PageRenderTime 50ms CodeModel.GetById 23ms RepoModel.GetById 0ms app.codeStats 0ms

/installer/installer.php

http://github.com/gallery/gallery3
PHP | 270 lines | 209 code | 32 blank | 29 comment | 30 complexity | 1e355e2ff95d0300725e67a06745d063 MD5 | raw file
Possible License(s): GPL-2.0
  1. <?php defined("SYSPATH") or die("No direct script access.");
  2. /**
  3. * Gallery - a web based photo album viewer and editor
  4. * Copyright (C) 2000-2013 Bharat Mediratta
  5. *
  6. * This program is free software; you can redistribute it and/or modify
  7. * it under the terms of the GNU General Public License as published by
  8. * the Free Software Foundation; either version 2 of the License, or (at
  9. * your option) any later version.
  10. *
  11. * This program is distributed in the hope that it will be useful, but
  12. * WITHOUT ANY WARRANTY; without even the implied warranty of
  13. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  14. * General Public License for more details.
  15. *
  16. * You should have received a copy of the GNU General Public License
  17. * along with this program; if not, write to the Free Software
  18. * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
  19. */
  20. class installer {
  21. static $mysqli;
  22. static function already_installed() {
  23. return file_exists(VARPATH . "database.php");
  24. }
  25. static function var_writable() {
  26. if (is_writable(VARPATH)) {
  27. return true;
  28. }
  29. if (@mkdir(VARPATH)) {
  30. return true;
  31. }
  32. return false;
  33. }
  34. static function create_database_config($config) {
  35. $db_config_file = VARPATH . "database.php";
  36. ob_start();
  37. extract($config);
  38. include(DOCROOT . "installer/database_config.php");
  39. $output = ob_get_clean();
  40. return file_put_contents($db_config_file, $output) !== false;
  41. }
  42. static function unpack_var() {
  43. if (!file_exists(VARPATH)) {
  44. mkdir(VARPATH);
  45. chmod(VARPATH, 0777);
  46. }
  47. include(DOCROOT . "installer/init_var.php");
  48. return true;
  49. }
  50. static function unpack_sql($config) {
  51. $prefix = $config["prefix"];
  52. $buf = null;
  53. foreach (file(DOCROOT . "installer/install.sql") as $line) {
  54. $buf .= trim($line);
  55. if (preg_match("/;$/", $buf)) {
  56. if (!mysql_query(self::prepend_prefix($prefix, $buf))) {
  57. return false;
  58. }
  59. $buf = "";
  60. }
  61. }
  62. return true;
  63. }
  64. static function connect($config) {
  65. // We know that we have either mysql or mysqli. By default we use mysql functions, so if
  66. // they're not defined then do the simplest thing which will work: remap them to their mysqli
  67. // counterparts.
  68. if (!function_exists("mysql_query")) {
  69. function mysql_connect($host, $user, $pass) {
  70. list ($host, $port) = explode(":", $host . ":");
  71. installer::$mysqli = new mysqli($host, $user, $pass, $port);
  72. // http://php.net/manual/en/mysqli.connect.php says to use mysqli_connect_error() instead of
  73. // $mysqli->connect_error because of bugs before PHP 5.2.9
  74. $error = mysqli_connect_error();
  75. return empty($error);
  76. }
  77. function mysql_query($query) {
  78. return installer::$mysqli->query($query);
  79. }
  80. function mysql_num_rows($result) {
  81. return $result->num_rows;
  82. }
  83. function mysql_error() {
  84. return installer::$mysqli->error;
  85. }
  86. function mysql_select_db($db) {
  87. return installer::$mysqli->select_db($db);
  88. }
  89. }
  90. $host = empty($config["port"]) ? $config['host'] : "{$config['host']}:{$config['port']}";
  91. return @mysql_connect($host, $config["user"], $config["password"]);
  92. }
  93. static function select_db($config) {
  94. if (mysql_select_db($config["dbname"])) {
  95. return true;
  96. }
  97. return mysql_query("CREATE DATABASE `{$config['dbname']}`") &&
  98. mysql_select_db($config["dbname"]);
  99. }
  100. static function verify_mysql_version($config) {
  101. return version_compare(installer::mysql_version($config), "5.0.0", ">=");
  102. }
  103. static function mysql_version($config) {
  104. $result = mysql_query("SHOW VARIABLES WHERE variable_name = \"version\"");
  105. $row = mysql_fetch_object($result);
  106. return $row->Value;
  107. }
  108. static function db_empty($config) {
  109. $query = "SHOW TABLES LIKE '{$config['prefix']}items'";
  110. $results = mysql_query($query);
  111. if ($results === false) {
  112. $msg = mysql_error();
  113. return $msg;
  114. }
  115. return mysql_num_rows($results) === 0;
  116. }
  117. static function create_admin($config) {
  118. $salt = "";
  119. for ($i = 0; $i < 4; $i++) {
  120. $char = mt_rand(48, 109);
  121. $char += ($char > 90) ? 13 : ($char > 57) ? 7 : 0;
  122. $salt .= chr($char);
  123. }
  124. if (!$password = $config["g3_password"]) {
  125. $password = substr(md5(time() . mt_rand()), 0, 6);
  126. }
  127. // Escape backslash in preparation for our UPDATE statement.
  128. $hashed_password = str_replace("\\", "\\\\", $salt . md5($salt . $password));
  129. $sql = self::prepend_prefix($config["prefix"],
  130. "UPDATE {users} SET `password` = '$hashed_password' WHERE `id` = 2");
  131. if (mysql_query($sql)) {
  132. } else {
  133. throw new Exception(mysql_error());
  134. }
  135. return array("admin", $password);
  136. }
  137. static function create_admin_session($config) {
  138. $session_id = md5(time() . mt_rand());
  139. $user_agent = $_SERVER["HTTP_USER_AGENT"];
  140. $user_agent_len = strlen($user_agent);
  141. $now = time();
  142. $data = "session_id|s:32:\"$session_id\"";
  143. $data .= ";user_agent|s:{$user_agent_len}:\"$user_agent\"";
  144. $data .= ";user|i:2";
  145. $data .= ";after_install|i:1";
  146. $data .= ";last_activity|i:$now";
  147. $data = base64_encode($data);
  148. $sql = "INSERT INTO {sessions}(`session_id`, `last_activity`, `data`) " .
  149. "VALUES('$session_id', $now, '$data')";
  150. $sql = self::prepend_prefix($config["prefix"], $sql);
  151. if (mysql_query($sql)) {
  152. setcookie("g3sid", $session_id, 0, "/", "", false, false);
  153. } else {
  154. throw new Exception(mysql_error());
  155. }
  156. }
  157. static function create_private_key($config) {
  158. $key = md5(uniqid(mt_rand(), true)) . md5(uniqid(mt_rand(), true));
  159. $sql = self::prepend_prefix($config["prefix"],
  160. "INSERT INTO {vars} VALUES(NULL, 'gallery', 'private_key', '$key')");
  161. if (mysql_query($sql)) {
  162. } else {
  163. throw new Exception(mysql_error());
  164. }
  165. }
  166. static function prepend_prefix($prefix, $sql) {
  167. return preg_replace("#{([a-zA-Z0-9_]+)}#", "`{$prefix}$1`", $sql);
  168. }
  169. static function check_environment() {
  170. if (!function_exists("mysql_query") && !function_exists("mysqli_set_charset")) {
  171. $errors[] = "Gallery 3 requires a MySQL database, but PHP doesn't have either the <a href=\"http://php.net/mysql\">MySQL</a> or the <a href=\"http://php.net/mysqli\">MySQLi</a> extension.";
  172. }
  173. if (!preg_match("/^.$/u", "ñ")) {
  174. $errors[] = "PHP is missing <a href=\"http://php.net/pcre\">Perl-Compatible Regular Expression</a> with UTF-8 support.";
  175. } else if (!preg_match("/^\pL$/u", "ñ")) {
  176. $errors[] = "PHP is missing <a href=\"http://php.net/pcre\">Perl-Compatible Regular Expression</a> with Unicode support.";
  177. }
  178. if (!(function_exists("spl_autoload_register"))) {
  179. $errors[] = "PHP is missing <a href=\"http://php.net/spl\">Standard PHP Library (SPL)</a> support";
  180. }
  181. if (!(class_exists("ReflectionClass"))) {
  182. $errors[] = "PHP is missing <a href=\"http://php.net/reflection\">reflection</a> support";
  183. }
  184. if (!(function_exists("filter_list"))) {
  185. $errors[] = "PHP is missing the <a href=\"http://php.net/filter\">filter extension</a>";
  186. }
  187. if (!(extension_loaded("iconv"))) {
  188. $errors[] = "PHP is missing the <a href=\"http://php.net/iconv\">iconv extension</a>";
  189. }
  190. if (!(extension_loaded("xml"))) {
  191. $errors[] = "PHP is missing the <a href=\"http://php.net/xml\">XML Parser extension</a>";
  192. }
  193. if (!(extension_loaded("simplexml"))) {
  194. $errors[] = "PHP is missing the <a href=\"http://php.net/simplexml\">SimpleXML extension</a>";
  195. }
  196. if (!extension_loaded("mbstring")) {
  197. $errors[] = "PHP is missing the <a href=\"http://php.net/mbstring\">mbstring extension</a>";
  198. } else if (ini_get("mbstring.func_overload") & MB_OVERLOAD_STRING) {
  199. $errors[] = "The <a href=\"http://php.net/mbstring\">mbstring extension</a> is overloading PHP's native string functions. Please disable it.";
  200. }
  201. if (!function_exists("json_encode")) {
  202. $errors[] = "PHP is missing the <a href=\"http://php.net/manual/en/book.json.php\">JavaScript Object Notation (JSON) extension</a>. Please install it.";
  203. }
  204. if (!ini_get("short_open_tag")) {
  205. $errors[] = "Gallery requires <a href=\"http://php.net/manual/en/ini.core.php\">short_open_tag</a> to be on. Please enable it in your php.ini.";
  206. }
  207. if (!function_exists("ctype_alpha")) {
  208. $errors[] = "Gallery requires the <a href=\"http://php.net/manual/en/book.ctype.php\">PHP Ctype</a> extension. Please install it.";
  209. }
  210. if (self::ini_get_bool("safe_mode")) {
  211. $errors[] = "Gallery cannot function when PHP is in <a href=\"http://php.net/manual/en/features.safe-mode.php\">Safe Mode</a>. Please disable safe mode.";
  212. }
  213. return @$errors;
  214. }
  215. /**
  216. * Convert any possible boolean ini value to true/false.
  217. * On = on = 1 = true
  218. * Off = off = 0 = false
  219. */
  220. static function ini_get_bool($varname) {
  221. $value = ini_get($varname);
  222. if (!strcasecmp("on", $value) || $value == 1 || $value === true) {
  223. return true;
  224. }
  225. if (!strcasecmp("off", $value) || $value == 0 || $value === false) {
  226. return false;
  227. }
  228. return false;
  229. }
  230. }