 

    413. 

  413. 		// We won't validate it, but enter SOMETHING!

    414. 

  414. 		if(empty($member_email))

    415. 

  415. 		{

    416. 

  416. 			$error_msg[] = 'Please enter an email address.';

    417. 

  417. 		}

    418. 

  418. 

    419. 

  419. 		if(count($error_msg) == 0)

    420. 

  420. 		{

    421. 

  421. 			// Finalize the installation process :-)

    422. 

  422. 			if(setup_finalize($member_name, $member_pass, $member_email, $error_msg))

    423. 

  423. 			{

    424. 

  424. 				// Awesome, you're done!

    425. 

  425. 				$_SESSION['step'] = 3;

    426. 

  426. 

    427. 

  427. 				header('HTTP/1.1 Temporary Redirect');

    428. 

  428. 				header('Location: setup.php?step=3');

    429. 

  429. 

    430. 

  430. 				exit;

    431. 

  431. 			}

    432. 

  432. 		}

    433. 

  433. 	}

    434. 

  434. 

    435. 

  435. 	template_header(2);

    436. 

  436. 

    437. 

  437. 	echo '

    438. 

  438. 			<h1>Create an Account</h1>

    439. 

  439. 			<p>Alrighty, let&#039;s get you an administrative account created. We&#039;re just about done!</p>';

    440. 

  440. 

    441. 

  441. 	if(!empty($error_msg) && count($error_msg) > 0)

    442. 

  442. 	{

    443. 

  443. 		echo '

    444. 

  444. 			<div class="error-message">';

    445. 

  445. 

    446. 

  446. 		foreach($error_msg as $e_message)

    447. 

  447. 		{

    448. 

  448. 			echo '

    449. 

  449. 				<p>', $e_message, '</p>';

    450. 

  450. 		}

    451. 

  451. 

    452. 

  452. 		echo '

    453. 

  453. 			</div>';

    454. 

  454. 	}

    455. 

  455. 

    456. 

  456. 	echo '

    457. 

  457. 			<form action="setup.php?step=2" method="post">

    458. 

  458. 				<table width="50%" style="margin: auto;">

    459. 

  459. 					<tr>

    460. 

  460. 						<td class="label">Username:</td>

    461. 

  461. 						<td><input type="text" name="member_name" value="', !empty($_POST['member_name']) ? htmlspecialchars($_POST['member_name'], ENT_QUOTES) : '', '" /></td>

    462. 

  462. 					</tr>

    463. 

  463. 					<tr>

    464. 

  464. 						<td class="label">Password:</td>

    465. 

  465. 						<td><input type="password" name="member_pass" value="" /></td>

    466. 

  466. 					</tr>

    467. 

  467. 					<tr>

    468. 

  468. 						<td class="label">Password: <sub>Just to be sure...</sub></td>

    469. 

  469. 						<td><input type="password" name="verify_pass" value="" /></td>

    470. 

  470. 					</tr>

    471. 

  471. 					<tr>

    472. 

  472. 						<td class="label">Email:</td>

    473. 

  473. 						<td><input type="text" name="member_email" value="', !empty($_POST['member_email']) ? htmlspecialchars($_POST['member_email'], ENT_QUOTES) : '', '" /></td>

    474. 

  474. 					<tr>

    475. 

  475. 						<td colspan="2" style="text-align: right; padding: 5px 0;"><input type="submit" name="proc_step_2" value="Proceed &raquo;" /></td>

    476. 

  476. 					</tr>

    477. 

  477. 				</table>

    478. 

  478. 				<input type="hidden" name="session_id" value="', $_SESSION['id'], '" />

    479. 

  479. 			</form>';

    480. 

  480. 

    481. 

  481. 	template_footer();

    482. 

  482. }

    483. 

  483. 

    484. 

  484. /*

    485. 

  485. 	Function: setup_finalize

    486. 

  486. 

    487. 

  487. 	Parameters:

    488. 

  488. 		string $member_name

    489. 

  489. 		string $member_pass

    490. 

  490. 		array &$error_msg

    491. 

  491. 

    492. 

  492. 	Returns:

    493. 

  493. 		bool

    494. 

  494. */

    495. 

  495. function setup_finalize($member_name, $member_pass, $member_email, &$error_msg)

    496. 

  496. {

    497. 

  497. 	// Get the configuration file. We will need that!

    498. 

  498. 	if(!file_exists(dirname(__FILE__). '/config.php'))

    499. 

  499. 	{

    500. 

  500. 		$error_msg[] = 'Could not find the configuration file. Please restart the installation process.';

    501. 

  501. 

    502. 

  502. 		return false;

    503. 

  503. 	}

    504. 

  504. 

    505. 

  505. 	require_once(dirname(__FILE__). '/config.php');

    506. 

  506. 

    507. 

  507. 	$connection = @mysql_connect(DBHOST, DBUSER, DBPASS);

    508. 

  508. 

    509. 

  509. 	// This shouldn't happen, but hey, you never know!

    510. 

  510. 	if(empty($connection))

    511. 

  511. 	{

    512. 

  512. 		$error_msg[] = 'MySQL Error: ['. mysql_errno(). '] '. mysql_error();

    513. 

  513. 

    514. 

  514. 		return false;

    515. 

  515. 	}

    516. 

  516. 

    517. 

  517. 	$selected_db = @mysql_select_db(DBNAME, $connection);

    518. 

  518. 

    519. 

  519. 	// This shouldn't happen either, but whatever.

    520. 

  520. 	if(empty($selected_db))

    521. 

  521. 	{

    522. 

  522. 		$error_msg[] = 'MySQL Error: ['. mysql_errno(). '] '. mysql_error();

    523. 

  523. 

    524. 

  524. 		return false;

    525. 

  525. 	}

    526. 

  526. 

    527. 

  527. 	// Get the setup SQL... If we can.

    528. 

  528. 	if(!file_exists(dirname(__FILE__). '/setup-mysql.sql'))

    529. 

  529. 	{

    530. 

  530. 		$error_msg[] = 'Could not find setup-mysql.sql, which is required for installation.';

    531. 

  531. 

    532. 

  532. 		return false;

    533. 

  533. 	}

    534. 

  534. 

    535. 

  535. 	$lines = explode("\r\n", file_get_contents(dirname(__FILE__). '/setup-mysql.sql'));

    536. 

  536. 

    537. 

  537. 	$commands = array();

    538. 

  538. 	foreach($lines as $line)

    539. 

  539. 	{

    540. 

  540. 		if(substr(ltrim($line), 0, 1) == '#' || substr(ltrim($line), 0, 2) == '--')

    541. 

  541. 		{

    542. 

  542. 			// Skip this, it's a comment.

    543. 

  543. 			continue;

    544. 

  544. 		}

    545. 

  545. 

    546. 

  546. 		$commands[] = $line;

    547. 

  547. 	}

    548. 

  548. 

    549. 

  549. 	$commands = explode(';', str_replace('{db->prefix}', TBLPREFIX, implode('', $commands)));

    550. 

  550. 

    551. 

  551. 	// Start a transaction.

    552. 

  552. 	mysql_query('SET autocommit = 0');

    553. 

  553. 	mysql_query('START TRANSACTION');

    554. 

  554. 

    555. 

  555. 	foreach($commands as $command)

    556. 

  556. 	{

    557. 

  557. 		if(strlen(trim($command)) == 0)

    558. 

  558. 		{

    559. 

  559. 			continue;

    560. 

  560. 		}

    561. 

  561. 

    562. 

  562. 		// If anything bad happens, we will quit.

    563. 

  563. 		if(!mysql_query($command))

    564. 

  564. 		{

    565. 

  565. 			// Oh noes! Something bad happened!

    566. 

  566. 			$error_msg[] = 'MySQL Error: ['. mysql_errno(). '] '. mysql_error();

    567. 

  567. 

    568. 

  568. 			// Rollback! Quick!

    569. 

  569. 			mysql_query('ROLLBACK');

    570. 

  570. 

    571. 

  571. 			// Quit!

    572. 

  572. 			return false;

    573. 

  573. 		}

    574. 

  574. 	}

    575. 

  575. 

    576. 

  576. 	// Seems to be all good.

    577. 

  577. 	mysql_query('COMMIT');

    578. 

  578. 

    579. 

  579. 	// Let's create your account now, shall we?

    580. 

  580. 	mysql_query('

    581. 

  581. 		INSERT INTO `'. TBLPREFIX. 'members`

    582. 

  582. 		(`member_name`, `member_pass`, `member_email`, `display_name`, `member_groups`, `member_registered`, `member_activated`)

    583. 

  583. 		VALUES(\''. mysql_real_escape_string(htmlspecialchars($member_name, ENT_QUOTES)). '\', \''. mysql_real_escape_string(sha1(strtolower($member_name). $member_pass)). '\', \''. mysql_real_escape_string(htmlspecialchars($member_email, ENT_QUOTES)). '\', \''. mysql_real_escape_string(htmlspecialchars($member_name, ENT_QUOTES)). '\', \'administrator\', \''. time(). '\', 1)');

    584. 

  584. 

    585. 

  585. 	return true;

    586. 

  586. }

    587. 

  587. 

    588. 

  588. /*

    589. 

  589. 	Function: rand_str

    590. 

  590. 

    591. 

  591. 	Generates a random string, randomly... Of course!

    592. 

  592. 

    593. 

  593. 	Parameters:

    594. 

  594. 		int $length

    595. 

  595. 

    596. 

  596. 	Returns:

    597. 

  597. 		void

    598. 

  598. 

    599. 

  599. 	Note:

    600. 

  600. 		Well, it's as random as a random number can be... Well, what I could

    601. 

  601. 		think of anyway. :-P

    602. 

  602. */

    603. 

  603. function rand_str($length = 0)

    604. 

  604. {

    605. 

  605. 	if(empty($length) || $length < 1)

    606. 

  606. 	{

    607. 

  607. 		$length = mt_rand(1, 100);

    608. 

  608. 	}

    609. 

  609. 

    610. 

  610. 	$chars = array(

    611. 

  611. 						 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z',

    612. 

  612. 						 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z',

    613. 

  613. 						 '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '~', '!', '@', '#', '$', '%', '^', '*', '-', '_', '+', '=', '?',

    614. 

  614. 					 );

    615. 

  615. 

    616. 

  616. 	$str = '';

    617. 

  617. 	for($i = 0; $i < $length; $i++)

    618. 

  618. 	{

    619. 

  619. 		$str .= $chars[array_rand($chars)];

    620. 

  620. 	}

    621. 

  621. 

    622. 

  622. 	return $str;

    623. 

  623. }

    624. 

  624. 

    625. 

  625. /*

    626. 

  626. 	Function: setup_step_3

    627. 

  627. 

    628. 

  628. 	Finishes the installation process by, well, deleting stuff!

    629. 

  629. 

    630. 

  630. 	Parameters:

    631. 

  631. 		none

    632. 

  632. 

    633. 

  633. 	Returns:

    634. 

  634. 		void

    635. 

  635. */

    636. 

  636. function setup_step_3()

    637. 

  637. {

    638. 

  638. 	// Delete some stuff... If we aren't in dev mode.

    639. 

  639. 	if(!defined('INDEVMODE') || !INDEVMODE)

    640. 

  640. 	{

    641. 

  641. 		unlink(__FILE__);

    642. 

  642. 		unlink(dirname(__FILE__). '/setup-mysql.sql');

    643. 

  643. 		unlink(dirname(__FILE__). '/setup-sqlite.sql');

    644. 

  644. 	}

    645. 

  645. 

    646. 

  646. 	require_once(dirname(__FILE__). '/config.php');

    647. 

  647. 

    648. 

  648. 	template_header(3);

    649. 

  649. 

    650. 

  650. 	echo '

    651. 

  651. 			<h1>You&#039;re Ready to Go!</h1>

    652. 

  652. 			<p>You&#039;re <a href="', baseurl, '">new site is all set</a> and ready to go!</p>

    653. 

  653. 

    654. 

  654. 			<p>Thanks again for choosing SnowCMS for your content management needs. If you need any help, check out <a href="http://www.snowcms.com/" target="_blank">www.snowcms.com</a>.</p>';

    655. 

  655. 

    656. 

  656. 	template_footer();

    657. 

  657. }

    658. 

  658. 

    659. 

  659. /*

    660. 

  660. 	Function: template_header

    661. 

  661. 

    662. 

  662. 	Parameters:

    663. 

  663. 		int $step

    664. 

  664. 

    665. 

  665. 	Returns:

    666. 

  666. 		void

    667. 

  667. */

    668. 

  668. function template_header($step = 0)

    669. 

  669. {

    670. 

  670. 	echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

    671. 

  671. <html xmlns="http://www.w3.org/1999/xhtml">

    672. 

  672. <head>

    673. 

  673. 	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

    674. 

  674. 	<meta name="robots" content="noindex" />

    675. 

  675. 	<title>SnowCMS Installer</title>

    676. 

  676. 	<style style="text/css">

    677. 

  677. 		body

    678. 

  678. 		{

    679. 

  679. 			font-family: Verdana, Tahoma, Arial, sans-serif;

    680. 

  680. 			font-size: 13px;

    681. 

  681. 			background: #F5F5F5;

    682. 

  682. 		}

    683. 

  683. 

    684. 

  684. 		#container

    685. 

  685. 		{

    686. 

  686. 			width: 600px;

    687. 

  687. 			margin: auto;

    688. 

  688. 			background: white;

    689. 

  689. 			border: 1px solid #CCCCCC;

    690. 

  690. 		}

    691. 

  691. 

    692. 

  692. 		#current-step

    693. 

  693. 		{

    694. 

  694. 			padding: 0 10px;

    695. 

  695. 			border-bottom: 1px solid #CCCCCC;

    696. 

  696. 		}

    697. 

  697. 

    698. 

  698. 		#current-step .header

    699. 

  699. 		{

    700. 

  700. 			font-size: 32px;

    701. 

  701. 			font-family: Georgia;

    702. 

  702. 			color: #CCCCCC;

    703. 

  703. 		}

    704. 

  704. 

    705. 

  705. 		#current-step .current

    706. 

  706. 		{

    707. 

  707. 			color: black !important;

    708. 

  708. 		}

    709. 

  709. 

    710. 

  710. 		#current-step sub

    711. 

  711. 		{

    712. 

  712. 			font-family: Verdana, Tahoma, Arial, sans-serif !important;

    713. 

  713. 			font-size: 13px !important;

    714. 

  714. 		}

    715. 

  715. 

    716. 

  716. 		#content

    717. 

  717. 		{

    718. 

  718. 			padding: 0 10px;

    719. 

  719. 		}

    720. 

  720. 

    721. 

  721. 		#content h1

    722. 

  722. 		{

    723. 

  723. 			font-family: Georgia;

    724. 

  724. 			font-size: 24px;

    725. 

  725. 			font-weight: normal;

    726. 

  726. 		}

    727. 

  727. 

    728. 

  728. 		#content form .label

    729. 

  729. 		{

    730. 

  730. 			font-size: 15px;

    731. 

  731. 		}

    732. 

  732. 

    733. 

  733. 		#content form input[type="text"], #content form input[type="password"]

    734. 

  734. 		{

    735. 

  735. 			font-family: Verdana, Tahoma, Arial, sans-serif;

    736. 

  736. 			font-size: 15px;

    737. 

  737. 			padding: 3px;

    738. 

  738. 		}

    739. 

  739. 

    740. 

  740. 		#content form input[type="submit"]

    741. 

  741. 		{

    742. 

  742. 			font-family: Verdana, Tahoma, Arial, sans-serif;

    743. 

  743. 		}

    744. 

  744. 

    745. 

  745. 		#footer

    746. 

  746. 		{

    747. 

  747. 			border-top: 1px solid #CCCCCC;

    748. 

  748. 			padding: 10px;

    749. 

  749. 			text-align: center;

    750. 

  750. 		}

    751. 

  751. 

    752. 

  752. 		#footer p

    753. 

  753. 		{

    754. 

  754. 			margin: 0;

    755. 

  755. 			padding: 0;

    756. 

  756. 		}

    757. 

  757. 

    758. 

  758. 		.green

    759. 

  759. 		{

    760. 

  760. 			color: green !important;

    761. 

  761. 		}

    762. 

  762. 

    763. 

  763. 		.red

    764. 

  764. 		{

    765. 

  765. 			color: red !important;

    766. 

  766. 		}

    767. 

  767. 

    768. 

  768. 		.bold

    769. 

  769. 		{

    770. 

  770. 			font-weight: bold !important;

    771. 

  771. 		}

    772. 

  772. 

    773. 

  773. 		.error-message

    774. 

  774. 		{

    775. 

  775. 			margin: 10px 0;

    776. 

  776. 			padding: 10px 0 5px 0;

    777. 

  777. 			background: #FFCCCC;

    778. 

  778. 			border: 1px solid #B22222;

    779. 

  779. 			text-align: center;

    780. 

  780. 		}

    781. 

  781. 	</style>

    782. 

  782. </head>

    783. 

  783. <body>

    784. 

  784. 	<div id="container">

    785. 

  785. 		<div id="current-step">

    786. 

  786. 			<p><span class="header', $step == 1 ? ' current' : '', '">Step 1</span> <sub>Configure</sub> <span class="header current">&gt;</span> <span class="header', $step == 2 ? ' current' : '', '">Step 2</span> <sub>Create Account</sub> <span class="header current">&gt;</span> <span class="header', $step == 3 ? ' current' : '', '">Finished</span> <sub>Enjoy!</sub></p>

    787. 

  787. 		</div>

    788. 

  788. 		<div id="content">';

    789. 

  789. }

    790. 

  790. 

    791. 

  791. /*

    792. 

  792. 	Function: template_footer

    793. 

  793. 

    794. 

  794. 	Parameters:

    795. 

  795. 		none

    796. 

  796. 

    797. 

  797. 	Returns:

    798. 

  798. 		void

    799. 

  799. */

    800. 

  800. function template_footer()

    801. 

  801. {

    802. 

  802. 	echo '

    803. 

  803. 		</div>

    804. 

  804. 		<div id="footer">

    805. 

  805. 			<p>Thank you for choosing <a href="http://www.snowcms.com/" target="_blank">SnowCMS</a> for your content management solution!</p>

    806. 

  806. 		</div>

    807. 

  807. 	</div>

    808. 

  808. </body>

    809. 

  809. </html>';

    810. 

  810. }

    811. 

  811. ?>
    812.