PageRenderTime 50ms CodeModel.GetById 25ms RepoModel.GetById 1ms app.codeStats 0ms

/gallery3/installer/installer.php

#
PHP | 268 lines | 207 code | 32 blank | 29 comment | 29 complexity | 3a10dfd72cacfd01ed82159bfd50d332 MD5 | raw file
Possible License(s): GPL-2.0
  1. <?php defined("SYSPATH") or die("No direct script access.");
  2. /**
  3. * Gallery - a web based photo album viewer and editor
  4. * Copyright (C) 2000-2012 Bharat Mediratta
  5. *
  6. * This program is free software; you can redistribute it and/or modify
  7. * it under the terms of the GNU General Public License as published by
  8. * the Free Software Foundation; either version 2 of the License, or (at
  9. * your option) any later version.
  10. *
  11. * This program is distributed in the hope that it will be useful, but
  12. * WITHOUT ANY WARRANTY; without even the implied warranty of
  13. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  14. * General Public License for more details.
  15. *
  16. * You should have received a copy of the GNU General Public License
  17. * along with this program; if not, write to the Free Software
  18. * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
  19. */
  20. class installer {
  21. static $mysqli;
  22. static function already_installed() {
  23. return file_exists(VARPATH . "database.php");
  24. }
  25. static function var_writable() {
  26. if (is_writable(VARPATH)) {
  27. return true;
  28. }
  29. if (@mkdir(VARPATH)) {
  30. return true;
  31. }
  32. return false;
  33. }
  34. static function create_database_config($config) {
  35. $db_config_file = VARPATH . "database.php";
  36. ob_start();
  37. extract($config);
  38. include(DOCROOT . "installer/database_config.php");
  39. $output = ob_get_clean();
  40. return file_put_contents($db_config_file, $output) !== false;
  41. }
  42. static function unpack_var() {
  43. if (!file_exists(VARPATH)) {
  44. mkdir(VARPATH);
  45. chmod(VARPATH, 0777);
  46. }
  47. include(DOCROOT . "installer/init_var.php");
  48. return true;
  49. }
  50. static function unpack_sql($config) {
  51. $prefix = $config["prefix"];
  52. $buf = null;
  53. foreach (file(DOCROOT . "installer/install.sql") as $line) {
  54. $buf .= trim($line);
  55. if (preg_match("/;$/", $buf)) {
  56. if (!mysql_query(self::prepend_prefix($prefix, $buf))) {
  57. return false;
  58. }
  59. $buf = "";
  60. }
  61. }
  62. return true;
  63. }
  64. static function connect($config) {
  65. // We know that we have either mysql or mysqli. By default we use mysql functions, so if
  66. // they're not defined then do the simplest thing which will work: remap them to their mysqli
  67. // counterparts.
  68. if (!function_exists("mysql_query")) {
  69. function mysql_connect($host, $user, $pass) {
  70. list ($host, $port) = explode(":", $host . ":");
  71. installer::$mysqli = new mysqli($host, $user, $pass, $port);
  72. // http://php.net/manual/en/mysqli.connect.php says to use mysqli_connect_error() instead of
  73. // $mysqli->connect_error because of bugs before PHP 5.2.9
  74. $error = mysqli_connect_error();
  75. return empty($error);
  76. }
  77. function mysql_query($query) {
  78. return installer::$mysqli->query($query);
  79. }
  80. function mysql_num_rows($result) {
  81. return $result->num_rows;
  82. }
  83. function mysql_error() {
  84. return installer::$mysqli->error;
  85. }
  86. function mysql_select_db($db) {
  87. return installer::$mysqli->select_db($db);
  88. }
  89. }
  90. $host = empty($config["port"]) ? $config['host'] : "{$config['host']}:{$config['port']}";
  91. return @mysql_connect($host, $config["user"], $config["password"]);
  92. }
  93. static function select_db($config) {
  94. if (mysql_select_db($config["dbname"])) {
  95. return true;
  96. }
  97. return mysql_query("CREATE DATABASE `{$config['dbname']}`") &&
  98. mysql_select_db($config["dbname"]);
  99. }
  100. static function verify_mysql_version($config) {
  101. return version_compare(installer::mysql_version($config), "5.0.0", ">=");
  102. }
  103. static function mysql_version($config) {
  104. $result = mysql_query("SHOW VARIABLES WHERE variable_name = \"version\"");
  105. $row = mysql_fetch_object($result);
  106. return $row->Value;
  107. }
  108. static function db_empty($config) {
  109. $query = "SHOW TABLES LIKE '{$config['prefix']}items'";
  110. $results = mysql_query($query);
  111. if ($results === false) {
  112. $msg = mysql_error();
  113. return $msg;
  114. }
  115. return mysql_num_rows($results) === 0;
  116. }
  117. static function create_admin($config) {
  118. $salt = "";
  119. for ($i = 0; $i < 4; $i++) {
  120. $char = mt_rand(48, 109);
  121. $char += ($char > 90) ? 13 : ($char > 57) ? 7 : 0;
  122. $salt .= chr($char);
  123. }
  124. $password = substr(md5(time() . mt_rand()), 0, 6);
  125. // Escape backslash in preparation for our UPDATE statement.
  126. $hashed_password = str_replace("\\", "\\\\", $salt . md5($salt . $password));
  127. $sql = self::prepend_prefix($config["prefix"],
  128. "UPDATE {users} SET `password` = '$hashed_password' WHERE `id` = 2");
  129. if (mysql_query($sql)) {
  130. } else {
  131. throw new Exception(mysql_error());
  132. }
  133. return array("admin", $password);
  134. }
  135. static function create_admin_session($config) {
  136. $session_id = md5(time() . mt_rand());
  137. $user_agent = $_SERVER["HTTP_USER_AGENT"];
  138. $user_agent_len = strlen($user_agent);
  139. $now = time();
  140. $data = "session_id|s:32:\"$session_id\"";
  141. $data .= ";user_agent|s:{$user_agent_len}:\"$user_agent\"";
  142. $data .= ";user|i:2";
  143. $data .= ";after_install|i:1";
  144. $data .= ";last_activity|i:$now";
  145. $data = base64_encode($data);
  146. $sql = "INSERT INTO {sessions}(`session_id`, `last_activity`, `data`) " .
  147. "VALUES('$session_id', $now, '$data')";
  148. $sql = self::prepend_prefix($config["prefix"], $sql);
  149. if (mysql_query($sql)) {
  150. setcookie("g3sid", $session_id, 0, "/", "", false, false);
  151. } else {
  152. throw new Exception(mysql_error());
  153. }
  154. }
  155. static function create_private_key($config) {
  156. $key = md5(uniqid(mt_rand(), true)) . md5(uniqid(mt_rand(), true));
  157. $sql = self::prepend_prefix($config["prefix"],
  158. "INSERT INTO {vars} VALUES(NULL, 'gallery', 'private_key', '$key')");
  159. if (mysql_query($sql)) {
  160. } else {
  161. throw new Exception(mysql_error());
  162. }
  163. }
  164. static function prepend_prefix($prefix, $sql) {
  165. return preg_replace("#{([a-zA-Z0-9_]+)}#", "`{$prefix}$1`", $sql);
  166. }
  167. static function check_environment() {
  168. if (!function_exists("mysql_query") && !function_exists("mysqli_set_charset")) {
  169. $errors[] = "Gallery 3 requires a MySQL database, but PHP doesn't have either the <a href=\"http://php.net/mysql\">MySQL</a> or the <a href=\"http://php.net/mysqli\">MySQLi</a> extension.";
  170. }
  171. if (!preg_match("/^.$/u", "?")) {
  172. $errors[] = "PHP is missing <a href=\"http://php.net/pcre\">Perl-Compatible Regular Expression</a> with UTF-8 support.";
  173. } else if (!preg_match("/^\pL$/u", "?")) {
  174. $errors[] = "PHP is missing <a href=\"http://php.net/pcre\">Perl-Compatible Regular Expression</a> with Unicode support.";
  175. }
  176. if (!(function_exists("spl_autoload_register"))) {
  177. $errors[] = "PHP is missing <a href=\"http://php.net/spl\">Standard PHP Library (SPL)</a> support";
  178. }
  179. if (!(class_exists("ReflectionClass"))) {
  180. $errors[] = "PHP is missing <a href=\"http://php.net/reflection\">reflection</a> support";
  181. }
  182. if (!(function_exists("filter_list"))) {
  183. $errors[] = "PHP is missing the <a href=\"http://php.net/filter\">filter extension</a>";
  184. }
  185. if (!(extension_loaded("iconv"))) {
  186. $errors[] = "PHP is missing the <a href=\"http://php.net/iconv\">iconv extension</a>";
  187. }
  188. if (!(extension_loaded("xml"))) {
  189. $errors[] = "PHP is missing the <a href=\"http://php.net/xml\">XML Parser extension</a>";
  190. }
  191. if (!(extension_loaded("simplexml"))) {
  192. $errors[] = "PHP is missing the <a href=\"http://php.net/simplexml\">SimpleXML extension</a>";
  193. }
  194. if (!extension_loaded("mbstring")) {
  195. $errors[] = "PHP is missing the <a href=\"http://php.net/mbstring\">mbstring extension</a>";
  196. } else if (ini_get("mbstring.func_overload") & MB_OVERLOAD_STRING) {
  197. $errors[] = "The <a href=\"http://php.net/mbstring\">mbstring extension</a> is overloading PHP's native string functions. Please disable it.";
  198. }
  199. if (!function_exists("json_encode")) {
  200. $errors[] = "PHP is missing the <a href=\"http://php.net/manual/en/book.json.php\">JavaScript Object Notation (JSON) extension</a>. Please install it.";
  201. }
  202. if (!ini_get("short_open_tag")) {
  203. $errors[] = "Gallery requires <a href=\"http://php.net/manual/en/ini.core.php\">short_open_tag</a> to be on. Please enable it in your php.ini.";
  204. }
  205. if (!function_exists("ctype_alpha")) {
  206. $errors[] = "Gallery requires the <a href=\"http://php.net/manual/en/book.ctype.php\">PHP Ctype</a> extension. Please install it.";
  207. }
  208. if (self::ini_get_bool("safe_mode")) {
  209. $errors[] = "Gallery cannot function when PHP is in <a href=\"http://php.net/manual/en/features.safe-mode.php\">Safe Mode</a>. Please disable safe mode.";
  210. }
  211. return @$errors;
  212. }
  213. /**
  214. * Convert any possible boolean ini value to true/false.
  215. * On = on = 1 = true
  216. * Off = off = 0 = false
  217. */
  218. static function ini_get_bool($varname) {
  219. $value = ini_get($varname);
  220. if (!strcasecmp("on", $value) || $value == 1 || $value === true) {
  221. return true;
  222. }
  223. if (!strcasecmp("off", $value) || $value == 0 || $value === false) {
  224. return false;
  225. }
  226. return false;
  227. }
  228. }