PageRenderTime 51ms CodeModel.GetById 15ms RepoModel.GetById 1ms app.codeStats 0ms

/install/instprocessor.php

https://github.com/good-web-master/modx.evo.custom
PHP | 797 lines | 654 code | 68 blank | 75 comment | 168 complexity | 680fcad665d8cbbf2b444ee0f8e4601c MD5 | raw file
Possible License(s): LGPL-2.1, AGPL-1.0, GPL-2.0, MIT, BSD-3-Clause
  1. <?php
  2. global $moduleName;
  3. global $moduleVersion;
  4. global $moduleSQLBaseFile;
  5. global $moduleSQLDataFile;
  6. global $moduleChunks;
  7. global $moduleTemplates;
  8. global $moduleSnippets;
  9. global $modulePlugins;
  10. global $moduleModules;
  11. global $moduleTVs;
  12. global $errors;
  13. $create = false;
  14. // set timout limit
  15. @ set_time_limit(120); // used @ to prevent warning when using safe mode?
  16. echo "<p>{$_lang['setup_database']}</p>\n";
  17. $installMode= intval($_POST['installmode']);
  18. $installData = $_POST['installdata'] == "1" ? 1 : 0;
  19. //if ($installMode == 1) {
  20. // include "../manager/includes/config.inc.php";
  21. //} else {
  22. // get db info from post
  23. $database_server = $_POST['databasehost'];
  24. $database_user = $_SESSION['databaseloginname'];
  25. $database_password = $_SESSION['databaseloginpassword'];
  26. $database_collation = $_POST['database_collation'];
  27. $database_charset = substr($database_collation, 0, strpos($database_collation, '_'));
  28. $database_connection_charset = $_POST['database_connection_charset'];
  29. $database_connection_method = $_POST['database_connection_method'];
  30. $dbase = "`" . $_POST['database_name'] . "`";
  31. $table_prefix = $_POST['tableprefix'];
  32. $adminname = $_POST['cmsadmin'];
  33. $adminemail = $_POST['cmsadminemail'];
  34. $adminpass = $_POST['cmspassword'];
  35. $managerlanguage = $_POST['managerlanguage'];
  36. //}
  37. // set session name variable
  38. if (!isset ($site_sessionname)) {
  39. $site_sessionname = 'SN' . uniqid('');
  40. }
  41. // get base path and url
  42. $a = explode("install", str_replace("\\", "/", dirname($_SERVER["PHP_SELF"])));
  43. if (count($a) > 1)
  44. array_pop($a);
  45. $url = implode("install", $a);
  46. reset($a);
  47. $a = explode("install", str_replace("\\", "/", realpath(dirname(__FILE__))));
  48. if (count($a) > 1)
  49. array_pop($a);
  50. $pth = implode("install", $a);
  51. unset ($a);
  52. $base_url = $url . (substr($url, -1) != "/" ? "/" : "");
  53. $base_path = $pth . (substr($pth, -1) != "/" ? "/" : "");
  54. // connect to the database
  55. echo "<p>". $_lang['setup_database_create_connection'];
  56. if (!@ $conn = mysql_connect($database_server, $database_user, $database_password)) {
  57. echo "<span class=\"notok\">".$_lang["setup_database_create_connection_failed"]."</span></p><p>".$_lang['setup_database_create_connection_failed_note']."</p>";
  58. return;
  59. } else {
  60. echo "<span class=\"ok\">".$_lang['ok']."</span></p>";
  61. }
  62. // select database
  63. echo "<p>".$_lang['setup_database_selection']. str_replace("`", "", $dbase) . "`: ";
  64. if (!@ mysql_select_db(str_replace("`", "", $dbase), $conn)) {
  65. echo "<span class=\"notok\" style='color:#707070'>".$_lang['setup_database_selection_failed']."</span>".$_lang['setup_database_selection_failed_note']."</p>";
  66. $create = true;
  67. } else {
  68. @ mysql_query("{$database_connection_method} {$database_connection_charset}");
  69. echo "<span class=\"ok\">".$_lang['ok']."</span></p>";
  70. }
  71. // try to create the database
  72. if ($create) {
  73. echo "<p>".$_lang['setup_database_creation']. str_replace("`", "", $dbase) . "`: ";
  74. // if(!@mysql_create_db(str_replace("`","",$dbase), $conn)) {
  75. if (! mysql_query("CREATE DATABASE $dbase DEFAULT CHARACTER SET $database_charset COLLATE $database_collation")) {
  76. echo "<span class=\"notok\">".$_lang['setup_database_creation_failed']."</span>".$_lang['setup_database_creation_failed_note']."</p>";
  77. $errors += 1;
  78. ?>
  79. <pre>
  80. database charset = <?php $database_charset ?>
  81. database collation = <?php $database_collation ?>
  82. </pre>
  83. <p><?php echo $_lang['setup_database_creation_failed_note2']?></p>
  84. <?php
  85. return;
  86. } else {
  87. echo "<span class=\"ok\">".$_lang['ok']."</span></p>";
  88. }
  89. }
  90. // check table prefix
  91. if ($installMode == 0) {
  92. echo "<p>" . $_lang['checking_table_prefix'] . $table_prefix . "`: ";
  93. if (@ $rs = mysql_query("SELECT COUNT(*) FROM $dbase.`" . $table_prefix . "site_content`")) {
  94. echo "<span class=\"notok\">" . $_lang['failed'] . "</span>" . $_lang['table_prefix_already_inuse'] . "</p>";
  95. $errors += 1;
  96. echo "<p>" . $_lang['table_prefix_already_inuse_note'] . "</p>";
  97. return;
  98. } else {
  99. echo "<span class=\"ok\">" . $_lang['ok'] . "</span></p>";
  100. }
  101. }
  102. if(!function_exists('parseProperties')) {
  103. // parses a resource property string and returns the result as an array
  104. // duplicate of method in documentParser class
  105. function parseProperties($propertyString) {
  106. $parameter= array ();
  107. if (!empty ($propertyString)) {
  108. $tmpParams= explode("&", $propertyString);
  109. for ($x= 0; $x < count($tmpParams); $x++) {
  110. if (strpos($tmpParams[$x], '=', 0)) {
  111. $pTmp= explode("=", $tmpParams[$x]);
  112. $pvTmp= explode(";", trim($pTmp[1]));
  113. if ($pvTmp[1] == 'list' && $pvTmp[3] != "")
  114. $parameter[trim($pTmp[0])]= $pvTmp[3]; //list default
  115. else
  116. if ($pvTmp[1] != 'list' && $pvTmp[2] != "")
  117. $parameter[trim($pTmp[0])]= $pvTmp[2];
  118. }
  119. }
  120. }
  121. return $parameter;
  122. }
  123. }
  124. // check status of Inherit Parent Template plugin
  125. $auto_template_logic = 'parent';
  126. if ($installMode != 0) {
  127. $rs = mysql_query("SELECT properties, disabled FROM $dbase.`" . $table_prefix . "site_plugins` WHERE name='Inherit Parent Template'");
  128. $row = mysql_fetch_row($rs);
  129. if(!$row) {
  130. // not installed
  131. $auto_template_logic = 'system';
  132. } else {
  133. if($row[1] == 1) {
  134. // installed but disabled
  135. $auto_template_logic = 'system';
  136. } else {
  137. // installed, enabled .. see how it's configured
  138. $properties = parseProperties($row[0]);
  139. if(isset($properties['inheritTemplate'])) {
  140. if($properties['inheritTemplate'] == 'From First Sibling') {
  141. $auto_template_logic = 'sibling';
  142. }
  143. }
  144. }
  145. }
  146. }
  147. // open db connection
  148. $setupPath = realpath(dirname(__FILE__));
  149. include "{$setupPath}/setup.info.php";
  150. include "{$setupPath}/sqlParser.class.php";
  151. $sqlParser = new SqlParser($database_server, $database_user, $database_password, str_replace("`", "", $dbase), $table_prefix, $adminname, $adminemail, $adminpass, $database_connection_charset, $managerlanguage, $database_connection_method, $auto_template_logic);
  152. $sqlParser->mode = ($installMode < 1) ? "new" : "upd";
  153. /* image and file manager paths now handled via settings screen in Manager
  154. $sqlParser->imageUrl = 'http://' . $_SERVER['SERVER_NAME'] . $base_url . "assets/";
  155. $sqlParser->imageUrl = "assets/";
  156. $sqlParser->imagePath = $base_path . "assets/";
  157. $sqlParser->fileManagerPath = $base_path;
  158. */
  159. $sqlParser->ignoreDuplicateErrors = true;
  160. $sqlParser->connect();
  161. // install/update database
  162. echo "<p>" . $_lang['setup_database_creating_tables'];
  163. if ($moduleSQLBaseFile) {
  164. $sqlParser->process($moduleSQLBaseFile);
  165. // display database results
  166. if ($sqlParser->installFailed == true) {
  167. $errors += 1;
  168. echo "<span class=\"notok\"><b>" . $_lang['database_alerts'] . "</span></p>";
  169. echo "<p>" . $_lang['setup_couldnt_install'] . "</p>";
  170. echo "<p>" . $_lang['installation_error_occured'] . "<br /><br />";
  171. for ($i = 0; $i < count($sqlParser->mysqlErrors); $i++) {
  172. echo "<em>" . $sqlParser->mysqlErrors[$i]["error"] . "</em>" . $_lang['during_execution_of_sql'] . "<span class='mono'>" . strip_tags($sqlParser->mysqlErrors[$i]["sql"]) . "</span>.<hr />";
  173. }
  174. echo "</p>";
  175. echo "<p>" . $_lang['some_tables_not_updated'] . "</p>";
  176. return;
  177. } else {
  178. echo "<span class=\"ok\">".$_lang['ok']."</span></p>";
  179. }
  180. }
  181. // write the config.inc.php file if new installation
  182. echo "<p>" . $_lang['writing_config_file'];
  183. $configString = '<?php
  184. /**
  185. * MODx Configuration file
  186. */
  187. $database_type = \'mysql\';
  188. $database_server = \'' . $database_server . '\';
  189. $database_user = \'' . mysql_real_escape_string($database_user) . '\';
  190. $database_password = \'' . mysql_real_escape_string($database_password) . '\';
  191. $database_connection_charset = \'' . $database_connection_charset . '\';
  192. $database_connection_method = \'' . $database_connection_method . '\';
  193. $dbase = \'`' . str_replace("`", "", $dbase) . '`\';
  194. $table_prefix = \'' . $table_prefix . '\';
  195. error_reporting(E_ALL & ~E_NOTICE);
  196. $lastInstallTime = '.time().';
  197. $site_sessionname = \'' . $site_sessionname . '\';
  198. $https_port = \'443\';
  199. // automatically assign base_path and base_url
  200. if(empty($base_path)||empty($base_url)||$_REQUEST[\'base_path\']||$_REQUEST[\'base_url\']) {
  201. $sapi= \'undefined\';
  202. if (!strstr($_SERVER[\'PHP_SELF\'], $_SERVER[\'SCRIPT_NAME\']) && ($sapi= @ php_sapi_name()) == \'cgi\') {
  203. $script_name= $_SERVER[\'PHP_SELF\'];
  204. } else {
  205. $script_name= $_SERVER[\'SCRIPT_NAME\'];
  206. }
  207. $a= explode("/manager", str_replace("\\\\", "/", dirname($script_name)));
  208. if (count($a) > 1)
  209. array_pop($a);
  210. $url= implode("manager", $a);
  211. reset($a);
  212. $a= explode("manager", str_replace("\\\\", "/", dirname(__FILE__)));
  213. if (count($a) > 1)
  214. array_pop($a);
  215. $pth= implode("manager", $a);
  216. unset ($a);
  217. $base_url= $url . (substr($url, -1) != "/" ? "/" : "");
  218. $base_path= $pth . (substr($pth, -1) != "/" && substr($pth, -1) != "\\\\" ? "/" : "");
  219. }
  220. // assign site_url
  221. $site_url= ((isset ($_SERVER[\'HTTPS\']) && strtolower($_SERVER[\'HTTPS\']) == \'on\') || $_SERVER[\'SERVER_PORT\'] == $https_port) ? \'https://\' : \'http://\';
  222. $site_url .= $_SERVER[\'HTTP_HOST\'];
  223. if ($_SERVER[\'SERVER_PORT\'] != 80)
  224. $site_url= str_replace(\':\' . $_SERVER[\'SERVER_PORT\'], \'\', $site_url); // remove port from HTTP_HOST  
  225. $site_url .= ($_SERVER[\'SERVER_PORT\'] == 80 || (isset ($_SERVER[\'HTTPS\']) && strtolower($_SERVER[\'HTTPS\']) == \'on\') || $_SERVER[\'SERVER_PORT\'] == $https_port) ? \'\' : \':\' . $_SERVER[\'SERVER_PORT\'];
  226. $site_url .= $base_url;
  227. if (!defined(\'MODX_BASE_PATH\')) define(\'MODX_BASE_PATH\', $base_path);
  228. if (!defined(\'MODX_BASE_URL\')) define(\'MODX_BASE_URL\', $base_url);
  229. if (!defined(\'MODX_SITE_URL\')) define(\'MODX_SITE_URL\', $site_url);
  230. if (!defined(\'MODX_MANAGER_PATH\')) define(\'MODX_MANAGER_PATH\', $base_path.\'manager/\');
  231. if (!defined(\'MODX_MANAGER_URL\')) define(\'MODX_MANAGER_URL\', $site_url.\'manager/\');
  232. // start cms session
  233. if(!function_exists(\'startCMSSession\')) {
  234. function startCMSSession(){
  235. global $site_sessionname;
  236. session_name($site_sessionname);
  237. session_start();
  238. $cookieExpiration= 0;
  239. if (isset ($_SESSION[\'mgrValidated\']) || isset ($_SESSION[\'webValidated\'])) {
  240. $contextKey= isset ($_SESSION[\'mgrValidated\']) ? \'mgr\' : \'web\';
  241. if (isset ($_SESSION[\'modx.\' . $contextKey . \'.session.cookie.lifetime\']) && is_numeric($_SESSION[\'modx.\' . $contextKey . \'.session.cookie.lifetime\'])) {
  242. $cookieLifetime= intval($_SESSION[\'modx.\' . $contextKey . \'.session.cookie.lifetime\']);
  243. }
  244. if ($cookieLifetime) {
  245. $cookieExpiration= time() + $cookieLifetime;
  246. }
  247. if (!isset($_SESSION[\'modx.session.created.time\'])) {
  248. $_SESSION[\'modx.session.created.time\'] = time();
  249. }
  250. }
  251. setcookie(session_name(), session_id(), $cookieExpiration, MODX_BASE_URL);
  252. }
  253. }';
  254. $configString .= "\n?>";
  255. $filename = '../manager/includes/config.inc.php';
  256. $configFileFailed = false;
  257. if (@ !$handle = fopen($filename, 'w')) {
  258. $configFileFailed = true;
  259. }
  260. // write $somecontent to our opened file.
  261. if (@ fwrite($handle, $configString) === FALSE) {
  262. $configFileFailed = true;
  263. }
  264. @ fclose($handle);
  265. // try to chmod the config file go-rwx (for suexeced php)
  266. $chmodSuccess = @chmod($filename, 0600);
  267. if ($configFileFailed == true) {
  268. echo "<span class=\"notok\">" . $_lang['failed'] . "</span></p>";
  269. $errors += 1;
  270. ?>
  271. <p><?php echo $_lang['cant_write_config_file']?><span class="mono">manager/includes/config.inc.php</span></p>
  272. <textarea style="width:400px; height:160px;">
  273. <?php echo $configString; ?>
  274. </textarea>
  275. <p><?php echo $_lang['cant_write_config_file_note']?></p>
  276. <?php
  277. return;
  278. } else {
  279. echo "<span class=\"ok\">" . $_lang['ok'] . "</span></p>";
  280. }
  281. // generate new site_id and set manager theme to MODxCarbon
  282. if ($installMode == 0) {
  283. $siteid = uniqid('');
  284. mysql_query("REPLACE INTO $dbase.`" . $table_prefix . "system_settings` (setting_name,setting_value) VALUES('site_id','$siteid'),('manager_theme','MODxCarbon')", $sqlParser->conn);
  285. } else {
  286. // update site_id if missing
  287. $ds = mysql_query("SELECT setting_name,setting_value FROM $dbase.`" . $table_prefix . "system_settings` WHERE setting_name='site_id'", $sqlParser->conn);
  288. if ($ds) {
  289. $r = mysql_fetch_assoc($ds);
  290. $siteid = $r['setting_value'];
  291. if ($siteid == '' || $siteid = 'MzGeQ2faT4Dw06+U49x3') {
  292. $siteid = uniqid('');
  293. mysql_query("REPLACE INTO $dbase.`" . $table_prefix . "system_settings` (setting_name,setting_value) VALUES('site_id','$siteid')", $sqlParser->conn);
  294. }
  295. }
  296. }
  297. // Install Templates
  298. if (isset ($_POST['template']) || $installData) {
  299. echo "<h3>" . $_lang['templates'] . ":</h3> ";
  300. $selTemplates = $_POST['template'];
  301. foreach ($moduleTemplates as $k=>$moduleTemplate) {
  302. $installSample = in_array('sample', $moduleTemplate[6]) && $installData == 1;
  303. if(in_array($k, $selTemplates) || $installSample) {
  304. $name = mysql_real_escape_string($moduleTemplate[0]);
  305. $desc = mysql_real_escape_string($moduleTemplate[1]);
  306. $category = mysql_real_escape_string($moduleTemplate[4]);
  307. $locked = mysql_real_escape_string($moduleTemplate[5]);
  308. $filecontent = $moduleTemplate[3];
  309. if (!file_exists($filecontent)) {
  310. echo "<p>&nbsp;&nbsp;$name: <span class=\"notok\">" . $_lang['unable_install_template'] . " '$filecontent' " . $_lang['not_found'] . ".</span></p>";
  311. } else {
  312. // Create the category if it does not already exist
  313. $category_id = getCreateDbCategory($category, $sqlParser);
  314. // Strip the first comment up top
  315. $template = preg_replace("/^.*?\/\*\*.*?\*\/\s+/s", '', file_get_contents($filecontent), 1);
  316. $template = mysql_real_escape_string($template);
  317. // See if the template already exists
  318. $rs = mysql_query("SELECT * FROM $dbase.`" . $table_prefix . "site_templates` WHERE templatename='$name'", $sqlParser->conn);
  319. if (mysql_num_rows($rs)) {
  320. if (!@ mysql_query("UPDATE $dbase.`" . $table_prefix . "site_templates` SET content='$template', description='$desc', category=$category_id, locked='$locked' WHERE templatename='$name';", $sqlParser->conn)) {
  321. $errors += 1;
  322. echo "<p>" . mysql_error() . "</p>";
  323. return;
  324. }
  325. echo "<p>&nbsp;&nbsp;$name: <span class=\"ok\">" . $_lang['upgraded'] . "</span></p>";
  326. } else {
  327. if (!@ mysql_query("INSERT INTO $dbase.`" . $table_prefix . "site_templates` (templatename,description,content,category,locked) VALUES('$name','$desc','$template',$category_id,'$locked');", $sqlParser->conn)) {
  328. $errors += 1;
  329. echo "<p>" . mysql_error() . "</p>";
  330. return;
  331. }
  332. echo "<p>&nbsp;&nbsp;$name: <span class=\"ok\">" . $_lang['installed'] . "</span></p>";
  333. }
  334. }
  335. }
  336. }
  337. }
  338. // Install Template Variables
  339. if (isset ($_POST['tv']) || $installData) {
  340. echo "<h3>" . $_lang['tvs'] . ":</h3> ";
  341. $selTVs = $_POST['tv'];
  342. foreach ($moduleTVs as $k=>$moduleTV) {
  343. $installSample = in_array('sample', $moduleTV[12]) && $installData == 1;
  344. if(in_array($k, $selTVs) || $installSample) {
  345. $name = mysql_real_escape_string($moduleTV[0]);
  346. $caption = mysql_real_escape_string($moduleTV[1]);
  347. $desc = mysql_real_escape_string($moduleTV[2]);
  348. $input_type = mysql_real_escape_string($moduleTV[3]);
  349. $input_options = mysql_real_escape_string($moduleTV[4]);
  350. $input_default = mysql_real_escape_string($moduleTV[5]);
  351. $output_widget = mysql_real_escape_string($moduleTV[6]);
  352. $output_widget_params = mysql_real_escape_string($moduleTV[7]);
  353. $filecontent = $moduleTV[8];
  354. $assignments = $moduleTV[9];
  355. $category = mysql_real_escape_string($moduleTV[10]);
  356. $locked = mysql_real_escape_string($moduleTV[11]);
  357. // Create the category if it does not already exist
  358. $category = getCreateDbCategory($category, $sqlParser);
  359. $rs = mysql_query("SELECT * FROM $dbase.`" . $table_prefix . "site_tmplvars` WHERE name='$name'", $sqlParser->conn);
  360. if (mysql_num_rows($rs)) {
  361. $insert = true;
  362. while($row = mysql_fetch_assoc($rs)) {
  363. if (!@ mysql_query("UPDATE $dbase.`" . $table_prefix . "site_tmplvars` SET type='$input_type', caption='$caption', description='$desc', category=$category, locked=$locked, elements='$input_options', display='$output_widget', display_params='$output_widget_params', default_text='$input_default' WHERE id={$row['id']};", $sqlParser->conn)) {
  364. echo "<p>" . mysql_error() . "</p>";
  365. return;
  366. }
  367. $insert = false;
  368. }
  369. echo "<p>&nbsp;&nbsp;$name: <span class=\"ok\">" . $_lang['upgraded'] . "</span></p>";
  370. } else {
  371. //$q = "INSERT INTO $dbase.`" . $table_prefix . "site_tmplvars` (type,name,caption,description,category,locked,elements,display,display_params,default_text) VALUES('$input_type','$name','$caption','$desc',(SELECT (CASE COUNT(*) WHEN 0 THEN 0 ELSE `id` END) `id` FROM $dbase.`" . $table_prefix . "categories` WHERE `category` = '$category'),$locked,'$input_options','$output_widget','$output_widget_params','$input_default');";
  372. $q = "INSERT INTO $dbase.`" . $table_prefix . "site_tmplvars` (type,name,caption,description,category,locked,elements,display,display_params,default_text) VALUES('$input_type','$name','$caption','$desc',$category,$locked,'$input_options','$output_widget','$output_widget_params','$input_default');";
  373. if (!@ mysql_query($q, $sqlParser->conn)) {
  374. echo "<p>" . mysql_error() . "</p>";
  375. return;
  376. }
  377. echo "<p>&nbsp;&nbsp;$name: <span class=\"ok\">" . $_lang['installed'] . "</span></p>";
  378. }
  379. // add template assignments
  380. $assignments = explode(',', $assignments);
  381. if (count($assignments) > 0) {
  382. // remove existing tv -> template assignments
  383. $ds=mysql_query("SELECT id FROM $dbase.`".$table_prefix."site_tmplvars` WHERE name='$name' AND description='$desc';",$sqlParser->conn);
  384. $row = mysql_fetch_assoc($ds);
  385. $id = $row["id"];
  386. mysql_query('DELETE FROM ' . $dbase . '.`' . $table_prefix . 'site_tmplvar_templates` WHERE tmplvarid = \'' . $id . '\'');
  387. // add tv -> template assignments
  388. foreach ($assignments as $assignment) {
  389. $template = mysql_real_escape_string($assignment);
  390. $ts = mysql_query("SELECT id FROM $dbase.`".$table_prefix."site_templates` WHERE templatename='$template';",$sqlParser->conn);
  391. if ($ds && $ts) {
  392. $tRow = mysql_fetch_assoc($ts);
  393. $templateId = $tRow['id'];
  394. mysql_query("INSERT INTO $dbase.`" . $table_prefix . "site_tmplvar_templates` (tmplvarid, templateid) VALUES($id, $templateId)");
  395. }
  396. }
  397. }
  398. }
  399. }
  400. }
  401. // Install Chunks
  402. if (isset ($_POST['chunk']) || $installData) {
  403. echo "<h3>" . $_lang['chunks'] . ":</h3> ";
  404. $selChunks = $_POST['chunk'];
  405. foreach ($moduleChunks as $k=>$moduleChunk) {
  406. $installSample = in_array('sample', $moduleChunk[5]) && $installData == 1;
  407. if(in_array($k, $selChunks) || $installSample) {
  408. $name = mysql_real_escape_string($moduleChunk[0]);
  409. $desc = mysql_real_escape_string($moduleChunk[1]);
  410. $category = mysql_real_escape_string($moduleChunk[3]);
  411. $overwrite = mysql_real_escape_string($moduleChunk[4]);
  412. $filecontent = $moduleChunk[2];
  413. if (!file_exists($filecontent))
  414. echo "<p>&nbsp;&nbsp;$name: <span class=\"notok\">" . $_lang['unable_install_chunk'] . " '$filecontent' " . $_lang['not_found'] . ".</span></p>";
  415. else {
  416. // Create the category if it does not already exist
  417. $category_id = getCreateDbCategory($category, $sqlParser);
  418. $chunk = preg_replace("/^.*?\/\*\*.*?\*\/\s+/s", '', file_get_contents($filecontent), 1);
  419. $chunk = mysql_real_escape_string($chunk);
  420. $rs = mysql_query("SELECT * FROM $dbase.`" . $table_prefix . "site_htmlsnippets` WHERE name='$name'", $sqlParser->conn);
  421. $count_original_name = mysql_num_rows($rs);
  422. if($overwrite == 'false') {
  423. $newname = $name . '-' . str_replace('.', '_', $modx_version);
  424. $rs = mysql_query("SELECT * FROM $dbase.`" . $table_prefix . "site_htmlsnippets` WHERE name='$newname'", $sqlParser->conn);
  425. $count_new_name = mysql_num_rows($rs);
  426. }
  427. $update = $count_original_name > 0 && $overwrite == 'true';
  428. if ($update) {
  429. if (!@ mysql_query("UPDATE $dbase.`" . $table_prefix . "site_htmlsnippets` SET snippet='$chunk', description='$desc', category=$category_id WHERE name='$name';", $sqlParser->conn)) {
  430. $errors += 1;
  431. echo "<p>" . mysql_error() . "</p>";
  432. return;
  433. }
  434. echo "<p>&nbsp;&nbsp;$name: <span class=\"ok\">" . $_lang['upgraded'] . "</span></p>";
  435. } elseif($count_new_name == 0) {
  436. if($count_original_name > 0 && $overwrite == 'false') {
  437. $name = $newname;
  438. }
  439. if (!@ mysql_query("INSERT INTO $dbase.`" . $table_prefix . "site_htmlsnippets` (name,description,snippet,category) VALUES('$name','$desc','$chunk',$category_id);", $sqlParser->conn)) {
  440. $errors += 1;
  441. echo "<p>" . mysql_error() . "</p>";
  442. return;
  443. }
  444. echo "<p>&nbsp;&nbsp;$name: <span class=\"ok\">" . $_lang['installed'] . "</span></p>";
  445. }
  446. }
  447. }
  448. }
  449. }
  450. // Install Modules
  451. if (isset ($_POST['module']) || $installData) {
  452. echo "<h3>" . $_lang['modules'] . ":</h3> ";
  453. $selModules = $_POST['module'];
  454. foreach ($moduleModules as $k=>$moduleModule) {
  455. $installSample = in_array('sample', $moduleModule[7]) && $installData == 1;
  456. if(in_array($k, $selModules) || $installSample) {
  457. $name = mysql_real_escape_string($moduleModule[0]);
  458. $desc = mysql_real_escape_string($moduleModule[1]);
  459. $filecontent = $moduleModule[2];
  460. $properties = mysql_real_escape_string($moduleModule[3]);
  461. $guid = mysql_real_escape_string($moduleModule[4]);
  462. $shared = mysql_real_escape_string($moduleModule[5]);
  463. $category = mysql_real_escape_string($moduleModule[6]);
  464. if (!file_exists($filecontent))
  465. echo "<p>&nbsp;&nbsp;$name: <span class=\"notok\">" . $_lang['unable_install_module'] . " '$filecontent' " . $_lang['not_found'] . ".</span></p>";
  466. else {
  467. // Create the category if it does not already exist
  468. $category = getCreateDbCategory($category, $sqlParser);
  469. $module = end(preg_split("/(\/\/)?\s*\<\?php/", file_get_contents($filecontent), 2));
  470. // remove installer docblock
  471. $module = preg_replace("/^.*?\/\*\*.*?\*\/\s+/s", '', $module, 1);
  472. $module = mysql_real_escape_string($module);
  473. $rs = mysql_query("SELECT * FROM $dbase.`" . $table_prefix . "site_modules` WHERE name='$name'", $sqlParser->conn);
  474. if (mysql_num_rows($rs)) {
  475. $row = mysql_fetch_assoc($rs);
  476. $props = propUpdate($properties,$row['properties']);
  477. if (!@ mysql_query("UPDATE $dbase.`" . $table_prefix . "site_modules` SET modulecode='$module', description='$desc', properties='$props', enable_sharedparams='$shared' WHERE name='$name';", $sqlParser->conn)) {
  478. echo "<p>" . mysql_error() . "</p>";
  479. return;
  480. }
  481. echo "<p>&nbsp;&nbsp;$name: <span class=\"ok\">" . $_lang['upgraded'] . "</span></p>";
  482. } else {
  483. if (!@ mysql_query("INSERT INTO $dbase.`" . $table_prefix . "site_modules` (name,description,modulecode,properties,guid,enable_sharedparams,category) VALUES('$name','$desc','$module','$properties','$guid','$shared', $category);", $sqlParser->conn)) {
  484. echo "<p>" . mysql_error() . "</p>";
  485. return;
  486. }
  487. echo "<p>&nbsp;&nbsp;$name: <span class=\"ok\">" . $_lang['installed'] . "</span></p>";
  488. }
  489. }
  490. }
  491. }
  492. }
  493. // Install Plugins
  494. if (isset ($_POST['plugin']) || $installData) {
  495. echo "<h3>" . $_lang['plugins'] . ":</h3> ";
  496. $selPlugs = $_POST['plugin'];
  497. foreach ($modulePlugins as $k=>$modulePlugin) {
  498. $installSample = in_array('sample', $modulePlugin[8]) && $installData == 1;
  499. if(in_array($k, $selPlugs) || $installSample) {
  500. $name = mysql_real_escape_string($modulePlugin[0]);
  501. $desc = mysql_real_escape_string($modulePlugin[1]);
  502. $filecontent = $modulePlugin[2];
  503. $properties = mysql_real_escape_string($modulePlugin[3]);
  504. $events = explode(",", $modulePlugin[4]);
  505. $guid = mysql_real_escape_string($modulePlugin[5]);
  506. $category = mysql_real_escape_string($modulePlugin[6]);
  507. $leg_names = '';
  508. if(array_key_exists(7, $modulePlugin)) {
  509. // parse comma-separated legacy names and prepare them for sql IN clause
  510. $leg_names = "'" . implode("','", preg_split('/\s*,\s*/', mysql_real_escape_string($modulePlugin[7]))) . "'";
  511. }
  512. if (!file_exists($filecontent))
  513. echo "<p>&nbsp;&nbsp;$name: <span class=\"notok\">" . $_lang['unable_install_plugin'] . " '$filecontent' " . $_lang['not_found'] . ".</span></p>";
  514. else {
  515. // disable legacy versions based on legacy_names provided
  516. if(!empty($leg_names)) {
  517. $update_query = "UPDATE $dbase.`" . $table_prefix . "site_plugins` SET disabled='1' WHERE name IN ($leg_names);";
  518. $rs = mysql_query($update_query, $sqlParser->conn);
  519. }
  520. // Create the category if it does not already exist
  521. $category = getCreateDbCategory($category, $sqlParser);
  522. $plugin = end(preg_split("/(\/\/)?\s*\<\?php/", file_get_contents($filecontent), 2));
  523. // remove installer docblock
  524. $plugin = preg_replace("/^.*?\/\*\*.*?\*\/\s+/s", '', $plugin, 1);
  525. $plugin = mysql_real_escape_string($plugin);
  526. $rs = mysql_query("SELECT * FROM $dbase.`" . $table_prefix . "site_plugins` WHERE name='$name'", $sqlParser->conn);
  527. if (mysql_num_rows($rs)) {
  528. $insert = true;
  529. while($row = mysql_fetch_assoc($rs)) {
  530. $props = propUpdate($properties,$row['properties']);
  531. if($row['description'] == $desc){
  532. if (!@ mysql_query("UPDATE $dbase.`" . $table_prefix . "site_plugins` SET plugincode='$plugin', description='$desc', properties='$props' WHERE id={$row['id']};", $sqlParser->conn)) {
  533. echo "<p>" . mysql_error() . "</p>";
  534. return;
  535. }
  536. $insert = false;
  537. } else {
  538. if (!@ mysql_query("UPDATE $dbase.`" . $table_prefix . "site_plugins` SET disabled='1' WHERE id={$row['id']};", $sqlParser->conn)) {
  539. echo "<p>".mysql_error()."</p>";
  540. return;
  541. }
  542. }
  543. }
  544. if($insert === true) {
  545. if(!@mysql_query("INSERT INTO $dbase.`".$table_prefix."site_plugins` (name,description,plugincode,properties,moduleguid,disabled,category) VALUES('$name','$desc','$plugin','$properties','$guid','0',$category);",$sqlParser->conn)) {
  546. echo "<p>".mysql_error()."</p>";
  547. return;
  548. }
  549. }
  550. echo "<p>&nbsp;&nbsp;$name: <span class=\"ok\">" . $_lang['upgraded'] . "</span></p>";
  551. } else {
  552. //add disabled
  553. if ($category == 'add'){
  554. if (!@ mysql_query("INSERT INTO $dbase.`" . $table_prefix . "site_plugins` (name,description,plugincode,properties,moduleguid,disabled,category) VALUES('$name','$desc','$plugin','$properties','$guid','1',$category);", $sqlParser->conn)) {
  555. echo "<p>" . mysql_error() . "</p>";
  556. return;
  557. }
  558. }else{
  559. if (!@ mysql_query("INSERT INTO $dbase.`" . $table_prefix . "site_plugins` (name,description,plugincode,properties,moduleguid,category) VALUES('$name','$desc','$plugin','$properties','$guid',$category);", $sqlParser->conn)) {
  560. echo "<p>" . mysql_error() . "</p>";
  561. return;
  562. }
  563. }
  564. echo "<p>&nbsp;&nbsp;$name: <span class=\"ok\">" . $_lang['installed'] . "</span></p>";
  565. }
  566. // add system events
  567. if (count($events) > 0) {
  568. $ds=mysql_query("SELECT id FROM $dbase.`".$table_prefix."site_plugins` WHERE name='$name' AND description='$desc';",$sqlParser->conn);
  569. if ($ds) {
  570. $row = mysql_fetch_assoc($ds);
  571. $id = $row["id"];
  572. // remove existing events
  573. mysql_query('DELETE FROM ' . $dbase . '.`' . $table_prefix . 'site_plugin_events` WHERE pluginid = \'' . $id . '\'');
  574. // add new events
  575. mysql_query("INSERT INTO $dbase.`" . $table_prefix . "site_plugin_events` (pluginid, evtid) SELECT '$id' as 'pluginid',se.id as 'evtid' FROM $dbase.`" . $table_prefix . "system_eventnames` se WHERE name IN ('" . implode("','", $events) . "')");
  576. }
  577. }
  578. }
  579. }
  580. }
  581. }
  582. // Install Snippets
  583. if (isset ($_POST['snippet']) || $installData) {
  584. echo "<h3>" . $_lang['snippets'] . ":</h3> ";
  585. $selSnips = $_POST['snippet'];
  586. foreach ($moduleSnippets as $k=>$moduleSnippet) {
  587. $installSample = in_array('sample', $moduleSnippet[5]) && $installData == 1;
  588. if(in_array($k, $selSnips) || $installSample) {
  589. $name = mysql_real_escape_string($moduleSnippet[0]);
  590. $desc = mysql_real_escape_string($moduleSnippet[1]);
  591. $filecontent = $moduleSnippet[2];
  592. $properties = mysql_real_escape_string($moduleSnippet[3]);
  593. $category = mysql_real_escape_string($moduleSnippet[4]);
  594. if (!file_exists($filecontent))
  595. echo "<p>&nbsp;&nbsp;$name: <span class=\"notok\">" . $_lang['unable_install_snippet'] . " '$filecontent' " . $_lang['not_found'] . ".</span></p>";
  596. else {
  597. // Create the category if it does not already exist
  598. $category = getCreateDbCategory($category, $sqlParser);
  599. $snippet = end(preg_split("/(\/\/)?\s*\<\?php/", file_get_contents($filecontent)));
  600. // remove installer docblock
  601. $snippet = preg_replace("/^.*?\/\*\*.*?\*\/\s+/s", '', $snippet, 1);
  602. $snippet = mysql_real_escape_string($snippet);
  603. $rs = mysql_query("SELECT * FROM $dbase.`" . $table_prefix . "site_snippets` WHERE name='$name'", $sqlParser->conn);
  604. if (mysql_num_rows($rs)) {
  605. $row = mysql_fetch_assoc($rs);
  606. $props = propUpdate($properties,$row['properties']);
  607. if (!@ mysql_query("UPDATE $dbase.`" . $table_prefix . "site_snippets` SET snippet='$snippet', description='$desc', properties='$props' WHERE name='$name';", $sqlParser->conn)) {
  608. echo "<p>" . mysql_error() . "</p>";
  609. return;
  610. }
  611. echo "<p>&nbsp;&nbsp;$name: <span class=\"ok\">" . $_lang['upgraded'] . "</span></p>";
  612. } else {
  613. if (!@ mysql_query("INSERT INTO $dbase.`" . $table_prefix . "site_snippets` (name,description,snippet,properties,category) VALUES('$name','$desc','$snippet','$properties',$category);", $sqlParser->conn)) {
  614. echo "<p>" . mysql_error() . "</p>";
  615. return;
  616. }
  617. echo "<p>&nbsp;&nbsp;$name: <span class=\"ok\">" . $_lang['installed'] . "</span></p>";
  618. }
  619. }
  620. }
  621. }
  622. }
  623. // install data
  624. if ($installData && $moduleSQLDataFile) {
  625. echo "<p>" . $_lang['installing_demo_site'];
  626. $sqlParser->process($moduleSQLDataFile);
  627. // display database results
  628. if ($sqlParser->installFailed == true) {
  629. $errors += 1;
  630. echo "<span class=\"notok\"><b>" . $_lang['database_alerts'] . "</span></p>";
  631. echo "<p>" . $_lang['setup_couldnt_install'] . "</p>";
  632. echo "<p>" . $_lang['installation_error_occured'] . "<br /><br />";
  633. for ($i = 0; $i < count($sqlParser->mysqlErrors); $i++) {
  634. echo "<em>" . $sqlParser->mysqlErrors[$i]["error"] . "</em>" . $_lang['during_execution_of_sql'] . "<span class='mono'>" . strip_tags($sqlParser->mysqlErrors[$i]["sql"]) . "</span>.<hr />";
  635. }
  636. echo "</p>";
  637. echo "<p>" . $_lang['some_tables_not_updated'] . "</p>";
  638. return;
  639. } else {
  640. echo "<span class=\"ok\">".$_lang['ok']."</span></p>";
  641. }
  642. }
  643. // call back function
  644. if ($callBackFnc != "")
  645. $callBackFnc ($sqlParser);
  646. // Setup the MODx API -- needed for the cache processor
  647. define('MODX_API_MODE', true);
  648. define('MODX_BASE_PATH', $base_path);
  649. $database_type = 'mysql';
  650. // initiate a new document parser
  651. include_once('../manager/includes/document.parser.class.inc.php');
  652. $modx = new DocumentParser;
  653. $modx->db->connect();
  654. // always empty cache after install
  655. include_once "../manager/processors/cache_sync.class.processor.php";
  656. $sync = new synccache();
  657. $sync->setCachepath("../assets/cache/");
  658. $sync->setReport(false);
  659. $sync->emptyCache(); // first empty the cache
  660. // try to chmod the cache go-rwx (for suexeced php)
  661. $chmodSuccess = @chmod('../assets/cache/siteCache.idx.php', 0600);
  662. $chmodSuccess = @chmod('../assets/cache/sitePublishing.idx.php', 0600);
  663. // remove any locks on the manager functions so initial manager login is not blocked
  664. mysql_query("TRUNCATE TABLE `".$table_prefix."active_users`");
  665. // close db connection
  666. $sqlParser->close();
  667. // andrazk 20070416 - release manager access
  668. if (file_exists('../assets/cache/installProc.inc.php')) {
  669. @chmod('../assets/cache/installProc.inc.php', 0755);
  670. unlink('../assets/cache/installProc.inc.php');
  671. }
  672. // setup completed!
  673. echo "<p><b>" . $_lang['installation_successful'] . "</b></p>";
  674. echo "<p>" . $_lang['to_log_into_content_manager'] . "</p>";
  675. if ($installMode == 0) {
  676. echo "<p><img src=\"img/ico_info.png\" width=\"40\" height=\"42\" align=\"left\" style=\"margin-right:10px;\" />" . $_lang['installation_note'] . "</p>";
  677. } else {
  678. echo "<p><img src=\"img/ico_info.png\" width=\"40\" height=\"42\" align=\"left\" style=\"margin-right:10px;\" />" . $_lang['upgrade_note'] . "</p>";
  679. }
  680. // Property Update function
  681. function propUpdate($new,$old){
  682. // Split properties up into arrays
  683. $returnArr = array();
  684. $newArr = explode("&",$new);
  685. $oldArr = explode("&",$old);
  686. foreach ($newArr as $k => $v) {
  687. if(!empty($v)){
  688. $tempArr = explode("=",trim($v));
  689. $returnArr[$tempArr[0]] = $tempArr[1];
  690. }
  691. }
  692. foreach ($oldArr as $k => $v) {
  693. if(!empty($v)){
  694. $tempArr = explode("=",trim($v));
  695. $returnArr[$tempArr[0]] = $tempArr[1];
  696. }
  697. }
  698. // Make unique array
  699. $returnArr = array_unique($returnArr);
  700. // Build new string for new properties value
  701. foreach ($returnArr as $k => $v) {
  702. $return .= "&$k=$v ";
  703. }
  704. return $return;
  705. }
  706. function getCreateDbCategory($category, $sqlParser) {
  707. $dbase = $sqlParser->dbname;
  708. $table_prefix = $sqlParser->prefix;
  709. $category_id = 0;
  710. if(!empty($category)) {
  711. $category = mysql_real_escape_string($category);
  712. $rs = mysql_query("SELECT id FROM $dbase.`".$table_prefix."categories` WHERE category = '".$category."'");
  713. if(mysql_num_rows($rs) && ($row = mysql_fetch_assoc($rs))) {
  714. $category_id = $row['id'];
  715. } else {
  716. $q = "INSERT INTO $dbase.`".$table_prefix."categories` (`category`) VALUES ('{$category}');";
  717. $rs = mysql_query($q, $sqlParser->conn);
  718. if($rs) {
  719. $category_id = mysql_insert_id($sqlParser->conn);
  720. }
  721. }
  722. }
  723. return $category_id;
  724. }