PageRenderTime 52ms CodeModel.GetById 26ms RepoModel.GetById 0ms app.codeStats 1ms

/php/install.php

https://github.com/dekoza/openshift-smf-2.0.7
PHP | 2590 lines | 2070 code | 310 blank | 210 comment | 376 complexity | ad8dd5f7cc263dfcfb0548c2255ee31f MD5 | raw file
Possible License(s): BSD-3-Clause

Large files files are truncated, but you can click here to view the full file

  1. <?php
  2. /**
  3. * Simple Machines Forum (SMF)
  4. *
  5. * @package SMF
  6. * @author Simple Machines http://www.simplemachines.org
  7. * @copyright 2011 Simple Machines
  8. * @license http://www.simplemachines.org/about/smf/license.php BSD
  9. *
  10. * @version 2.0.7
  11. */
  12. $GLOBALS['current_smf_version'] = '2.0.7';
  13. $GLOBALS['db_script_version'] = '2-0';
  14. $GLOBALS['required_php_version'] = '4.1.0';
  15. // Don't have PHP support, do you?
  16. // ><html dir="ltr"><head><title>Error!</title></head><body>Sorry, this installer requires PHP!<div style="display: none;">
  17. // Database info.
  18. $databases = array(
  19. 'mysql' => array(
  20. 'name' => 'MySQL',
  21. 'version' => '4.0.18',
  22. 'version_check' => 'return min(mysql_get_server_info(), mysql_get_client_info());',
  23. 'supported' => function_exists('mysql_connect'),
  24. 'default_user' => 'mysql.default_user',
  25. 'default_password' => 'mysql.default_password',
  26. 'default_host' => 'mysql.default_host',
  27. 'default_port' => 'mysql.default_port',
  28. 'utf8_support' => true,
  29. 'utf8_version' => '4.1.0',
  30. 'utf8_version_check' => 'return mysql_get_server_info();',
  31. 'utf8_default' => false,
  32. 'utf8_required' => false,
  33. 'alter_support' => true,
  34. 'validate_prefix' => create_function('&$value', '
  35. $value = preg_replace(\'~[^A-Za-z0-9_\$]~\', \'\', $value);
  36. return true;
  37. '),
  38. ),
  39. 'postgresql' => array(
  40. 'name' => 'PostgreSQL',
  41. 'version' => '8.0',
  42. 'function_check' => 'pg_connect',
  43. 'version_check' => '$request = pg_query(\'SELECT version()\'); list ($version) = pg_fetch_row($request); list($pgl, $version) = explode(" ", $version); return $version;',
  44. 'supported' => function_exists('pg_connect'),
  45. 'always_has_db' => true,
  46. 'utf8_default' => true,
  47. 'utf8_required' => true,
  48. 'utf8_support' => true,
  49. 'utf8_version' => '8.0',
  50. 'utf8_version_check' => '$request = pg_query(\'SELECT version()\'); list ($version) = pg_fetch_row($request); list($pgl, $version) = explode(" ", $version); return $version;',
  51. 'validate_prefix' => create_function('&$value', '
  52. $value = preg_replace(\'~[^A-Za-z0-9_\$]~\', \'\', $value);
  53. // Is it reserved?
  54. if ($value == \'pg_\')
  55. return $txt[\'error_db_prefix_reserved\'];
  56. // Is the prefix numeric?
  57. if (preg_match(\'~^\d~\', $value))
  58. return $txt[\'error_db_prefix_numeric\'];
  59. return true;
  60. '),
  61. ),
  62. 'sqlite' => array(
  63. 'name' => 'SQLite',
  64. 'version' => '1',
  65. 'function_check' => 'sqlite_open',
  66. 'version_check' => 'return 1;',
  67. 'supported' => function_exists('sqlite_open'),
  68. 'always_has_db' => true,
  69. 'utf8_default' => true,
  70. 'utf8_required' => true,
  71. 'validate_prefix' => create_function('&$value', '
  72. global $incontext, $txt;
  73. $value = preg_replace(\'~[^A-Za-z0-9_\$]~\', \'\', $value);
  74. // Is it reserved?
  75. if ($value == \'sqlite_\')
  76. return $txt[\'error_db_prefix_reserved\'];
  77. // Is the prefix numeric?
  78. if (preg_match(\'~^\d~\', $value))
  79. return $txt[\'error_db_prefix_numeric\'];
  80. return true;
  81. '),
  82. ),
  83. );
  84. // Initialize everything and load the language files.
  85. initialize_inputs();
  86. load_lang_file();
  87. // This is what we are.
  88. $installurl = $_SERVER['PHP_SELF'];
  89. // This is where SMF is.
  90. $smfsite = 'http://www.simplemachines.org/smf';
  91. // All the steps in detail.
  92. // Number,Name,Function,Progress Weight.
  93. $incontext['steps'] = array(
  94. 0 => array(1, $txt['install_step_welcome'], 'Welcome', 0),
  95. 1 => array(2, $txt['install_step_writable'], 'CheckFilesWritable', 10),
  96. 2 => array(3, $txt['install_step_databaseset'], 'DatabaseSettings', 15),
  97. 3 => array(4, $txt['install_step_forum'], 'ForumSettings', 40),
  98. 4 => array(5, $txt['install_step_databasechange'], 'DatabasePopulation', 15),
  99. 5 => array(6, $txt['install_step_admin'], 'AdminAccount', 20),
  100. 6 => array(7, $txt['install_step_delete'], 'DeleteInstall', 0),
  101. );
  102. // Default title...
  103. $incontext['page_title'] = $txt['smf_installer'];
  104. // What step are we on?
  105. $incontext['current_step'] = isset($_GET['step']) ? (int) $_GET['step'] : 0;
  106. // Loop through all the steps doing each one as required.
  107. $incontext['overall_percent'] = 0;
  108. foreach ($incontext['steps'] as $num => $step)
  109. {
  110. if ($num >= $incontext['current_step'])
  111. {
  112. // The current weight of this step in terms of overall progress.
  113. $incontext['step_weight'] = $step[3];
  114. // Make sure we reset the skip button.
  115. $incontext['skip'] = false;
  116. // Call the step and if it returns false that means pause!
  117. if (function_exists($step[2]) && $step[2]() === false)
  118. break;
  119. elseif (function_exists($step[2]))
  120. $incontext['current_step']++;
  121. // No warnings pass on.
  122. $incontext['warning'] = '';
  123. }
  124. $incontext['overall_percent'] += $step[3];
  125. }
  126. // Actually do the template stuff.
  127. installExit();
  128. function initialize_inputs()
  129. {
  130. global $databases, $incontext;
  131. // Just so people using older versions of PHP aren't left in the cold.
  132. if (!isset($_SERVER['PHP_SELF']))
  133. $_SERVER['PHP_SELF'] = isset($GLOBALS['HTTP_SERVER_VARS']['PHP_SELF']) ? $GLOBALS['HTTP_SERVER_VARS']['PHP_SELF'] : 'install.php';
  134. // Turn off magic quotes runtime and enable error reporting.
  135. if (function_exists('set_magic_quotes_runtime'))
  136. @set_magic_quotes_runtime(0);
  137. error_reporting(E_ALL);
  138. // Fun. Low PHP version...
  139. if (!isset($_GET))
  140. {
  141. $GLOBALS['_GET']['step'] = 0;
  142. return;
  143. }
  144. if (!isset($_GET['obgz']))
  145. {
  146. ob_start();
  147. if (@ini_get('session.save_handler') == 'user')
  148. @ini_set('session.save_handler', 'files');
  149. if (function_exists('session_start'))
  150. @session_start();
  151. }
  152. else
  153. {
  154. ob_start('ob_gzhandler');
  155. if (@ini_get('session.save_handler') == 'user')
  156. @ini_set('session.save_handler', 'files');
  157. session_start();
  158. if (!headers_sent())
  159. echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
  160. <html xmlns="http://www.w3.org/1999/xhtml">
  161. <head>
  162. <title>', htmlspecialchars($_GET['pass_string']), '</title>
  163. </head>
  164. <body style="background-color: #d4d4d4; margin-top: 16%; text-align: center; font-size: 16pt;">
  165. <strong>', htmlspecialchars($_GET['pass_string']), '</strong>
  166. </body>
  167. </html>';
  168. exit;
  169. }
  170. // Are we calling the backup css file?
  171. if (isset($_GET['infile_css']))
  172. {
  173. header('Content-Type: text/css');
  174. template_css();
  175. exit;
  176. }
  177. // Anybody home?
  178. if (!isset($_GET['xml']))
  179. {
  180. $incontext['remote_files_available'] = false;
  181. $test = @fsockopen('www.simplemachines.org', 80, $errno, $errstr, 1);
  182. if ($test)
  183. $incontext['remote_files_available'] = true;
  184. @fclose($test);
  185. }
  186. // Add slashes, as long as they aren't already being added.
  187. if (!function_exists('get_magic_quotes_gpc') || @get_magic_quotes_gpc() == 0)
  188. foreach ($_POST as $k => $v)
  189. $_POST[$k] = addslashes($v);
  190. // This is really quite simple; if ?delete is on the URL, delete the installer...
  191. if (isset($_GET['delete']))
  192. {
  193. if (isset($_SESSION['installer_temp_ftp']))
  194. {
  195. $ftp = new ftp_connection($_SESSION['installer_temp_ftp']['server'], $_SESSION['installer_temp_ftp']['port'], $_SESSION['installer_temp_ftp']['username'], $_SESSION['installer_temp_ftp']['password']);
  196. $ftp->chdir($_SESSION['installer_temp_ftp']['path']);
  197. $ftp->unlink('install.php');
  198. $ftp->unlink('webinstall.php');
  199. foreach ($databases as $key => $dummy)
  200. $ftp->unlink('install_' . $GLOBALS['db_script_version'] . '_' . $key . '.sql');
  201. $ftp->close();
  202. unset($_SESSION['installer_temp_ftp']);
  203. }
  204. else
  205. {
  206. @unlink(__FILE__);
  207. @unlink(dirname(__FILE__) . '/webinstall.php');
  208. foreach ($databases as $key => $dummy)
  209. @unlink(dirname(__FILE__) . '/install_' . $GLOBALS['db_script_version'] . '_' . $key . '.sql');
  210. }
  211. // Now just redirect to a blank.gif...
  212. header('Location: http://' . (isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : $_SERVER['SERVER_NAME'] . ':' . $_SERVER['SERVER_PORT']) . dirname($_SERVER['PHP_SELF']) . '/Themes/default/images/blank.gif');
  213. exit;
  214. }
  215. // PHP 5 might cry if we don't do this now.
  216. if (function_exists('date_default_timezone_set'))
  217. {
  218. $server_offset = @mktime(0, 0, 0, 1, 1, 1970);
  219. date_default_timezone_set('Etc/GMT' . ($server_offset > 0 ? '+' : '') . ($server_offset / 3600));
  220. }
  221. // Force an integer step, defaulting to 0.
  222. $_GET['step'] = (int) @$_GET['step'];
  223. }
  224. // Load the list of language files, and the current language file.
  225. function load_lang_file()
  226. {
  227. global $txt, $incontext;
  228. $incontext['detected_languages'] = array();
  229. // Make sure the languages directory actually exists.
  230. if (file_exists(dirname(__FILE__) . '/Themes/default/languages'))
  231. {
  232. // Find all the "Install" language files in the directory.
  233. $dir = dir(dirname(__FILE__) . '/Themes/default/languages');
  234. while ($entry = $dir->read())
  235. {
  236. if (substr($entry, 0, 8) == 'Install.' && substr($entry, -4) == '.php')
  237. $incontext['detected_languages'][$entry] = ucfirst(substr($entry, 8, strlen($entry) - 12));
  238. }
  239. $dir->close();
  240. }
  241. // Didn't find any, show an error message!
  242. if (empty($incontext['detected_languages']))
  243. {
  244. // Let's not cache this message, eh?
  245. header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
  246. header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
  247. header('Cache-Control: no-cache');
  248. echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
  249. <html xmlns="http://www.w3.org/1999/xhtml">
  250. <head>
  251. <title>SMF Installer: Error!</title>
  252. </head>
  253. <body style="font-family: sans-serif;"><div style="width: 600px;">
  254. <h1 style="font-size: 14pt;">A critical error has occurred.</h1>
  255. <p>This installer was unable to find the installer\'s language file or files. They should be found under:</p>
  256. <div style="margin: 1ex; font-family: monospace; font-weight: bold;">', dirname($_SERVER['PHP_SELF']) != '/' ? dirname($_SERVER['PHP_SELF']) : '', '/Themes/default/languages</div>
  257. <p>In some cases, FTP clients do not properly upload files with this many folders. Please double check to make sure you <span style="font-weight: 600;">have uploaded all the files in the distribution</span>.</p>
  258. <p>If that doesn\'t help, please make sure this install.php file is in the same place as the Themes folder.</p>
  259. <p>If you continue to get this error message, feel free to <a href="http://support.simplemachines.org/">look to us for support</a>.</p>
  260. </div></body>
  261. </html>';
  262. die;
  263. }
  264. // Override the language file?
  265. if (isset($_GET['lang_file']))
  266. $_SESSION['installer_temp_lang'] = $_GET['lang_file'];
  267. elseif (isset($GLOBALS['HTTP_GET_VARS']['lang_file']))
  268. $_SESSION['installer_temp_lang'] = $GLOBALS['HTTP_GET_VARS']['lang_file'];
  269. // Make sure it exists, if it doesn't reset it.
  270. if (!isset($_SESSION['installer_temp_lang']) || preg_match('~[^\\w_\\-.]~', $_SESSION['installer_temp_lang']) === 1 || !file_exists(dirname(__FILE__) . '/Themes/default/languages/' . $_SESSION['installer_temp_lang']))
  271. {
  272. // Use the first one...
  273. list ($_SESSION['installer_temp_lang']) = array_keys($incontext['detected_languages']);
  274. // If we have english and some other language, use the other language. We Americans hate english :P.
  275. if ($_SESSION['installer_temp_lang'] == 'Install.english.php' && count($incontext['detected_languages']) > 1)
  276. list (, $_SESSION['installer_temp_lang']) = array_keys($incontext['detected_languages']);
  277. }
  278. // And now include the actual language file itself.
  279. require_once(dirname(__FILE__) . '/Themes/default/languages/' . $_SESSION['installer_temp_lang']);
  280. }
  281. // This handy function loads some settings and the like.
  282. function load_database()
  283. {
  284. global $db_prefix, $db_connection, $db_character_set, $sourcedir, $language;
  285. global $smcFunc, $mbname, $scripturl, $boardurl, $modSettings, $db_type, $db_name, $db_user;
  286. if (empty($sourcedir))
  287. $sourcedir = dirname(__FILE__) . '/Sources';
  288. // Need this to check whether we need the database password.
  289. require(dirname(__FILE__) . '/Settings.php');
  290. if (!defined('SMF'))
  291. define('SMF', 1);
  292. if (empty($smcFunc))
  293. $smcFunc = array();
  294. $modSettings['disableQueryCheck'] = true;
  295. // Connect the database.
  296. if (!$db_connection)
  297. {
  298. require_once($sourcedir . '/Subs-Db-' . $db_type . '.php');
  299. if (@version_compare(PHP_VERSION, '5') == -1)
  300. require_once($sourcedir . '/Subs-Compat.php');
  301. if (!$db_connection)
  302. $db_connection = smf_db_initiate($db_server, $db_name, $db_user, $db_passwd, $db_prefix, array('persist' => $db_persist));
  303. }
  304. }
  305. // This is called upon exiting the installer, for template etc.
  306. function installExit($fallThrough = false)
  307. {
  308. global $incontext, $installurl, $txt;
  309. // Send character set.
  310. header('Content-Type: text/html; charset=' . (isset($txt['lang_character_set']) ? $txt['lang_character_set'] : 'ISO-8859-1'));
  311. // We usually dump our templates out.
  312. if (!$fallThrough)
  313. {
  314. // The top install bit.
  315. template_install_above();
  316. // Call the template.
  317. if (isset($incontext['sub_template']))
  318. {
  319. $incontext['form_url'] = $installurl . '?step=' . $incontext['current_step'];
  320. call_user_func('template_' . $incontext['sub_template']);
  321. }
  322. //!!! REMOVE THIS!!
  323. else
  324. {
  325. if (function_exists('doStep' . $_GET['step']))
  326. call_user_func('doStep' . $_GET['step']);
  327. }
  328. // Show the footer.
  329. template_install_below();
  330. }
  331. // Bang - gone!
  332. die();
  333. }
  334. function Welcome()
  335. {
  336. global $incontext, $txt, $databases, $installurl;
  337. $incontext['page_title'] = $txt['install_welcome'];
  338. $incontext['sub_template'] = 'welcome_message';
  339. // Done the submission?
  340. if (isset($_POST['contbutt']))
  341. return true;
  342. // Check the PHP version.
  343. if ((!function_exists('version_compare') || version_compare($GLOBALS['required_php_version'], PHP_VERSION) > 0))
  344. {
  345. $incontext['warning'] = $txt['error_php_too_low'];
  346. }
  347. // See if we think they have already installed it?
  348. if (is_readable(dirname(__FILE__) . '/Settings.php'))
  349. {
  350. $probably_installed = 0;
  351. foreach (file(dirname(__FILE__) . '/Settings.php') as $line)
  352. {
  353. if (preg_match('~^\$db_passwd\s=\s\'([^\']+)\';$~', $line))
  354. $probably_installed++;
  355. if (preg_match('~^\$boardurl\s=\s\'([^\']+)\';~', $line) && !preg_match('~^\$boardurl\s=\s\'http://127\.0\.0\.1/smf\';~', $line))
  356. $probably_installed++;
  357. }
  358. if ($probably_installed == 2)
  359. $incontext['warning'] = $txt['error_already_installed'];
  360. }
  361. // Is some database support even compiled in?
  362. $incontext['supported_databases'] = array();
  363. foreach ($databases as $key => $db)
  364. {
  365. if ($db['supported'])
  366. {
  367. if (!file_exists(dirname(__FILE__) . '/install_' . $GLOBALS['db_script_version'] . '_' . $key . '.sql'))
  368. {
  369. $databases[$key]['supported'] = false;
  370. $notFoundSQLFile = true;
  371. $txt['error_db_script_missing'] = sprintf($txt['error_db_script_missing'], 'install_' . $GLOBALS['db_script_version'] . '_' . $key . '.sql');
  372. }
  373. else
  374. {
  375. $db_type = $key;
  376. $incontext['supported_databases'][] = $db;
  377. }
  378. }
  379. }
  380. if (empty($incontext['supported_databases']))
  381. $error = empty($notFoundSQLFile) ? 'error_db_missing' : 'error_db_script_missing';
  382. // How about session support? Some crazy sysadmin remove it?
  383. elseif (!function_exists('session_start'))
  384. $error = 'error_session_missing';
  385. // Make sure they uploaded all the files.
  386. elseif (!file_exists(dirname(__FILE__) . '/index.php'))
  387. $error = 'error_missing_files';
  388. // Very simple check on the session.save_path for Windows.
  389. // !!! Move this down later if they don't use database-driven sessions?
  390. elseif (@ini_get('session.save_path') == '/tmp' && substr(__FILE__, 1, 2) == ':\\')
  391. $error = 'error_session_save_path';
  392. // Since each of the three messages would look the same, anyway...
  393. if (isset($error))
  394. $incontext['error'] = $txt[$error];
  395. // Mod_security blocks everything that smells funny. Let SMF handle security.
  396. if (!fixModSecurity() && !isset($_GET['overmodsecurity']))
  397. $incontext['error'] = $txt['error_mod_security'] . '<br /><br /><a href="' . $installurl . '?overmodsecurity=true">' . $txt['error_message_click'] . '</a> ' . $txt['error_message_bad_try_again'];
  398. return false;
  399. }
  400. function CheckFilesWritable()
  401. {
  402. global $txt, $incontext;
  403. $incontext['page_title'] = $txt['ftp_checking_writable'];
  404. $incontext['sub_template'] = 'chmod_files';
  405. $writable_files = array(
  406. 'attachments',
  407. 'avatars',
  408. 'cache',
  409. 'Packages',
  410. 'Packages/installed.list',
  411. 'Smileys',
  412. 'Themes',
  413. 'agreement.txt',
  414. 'Settings.php',
  415. 'Settings_bak.php'
  416. );
  417. $extra_files = array(
  418. 'Themes/classic/index.template.php',
  419. 'Themes/classic/style.css'
  420. );
  421. foreach ($incontext['detected_languages'] as $lang => $temp)
  422. $extra_files[] = 'Themes/default/languages/' . $lang;
  423. // With mod_security installed, we could attempt to fix it with .htaccess.
  424. if (function_exists('apache_get_modules') && in_array('mod_security', apache_get_modules()))
  425. $writable_files[] = file_exists(dirname(__FILE__) . '/.htaccess') ? '.htaccess' : '.';
  426. $failed_files = array();
  427. // On linux, it's easy - just use is_writable!
  428. if (substr(__FILE__, 1, 2) != ':\\')
  429. {
  430. foreach ($writable_files as $file)
  431. {
  432. if (!is_writable(dirname(__FILE__) . '/' . $file))
  433. {
  434. @chmod(dirname(__FILE__) . '/' . $file, 0755);
  435. // Well, 755 hopefully worked... if not, try 777.
  436. if (!is_writable(dirname(__FILE__) . '/' . $file) && !@chmod(dirname(__FILE__) . '/' . $file, 0777))
  437. $failed_files[] = $file;
  438. }
  439. }
  440. foreach ($extra_files as $file)
  441. @chmod(dirname(__FILE__) . (empty($file) ? '' : '/' . $file), 0777);
  442. }
  443. // Windows is trickier. Let's try opening for r+...
  444. else
  445. {
  446. foreach ($writable_files as $file)
  447. {
  448. // Folders can't be opened for write... but the index.php in them can ;)
  449. if (is_dir(dirname(__FILE__) . '/' . $file))
  450. $file .= '/index.php';
  451. // Funny enough, chmod actually does do something on windows - it removes the read only attribute.
  452. @chmod(dirname(__FILE__) . '/' . $file, 0777);
  453. $fp = @fopen(dirname(__FILE__) . '/' . $file, 'r+');
  454. // Hmm, okay, try just for write in that case...
  455. if (!is_resource($fp))
  456. $fp = @fopen(dirname(__FILE__) . '/' . $file, 'w');
  457. if (!is_resource($fp))
  458. $failed_files[] = $file;
  459. @fclose($fp);
  460. }
  461. foreach ($extra_files as $file)
  462. @chmod(dirname(__FILE__) . (empty($file) ? '' : '/' . $file), 0777);
  463. }
  464. $failure = count($failed_files) >= 1;
  465. if (!isset($_SERVER))
  466. return !$failure;
  467. // Put the list into context.
  468. $incontext['failed_files'] = $failed_files;
  469. // It's not going to be possible to use FTP on windows to solve the problem...
  470. if ($failure && substr(__FILE__, 1, 2) == ':\\')
  471. {
  472. $incontext['error'] = $txt['error_windows_chmod'] . '
  473. <ul style="margin: 2.5ex; font-family: monospace;">
  474. <li>' . implode('</li>
  475. <li>', $failed_files) . '</li>
  476. </ul>';
  477. return false;
  478. }
  479. // We're going to have to use... FTP!
  480. elseif ($failure)
  481. {
  482. // Load any session data we might have...
  483. if (!isset($_POST['ftp_username']) && isset($_SESSION['installer_temp_ftp']))
  484. {
  485. $_POST['ftp_server'] = $_SESSION['installer_temp_ftp']['server'];
  486. $_POST['ftp_port'] = $_SESSION['installer_temp_ftp']['port'];
  487. $_POST['ftp_username'] = $_SESSION['installer_temp_ftp']['username'];
  488. $_POST['ftp_password'] = $_SESSION['installer_temp_ftp']['password'];
  489. $_POST['ftp_path'] = $_SESSION['installer_temp_ftp']['path'];
  490. }
  491. $incontext['ftp_errors'] = array();
  492. if (isset($_POST['ftp_username']))
  493. {
  494. $ftp = new ftp_connection($_POST['ftp_server'], $_POST['ftp_port'], $_POST['ftp_username'], $_POST['ftp_password']);
  495. if ($ftp->error === false)
  496. {
  497. // Try it without /home/abc just in case they messed up.
  498. if (!$ftp->chdir($_POST['ftp_path']))
  499. {
  500. $incontext['ftp_errors'][] = $ftp->last_message;
  501. $ftp->chdir(preg_replace('~^/home[2]?/[^/]+?~', '', $_POST['ftp_path']));
  502. }
  503. }
  504. }
  505. if (!isset($ftp) || $ftp->error !== false)
  506. {
  507. if (!isset($ftp))
  508. $ftp = new ftp_connection(null);
  509. // Save the error so we can mess with listing...
  510. elseif ($ftp->error !== false && empty($incontext['ftp_errors']) && !empty($ftp->last_message))
  511. $incontext['ftp_errors'][] = $ftp->last_message;
  512. list ($username, $detect_path, $found_path) = $ftp->detect_path(dirname(__FILE__));
  513. if (empty($_POST['ftp_path']) && $found_path)
  514. $_POST['ftp_path'] = $detect_path;
  515. if (!isset($_POST['ftp_username']))
  516. $_POST['ftp_username'] = $username;
  517. // Set the username etc, into context.
  518. $incontext['ftp'] = array(
  519. 'server' => isset($_POST['ftp_server']) ? $_POST['ftp_server'] : 'localhost',
  520. 'port' => isset($_POST['ftp_port']) ? $_POST['ftp_port'] : '21',
  521. 'username' => isset($_POST['ftp_username']) ? $_POST['ftp_username'] : '',
  522. 'path' => isset($_POST['ftp_path']) ? $_POST['ftp_path'] : '/',
  523. 'path_msg' => !empty($found_path) ? $txt['ftp_path_found_info'] : $txt['ftp_path_info'],
  524. );
  525. return false;
  526. }
  527. else
  528. {
  529. $_SESSION['installer_temp_ftp'] = array(
  530. 'server' => $_POST['ftp_server'],
  531. 'port' => $_POST['ftp_port'],
  532. 'username' => $_POST['ftp_username'],
  533. 'password' => $_POST['ftp_password'],
  534. 'path' => $_POST['ftp_path']
  535. );
  536. $failed_files_updated = array();
  537. foreach ($failed_files as $file)
  538. {
  539. if (!is_writable(dirname(__FILE__) . '/' . $file))
  540. $ftp->chmod($file, 0755);
  541. if (!is_writable(dirname(__FILE__) . '/' . $file))
  542. $ftp->chmod($file, 0777);
  543. if (!is_writable(dirname(__FILE__) . '/' . $file))
  544. {
  545. $failed_files_updated[] = $file;
  546. $incontext['ftp_errors'][] = rtrim($ftp->last_message) . ' -> ' . $file . "\n";
  547. }
  548. }
  549. $ftp->close();
  550. // Are there any errors left?
  551. if (count($failed_files_updated) >= 1)
  552. {
  553. // Guess there are...
  554. $incontext['failed_files'] = $failed_files_updated;
  555. // Set the username etc, into context.
  556. $incontext['ftp'] = $_SESSION['installer_temp_ftp'] += array(
  557. 'path_msg' => $txt['ftp_path_info'],
  558. );
  559. return false;
  560. }
  561. }
  562. }
  563. return true;
  564. }
  565. function DatabaseSettings()
  566. {
  567. global $txt, $databases, $incontext, $smcFunc;
  568. $incontext['sub_template'] = 'database_settings';
  569. $incontext['page_title'] = $txt['db_settings'];
  570. $incontext['continue'] = 1;
  571. // Set up the defaults.
  572. $incontext['db']['server'] = 'localhost';
  573. $incontext['db']['user'] = '';
  574. $incontext['db']['name'] = '';
  575. $incontext['db']['pass'] = '';
  576. $incontext['db']['type'] = '';
  577. $incontext['supported_databases'] = array();
  578. $foundOne = false;
  579. foreach ($databases as $key => $db)
  580. {
  581. // Override with the defaults for this DB if appropriate.
  582. if ($db['supported'])
  583. {
  584. $incontext['supported_databases'][$key] = $db;
  585. if (!$foundOne)
  586. {
  587. if (isset($db['default_host']))
  588. $incontext['db']['server'] = @ini_get($db['default_host']) or $incontext['db']['server'] = 'localhost';
  589. if (isset($db['default_user']))
  590. {
  591. $incontext['db']['user'] = @ini_get($db['default_user']);
  592. $incontext['db']['name'] = @ini_get($db['default_user']);
  593. }
  594. if (isset($db['default_password']))
  595. $incontext['db']['pass'] = @ini_get($db['default_password']);
  596. if (isset($db['default_port']))
  597. $db_port = @ini_get($db['default_port']);
  598. $incontext['db']['type'] = $key;
  599. $foundOne = true;
  600. }
  601. }
  602. }
  603. // Override for repost.
  604. if (isset($_POST['db_user']))
  605. {
  606. $incontext['db']['user'] = $_POST['db_user'];
  607. $incontext['db']['name'] = $_POST['db_type'] == 'sqlite' && isset($_POST['db_filename']) ? $_POST['db_filename'] : $_POST['db_name'];
  608. $incontext['db']['server'] = $_POST['db_server'];
  609. $incontext['db']['prefix'] = $_POST['db_prefix'];
  610. }
  611. else
  612. $incontext['db']['prefix'] = 'smf_';
  613. // Should we use a non standard port?
  614. if (!empty($db_port))
  615. $incontext['db']['server'] .= ':' . $db_port;
  616. // Are we submitting?
  617. if (isset($_POST['db_type']))
  618. {
  619. if (isset($_POST['db_filename']))
  620. {
  621. // You better enter enter a database name for SQLite.
  622. if (trim($_POST['db_filename']) == '')
  623. {
  624. $incontext['error'] = $txt['error_db_filename'];
  625. return false;
  626. }
  627. // Duplicate name in the same dir? Can't do that with SQLite. Weird things happen.
  628. if (file_exists($_POST['db_filename'] . (substr($_POST['db_filename'], -3) != '.db' ? '.db' : '')))
  629. {
  630. $incontext['error'] = $txt['error_db_filename_exists'];
  631. return false;
  632. }
  633. }
  634. // What type are they trying?
  635. $db_type = preg_replace('~[^A-Za-z0-9]~', '', $_POST['db_type']);
  636. $db_prefix = $_POST['db_prefix'];
  637. // Validate the prefix.
  638. $valid_prefix = $databases[$db_type]['validate_prefix']($db_prefix);
  639. if ($valid_prefix !== true)
  640. {
  641. $incontext['error'] = $valid_prefix;
  642. return false;
  643. }
  644. // Take care of these variables...
  645. $vars = array(
  646. 'db_type' => $db_type,
  647. 'db_name' => $_POST['db_type'] == 'sqlite' && isset($_POST['db_filename']) ? $_POST['db_filename'] : $_POST['db_name'],
  648. 'db_user' => $_POST['db_user'],
  649. 'db_passwd' => isset($_POST['db_passwd']) ? $_POST['db_passwd'] : '',
  650. 'db_server' => $_POST['db_server'],
  651. 'db_prefix' => $db_prefix,
  652. // The cookiename is special; we want it to be the same if it ever needs to be reinstalled with the same info.
  653. 'cookiename' => 'SMFCookie' . abs(crc32($_POST['db_name'] . preg_replace('~[^A-Za-z0-9_$]~', '', $_POST['db_prefix'])) % 1000),
  654. );
  655. // God I hope it saved!
  656. if (!updateSettingsFile($vars) && substr(__FILE__, 1, 2) == ':\\')
  657. {
  658. $incontext['error'] = $txt['error_windows_chmod'];
  659. return false;
  660. }
  661. // Make sure it works.
  662. require(dirname(__FILE__) . '/Settings.php');
  663. if (empty($sourcedir))
  664. $sourcedir = dirname(__FILE__) . '/Sources';
  665. // Better find the database file!
  666. if (!file_exists($sourcedir . '/Subs-Db-' . $db_type . '.php'))
  667. {
  668. $incontext['error'] = sprintf($txt['error_db_file'], 'Subs-Db-' . $db_type . '.php');
  669. return false;
  670. }
  671. // Now include it for database functions!
  672. define('SMF', 1);
  673. $modSettings['disableQueryCheck'] = true;
  674. if (empty($smcFunc))
  675. $smcFunc = array();
  676. require_once($sourcedir . '/Subs-Db-' . $db_type . '.php');
  677. // What - running PHP4? The shame!
  678. if (@version_compare(PHP_VERSION, '5') == -1)
  679. require_once($sourcedir . '/Subs-Compat.php');
  680. // Attempt a connection.
  681. $needsDB = !empty($databases[$db_type]['always_has_db']);
  682. $db_connection = smf_db_initiate($db_server, $db_name, $db_user, $db_passwd, $db_prefix, array('non_fatal' => true, 'dont_select_db' => !$needsDB));
  683. // No dice? Let's try adding the prefix they specified, just in case they misread the instructions ;)
  684. if ($db_connection == null)
  685. {
  686. $db_error = @$smcFunc['db_error']();
  687. $db_connection = smf_db_initiate($db_server, $db_name, $_POST['db_prefix'] . $db_user, $db_passwd, $db_prefix, array('non_fatal' => true, 'dont_select_db' => !$needsDB));
  688. if ($db_connection != null)
  689. {
  690. $db_user = $_POST['db_prefix'] . $db_user;
  691. updateSettingsFile(array('db_user' => $db_user));
  692. }
  693. }
  694. // Still no connection? Big fat error message :P.
  695. if (!$db_connection)
  696. {
  697. $incontext['error'] = $txt['error_db_connect'] . '<div style="margin: 2.5ex; font-family: monospace;"><strong>' . $db_error . '</strong></div>';
  698. return false;
  699. }
  700. // Do they meet the install requirements?
  701. // !!! Old client, new server?
  702. if (version_compare($databases[$db_type]['version'], preg_replace('~^\D*|\-.+?$~', '', eval($databases[$db_type]['version_check']))) > 0)
  703. {
  704. $incontext['error'] = $txt['error_db_too_low'];
  705. return false;
  706. }
  707. // Let's try that database on for size... assuming we haven't already lost the opportunity.
  708. if ($db_name != '' && !$needsDB)
  709. {
  710. $smcFunc['db_query']('', "
  711. CREATE DATABASE IF NOT EXISTS `$db_name`",
  712. array(
  713. 'security_override' => true,
  714. 'db_error_skip' => true,
  715. ),
  716. $db_connection
  717. );
  718. // Okay, let's try the prefix if it didn't work...
  719. if (!$smcFunc['db_select_db']($db_name, $db_connection) && $db_name != '')
  720. {
  721. $smcFunc['db_query']('', "
  722. CREATE DATABASE IF NOT EXISTS `$_POST[db_prefix]$db_name`",
  723. array(
  724. 'security_override' => true,
  725. 'db_error_skip' => true,
  726. ),
  727. $db_connection
  728. );
  729. if ($smcFunc['db_select_db']($_POST['db_prefix'] . $db_name, $db_connection))
  730. {
  731. $db_name = $_POST['db_prefix'] . $db_name;
  732. updateSettingsFile(array('db_name' => $db_name));
  733. }
  734. }
  735. // Okay, now let's try to connect...
  736. if (!$smcFunc['db_select_db']($db_name, $db_connection))
  737. {
  738. $incontext['error'] = sprintf($txt['error_db_database'], $db_name);
  739. return false;
  740. }
  741. }
  742. return true;
  743. }
  744. return false;
  745. }
  746. // Let's start with basic forum type settings.
  747. function ForumSettings()
  748. {
  749. global $txt, $incontext, $databases, $smcFunc, $db_connection, $db_type;
  750. $incontext['sub_template'] = 'forum_settings';
  751. $incontext['page_title'] = $txt['install_settings'];
  752. // Let's see if we got the database type correct.
  753. if (isset($_POST['db_type'], $databases[$_POST['db_type']]))
  754. $db_type = $_POST['db_type'];
  755. // Else we'd better be able to get the connection.
  756. else
  757. load_database();
  758. $db_type = isset($_POST['db_type']) ? $_POST['db_type'] : $db_type;
  759. // What host and port are we on?
  760. $host = empty($_SERVER['HTTP_HOST']) ? $_SERVER['SERVER_NAME'] . (empty($_SERVER['SERVER_PORT']) || $_SERVER['SERVER_PORT'] == '80' ? '' : ':' . $_SERVER['SERVER_PORT']) : $_SERVER['HTTP_HOST'];
  761. // Now, to put what we've learned together... and add a path.
  762. $incontext['detected_url'] = 'http' . (!empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on' ? 's' : '') . '://' . $host . substr($_SERVER['PHP_SELF'], 0, strrpos($_SERVER['PHP_SELF'], '/'));
  763. // Check if the database sessions will even work.
  764. $incontext['test_dbsession'] = @ini_get('session.auto_start') != 1 && @version_compare(PHP_VERSION, '4.2.0') != -1;
  765. $incontext['utf8_should_work'] = strpos(strtolower(PHP_OS), 'win') === false || @version_compare(PHP_VERSION, '4.2.3') != -1;
  766. $incontext['utf8_default'] = $databases[$db_type]['utf8_default'];
  767. $incontext['utf8_required'] = $databases[$db_type]['utf8_required'];
  768. $incontext['continue'] = 1;
  769. // Submitting?
  770. if (isset($_POST['boardurl']))
  771. {
  772. if (substr($_POST['boardurl'], -10) == '/index.php')
  773. $_POST['boardurl'] = substr($_POST['boardurl'], 0, -10);
  774. elseif (substr($_POST['boardurl'], -1) == '/')
  775. $_POST['boardurl'] = substr($_POST['boardurl'], 0, -1);
  776. if (substr($_POST['boardurl'], 0, 7) != 'http://' && substr($_POST['boardurl'], 0, 7) != 'file://' && substr($_POST['boardurl'], 0, 8) != 'https://')
  777. $_POST['boardurl'] = 'http://' . $_POST['boardurl'];
  778. // Save these variables.
  779. $vars = array(
  780. 'boardurl' => $_POST['boardurl'],
  781. 'boarddir' => addslashes(dirname(__FILE__)),
  782. 'sourcedir' => addslashes(dirname(__FILE__)) . '/Sources',
  783. 'cachedir' => addslashes(dirname(__FILE__)) . '/cache',
  784. 'mbname' => strtr($_POST['mbname'], array('\"' => '"')),
  785. 'language' => substr($_SESSION['installer_temp_lang'], 8, -4),
  786. );
  787. // Must save!
  788. if (!updateSettingsFile($vars) && substr(__FILE__, 1, 2) == ':\\')
  789. {
  790. $incontext['error'] = $txt['error_windows_chmod'];
  791. return false;
  792. }
  793. // Make sure it works.
  794. require(dirname(__FILE__) . '/Settings.php');
  795. // UTF-8 requires a setting to override the language charset.
  796. if (isset($_POST['utf8']) && !empty($databases[$db_type]['utf8_support']))
  797. {
  798. if (version_compare($databases[$db_type]['utf8_version'], preg_replace('~\-.+?$~', '', eval($databases[$db_type]['utf8_version_check']))) > 0)
  799. {
  800. $incontext['error'] = sprintf($txt['error_utf8_version'], $databases[$db_type]['utf8_version']);
  801. return false;
  802. }
  803. else
  804. // Set the character set here.
  805. updateSettingsFile(array('db_character_set' => 'utf8'));
  806. }
  807. // Good, skip on.
  808. return true;
  809. }
  810. return false;
  811. }
  812. // Step one: Do the SQL thang.
  813. function DatabasePopulation()
  814. {
  815. global $db_character_set, $txt, $db_connection, $smcFunc, $databases, $modSettings, $db_type, $sourcedir, $db_prefix, $incontext, $db_name, $boardurl;
  816. $incontext['sub_template'] = 'populate_database';
  817. $incontext['page_title'] = $txt['db_populate'];
  818. $incontext['continue'] = 1;
  819. // Already done?
  820. if (isset($_POST['pop_done']))
  821. return true;
  822. // Reload settings.
  823. require(dirname(__FILE__) . '/Settings.php');
  824. load_database();
  825. // Before running any of the queries, let's make sure another version isn't already installed.
  826. $result = $smcFunc['db_query']('', '
  827. SELECT variable, value
  828. FROM {db_prefix}settings',
  829. array(
  830. 'db_error_skip' => true,
  831. )
  832. );
  833. $modSettings = array();
  834. if ($result !== false)
  835. {
  836. while ($row = $smcFunc['db_fetch_assoc']($result))
  837. $modSettings[$row['variable']] = $row['value'];
  838. $smcFunc['db_free_result']($result);
  839. // Do they match? If so, this is just a refresh so charge on!
  840. if (!isset($modSettings['smfVersion']) || $modSettings['smfVersion'] != $GLOBALS['current_smf_version'])
  841. {
  842. $incontext['error'] = $txt['error_versions_do_not_match'];
  843. return false;
  844. }
  845. }
  846. // If doing UTF8, select it. PostgreSQL requires passing it as a string...
  847. if (!empty($db_character_set) && $db_character_set == 'utf8' && !empty($databases[$db_type]['utf8_support']))
  848. $smcFunc['db_query']('', '
  849. SET NAMES {'. ($db_type == 'postgresql' ? 'string' : 'raw') . ':utf8}',
  850. array(
  851. 'db_error_skip' => true,
  852. 'utf8' => 'utf8',
  853. )
  854. );
  855. $replaces = array(
  856. '{$db_prefix}' => $db_prefix,
  857. '{$boarddir}' => $smcFunc['db_escape_string'](dirname(__FILE__)),
  858. '{$boardurl}' => $boardurl,
  859. '{$enableCompressedOutput}' => isset($_POST['compress']) ? '1' : '0',
  860. '{$databaseSession_enable}' => isset($_POST['dbsession']) ? '1' : '0',
  861. '{$smf_version}' => $GLOBALS['current_smf_version'],
  862. '{$current_time}' => time(),
  863. '{$sched_task_offset}' => 82800 + mt_rand(0, 86399),
  864. );
  865. foreach ($txt as $key => $value)
  866. {
  867. if (substr($key, 0, 8) == 'default_')
  868. $replaces['{$' . $key . '}'] = $smcFunc['db_escape_string']($value);
  869. }
  870. $replaces['{$default_reserved_names}'] = strtr($replaces['{$default_reserved_names}'], array('\\\\n' => '\\n'));
  871. // If the UTF-8 setting was enabled, add it to the table definitions.
  872. //!!! Very MySQL specific still
  873. if ($db_type == 'mysql' && isset($_POST['utf8']) && !empty($databases[$db_type]['utf8_support']))
  874. $replaces[') ENGINE=MyISAM;'] = ') ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_general_ci;';
  875. // Read in the SQL. Turn this on and that off... internationalize... etc.
  876. $sql_lines = explode("\n", strtr(implode(' ', file(dirname(__FILE__) . '/install_' . $GLOBALS['db_script_version'] . '_' . $db_type . '.sql')), $replaces));
  877. // Execute the SQL.
  878. $current_statement = '';
  879. $exists = array();
  880. $incontext['failures'] = array();
  881. $incontext['sql_results'] = array(
  882. 'tables' => 0,
  883. 'inserts' => 0,
  884. 'table_dups' => 0,
  885. 'insert_dups' => 0,
  886. );
  887. foreach ($sql_lines as $count => $line)
  888. {
  889. // No comments allowed!
  890. if (substr(trim($line), 0, 1) != '#')
  891. $current_statement .= "\n" . rtrim($line);
  892. // Is this the end of the query string?
  893. if (empty($current_statement) || (preg_match('~;[\s]*$~s', $line) == 0 && $count != count($sql_lines)))
  894. continue;
  895. // Does this table already exist? If so, don't insert more data into it!
  896. if (preg_match('~^\s*INSERT INTO ([^\s\n\r]+?)~', $current_statement, $match) != 0 && in_array($match[1], $exists))
  897. {
  898. $incontext['sql_results']['insert_dups']++;
  899. $current_statement = '';
  900. continue;
  901. }
  902. if ($smcFunc['db_query']('', $current_statement, array('security_override' => true, 'db_error_skip' => true), $db_connection) === false)
  903. {
  904. // Error 1050: Table already exists!
  905. //!!! Needs to be made better!
  906. if (($db_type != 'mysql' || mysql_errno($db_connection) === 1050) && preg_match('~^\s*CREATE TABLE ([^\s\n\r]+?)~', $current_statement, $match) == 1)
  907. {
  908. $exists[] = $match[1];
  909. $incontext['sql_results']['table_dups']++;
  910. }
  911. // Don't error on duplicate indexes (or duplicate operators in PostgreSQL.)
  912. elseif (!preg_match('~^\s*CREATE( UNIQUE)? INDEX ([^\n\r]+?)~', $current_statement, $match) && !($db_type == 'postgresql' && preg_match('~^\s*CREATE OPERATOR (^\n\r]+?)~', $current_statement, $match)))
  913. {
  914. $incontext['failures'][$count] = $smcFunc['db_error']();
  915. }
  916. }
  917. else
  918. {
  919. if (preg_match('~^\s*CREATE TABLE ([^\s\n\r]+?)~', $current_statement, $match) == 1)
  920. $incontext['sql_results']['tables']++;
  921. else
  922. {
  923. preg_match_all('~\)[,;]~', $current_statement, $matches);
  924. if (!empty($matches[0]))
  925. $incontext['sql_results']['inserts'] += count($matches[0]);
  926. else
  927. $incontext['sql_results']['inserts']++;
  928. }
  929. }
  930. $current_statement = '';
  931. }
  932. // Sort out the context for the SQL.
  933. foreach ($incontext['sql_results'] as $key => $number)
  934. {
  935. if ($number == 0)
  936. unset($incontext['sql_results'][$key]);
  937. else
  938. $incontext['sql_results'][$key] = sprintf($txt['db_populate_' . $key], $number);
  939. }
  940. // Make sure UTF will be used globally.
  941. if (isset($_POST['utf8']) && !empty($databases[$db_type]['utf8_support']))
  942. $smcFunc['db_insert']('replace',
  943. $db_prefix . 'settings',
  944. array(
  945. 'variable' => 'string-255', 'value' => 'string-65534',
  946. ),
  947. array(
  948. 'global_character_set', 'UTF-8',
  949. ),
  950. array('variable')
  951. );
  952. // Maybe we can auto-detect better cookie settings?
  953. preg_match('~^http[s]?://([^\.]+?)([^/]*?)(/.*)?$~', $boardurl, $matches);
  954. if (!empty($matches))
  955. {
  956. // Default = both off.
  957. $localCookies = false;
  958. $globalCookies = false;
  959. // Okay... let's see. Using a subdomain other than www.? (not a perfect check.)
  960. if ($matches[2] != '' && (strpos(substr($matches[2], 1), '.') === false || in_array($matches[1], array('forum', 'board', 'community', 'forums', 'support', 'chat', 'help', 'talk', 'boards', 'www'))))
  961. $globalCookies = true;
  962. // If there's a / in the middle of the path, or it starts with ~... we want local.
  963. if (isset($matches[3]) && strlen($matches[3]) > 3 && (substr($matches[3], 0, 2) == '/~' || strpos(substr($matches[3], 1), '/') !== false))
  964. $localCookies = true;
  965. $rows = array();
  966. if ($globalCookies)
  967. $rows[] = array('globalCookies', '1');
  968. if ($localCookies)
  969. $rows[] = array('localCookies', '1');
  970. if (!empty($rows))
  971. {
  972. $smcFunc['db_insert']('replace',
  973. $db_prefix . 'settings',
  974. array('variable' => 'string-255', 'value' => 'string-65534'),
  975. $rows,
  976. array('variable')
  977. );
  978. }
  979. }
  980. // Are we allowing stat collection?
  981. if (isset($_POST['stats']) && substr($_POST['boardurl'], 0, 16) != 'http://localhost')
  982. {
  983. // Attempt to register the site etc.
  984. $fp = @fsockopen("www.simplemachines.org", 80, $errno, $errstr);
  985. if ($fp)
  986. {
  987. $out = "GET /smf/stats/register_stats.php?site=" . base64_encode($_POST['boardurl']) . " HTTP/1.1\r\n";
  988. $out .= "Host: www.simplemachines.org\r\n";
  989. $out .= "Connection: Close\r\n\r\n";
  990. fwrite($fp, $out);
  991. $return_data = '';
  992. while (!feof($fp))
  993. $return_data .= fgets($fp, 128);
  994. fclose($fp);
  995. // Get the unique site ID.
  996. preg_match('~SITE-ID:\s(\w{10})~', $return_data, $ID);
  997. if (!empty($ID[1]))
  998. $smcFunc['db_insert']('',
  999. $db_prefix . 'settings',
  1000. array(
  1001. 'variable' => 'string-255', 'value' => 'string-65534',
  1002. ),
  1003. array(
  1004. 'allow_sm_stats', $ID[1],
  1005. ),
  1006. array('variable')
  1007. );
  1008. }
  1009. }
  1010. // As of PHP 5.1, setting a timezone is required.
  1011. if (!isset($modSettings['default_timezone']) && function_exists('date_default_timezone_set'))
  1012. {
  1013. $server_offset = mktime(0, 0, 0, 1, 1, 1970);
  1014. $timezone_id = 'Etc/GMT' . ($server_offset > 0 ? '+' : '') . ($server_offset / 3600);
  1015. if (date_default_timezone_set($timezone_id))
  1016. $smcFunc['db_insert']('',
  1017. $db_prefix . 'settings',
  1018. array(
  1019. 'variable' => 'string-255', 'value' => 'string-65534',
  1020. ),
  1021. array(
  1022. 'default_timezone', $timezone_id,
  1023. ),
  1024. array('variable')
  1025. );
  1026. }
  1027. // Let's optimize those new tables.
  1028. db_extend();
  1029. $tables = $smcFunc['db_list_tables']($db_name, $db_prefix . '%');
  1030. foreach ($tables as $table)
  1031. {
  1032. $smcFunc['db_optimize_table']($table) != -1 or $db_messed = true;
  1033. // Optimizing one sqlite table, optimizes them all
  1034. if($db_type == 'sqlite')
  1035. break;
  1036. if (!empty($db_messed))
  1037. {
  1038. $incontext['failures'][-1] = $smcFunc['db_error']();
  1039. break;
  1040. }
  1041. }
  1042. // Check for the ALTER privilege.
  1043. if (!empty($databases[$db_type]['alter_support']) && $smcFunc['db_query']('', "ALTER TABLE {$db_prefix}boards ORDER BY id_board", array('security_override' => true, 'db_error_skip' => true)) === false)
  1044. {
  1045. $incontext['error'] = $txt['error_db_alter_priv'];
  1046. return false;
  1047. }
  1048. if (!empty($exists))
  1049. {
  1050. $incontext['page_title'] = $txt['user_refresh_install'];
  1051. $incontext['was_refresh'] = true;
  1052. }
  1053. return false;
  1054. }
  1055. // Ask for the administrator login information.
  1056. function AdminAccount()
  1057. {
  1058. global $txt, $db_type, $db_connection, $databases, $smcFunc, $incontext, $db_prefix, $db_passwd, $sourcedir;
  1059. $incontext['sub_template'] = 'admin_account';
  1060. $incontext['page_title'] = $txt['user_settings'];
  1061. $incontext['continue'] = 1;
  1062. // Skipping?
  1063. if (!empty($_POST['skip']))
  1064. return true;
  1065. // Need this to check whether we need the database password.
  1066. require(dirname(__FILE__) . '/Settings.php');
  1067. load_database();
  1068. // Define the sha1 function, if it doesn't exist.
  1069. if (!function_exists('sha1') || @version_compare(PHP_VERSION, '5') == -1)
  1070. require_once($sourcedir . '/Subs-Compat.php');
  1071. if (!isset($_POST['username']))
  1072. $_POST['username'] = '';
  1073. if (!isset($_POST['email']))
  1074. $_POST['email'] = '';
  1075. $incontext['username'] = htmlspecialchars(stripslashes($_POST['username']));
  1076. $incontext['email'] = htmlspecialchars(stripslashes($_POST['email']));
  1077. $incontext['require_db_confirm'] = empty($db_type) || $db_type != 'sqlite';
  1078. // Only allow skipping if we think they already have an account setup.
  1079. $request = $smcFunc['db_query']('', '
  1080. SELECT id_member
  1081. FROM {db_prefix}members
  1082. WHERE id_group = {int:admin_group} OR FIND_IN_SET({int:admin_group}, additional_groups) != 0
  1083. LIMIT 1',
  1084. array(
  1085. 'db_error_skip' => true,
  1086. 'admin_group' => 1,
  1087. )
  1088. );
  1089. if ($smcFunc['db_num_rows']($request) != 0)
  1090. $incontext['skip'] = 1;
  1091. $smcFunc['db_free_result']($request);
  1092. // Trying to create an account?
  1093. if (isset($_POST['password1']) && !empty($_POST['contbutt']))
  1094. {
  1095. // Wrong password?
  1096. if ($incontext['require_db_confirm'] && $_POST['password3'] != $db_passwd)
  1097. {
  1098. $incontext['error'] = $txt['error_db_connect'];
  1099. return false;
  1100. }
  1101. // Not matching passwords?
  1102. if ($_POST['password1'] != $_POST['password2'])
  1103. {
  1104. $incontext['error'] = $txt['error_user_settings_again_match'];
  1105. return false;
  1106. }
  1107. // No password?
  1108. if (strlen($_POST['password1']) < 4)
  1109. {
  1110. $incontext['error'] = $txt['error_user_settings_no_password'];
  1111. return false;
  1112. }
  1113. if (!file_exists($sourcedir . '/Subs.php'))
  1114. {
  1115. $incontext['error'] = $txt['error_subs_missing'];
  1116. return false;
  1117. }
  1118. // Update the main contact email?
  1119. if (!empty($_POST['email']) && (empty($webmaster_email) || $webmaster_email == 'noreply@myserver.com'))
  1120. updateSettingsFile(array('webmaster_email' => $_POST['email']));
  1121. // Work out whether we're going to have dodgy characters and remove them.
  1122. $invalid_characters = preg_match('~[<>&"\'=\\\]~', $_POST['username']) != 0;
  1123. $_POST['username'] = preg_replace('~[<>&"\'=\\\]~', '', $_POST['username']);
  1124. $result = $smcFunc['db_query']('', '
  1125. SELECT id_member, password_salt
  1126. FROM {db_prefix}members
  1127. WHERE member_name = {string:username} OR email_address = {string:email}
  1128. LIMIT 1',
  1129. array(
  1130. 'username' => stripslashes($_POST['username']),
  1131. 'email' => stripslashes($_POST['email']),
  1132. 'db_error_skip' => true,
  1133. )
  1134. );
  1135. if ($smcFunc['db_num_rows']($result) != 0)
  1136. {
  1137. list ($incontext['member_id'], $incontext['member_salt']) = $smcFunc['db_fetch_row']($result);
  1138. $smcFunc['db_free_result']($result);
  1139. $incontext['account_existed'] = $txt['error_user_settings_taken'];
  1140. }
  1141. elseif ($_POST['username'] == '' || strlen($_POST['username']) > 25)
  1142. {
  1143. // Try the previous step again.
  1144. $incontext['error'] = $_POST['username'] == '' ? $txt['error_username_left_empty'] : $txt['error_username_too_long'];
  1145. return false;
  1146. }
  1147. elseif ($invalid_characters || $_POST['username'] == '_' || $_POST['username'] == '|' || strpos($_POST['username'], '[code') !== false || strpos($_POST['username'], '[/code') !== false)
  1148. {
  1149. // Try the previous step again.
  1150. $incontext['error'] = $txt['error_invalid_characters_username'];
  1151. return false;
  1152. }
  1153. elseif (empty($_POST['email']) || preg_match('~^[0-9A-Za-z=_+\-/][0-9A-Za-z=_\'+\-/\.]*@[\w\-]+(\.[\w\-]+)*(\.[\w]{2,6})$~', stripslashes($_POST['email'])) === 0 || strlen(stripslashes($_POST['email'])) > 255)
  1154. {
  1155. // One step back, this time fill out a proper email address.
  1156. $incontext['error'] = sprintf($txt['error_valid_email_needed'], $_POST['username']);
  1157. return false;
  1158. }
  1159. elseif ($_POST['username'] != '')
  1160. {
  1161. $incontext['member_salt'] = substr(md5(mt_rand()), 0, 4);
  1162. // Format the username properly.
  1163. $_POST['username'] = preg_replace('~[\t\n\r\x0B\0\xA0]+~', ' ', $_POST['username']);
  1164. $ip = isset($_SERVER['REMOTE_ADDR']) ? substr($_SERVER['REMOTE_ADDR'], 0, 255) : '';
  1165. $request = $smcFunc['db_insert']('',
  1166. $db_prefix . 'members',
  1167. array(
  1168. 'member_name' => 'string-25', 'real_name' => 'string-25', 'passwd' => 'string', 'email_address' => 'string',
  1169. 'id_group' => 'int', 'posts' => 'int', 'date_registered' => 'int', 'hide_email' => 'int',
  1170. 'password_salt' => 'string', 'lngfile' => 'string', 'personal_text' => 'string', 'avatar' => 'string',
  1171. 'member_ip' => 'string', 'member_ip2' => 'string', 'buddy_list' => 'string', 'pm_ignore_list' => 'string',
  1172. 'message_labels' => 'string', 'website_title' => 'string', 'website_url' => 'string', 'location' => 'string',
  1173. 'aim' => 'string', 'icq' => 'string', 'msn' => 'string', 'signature' => 'string', 'usertitle' => 'string', 'secret_question' => 'string',
  1174. 'additional_groups' => 'string', 'ignore_boards' => 'string', 'openid_uri' => 'string',
  1175. ),
  1176. array(
  1177. stripslashes($_POST['username']), stripslashes($_POST['username']), sha1(strtolower(stripslashes($_POST['username'])) . stripslashes($_POST['password1'])), stripslashes($_POST['email']),
  1178. 1, 0, time(), 0,
  1179. $incontext['member_salt'], '', '', '',
  1180. $ip, $ip, '', '',
  1181. '', '', '', '',
  1182. '', '', '', '', '', '',
  1183. '', '', '',
  1184. ),
  1185. array('id_member')
  1186. );
  1187. // Awww, crud!
  1188. if ($request === false)
  1189. {
  1190. $incontext['error'] = $txt['error_user_settings_query'] . '<br />
  1191. <div style="margin: 2ex;">' . nl2br(htmlspecialchars($smcFunc['db_error']($db_connection))) . '</div>';
  1192. return false;
  1193. }
  1194. $incontext['member_id'] = $smcFunc['db_insert_id']("{$db_prefix}members", 'id_member');
  1195. }
  1196. // If we're here we're good.
  1197. return true;
  1198. }
  1199. return false;
  1200. }
  1201. // Final step, clean up and a complete message!
  1202. function DeleteInstall()
  1203. {
  1204. global $txt, $db_prefix, $db_connection, $HTTP_SESSION_VARS, $cookiename, $incontext;
  1205. global $smcFunc, $db_character_set, $mbname, $context, $scripturl, $boardurl;
  1206. global $current_smf_version, $databases, $sourcedir, $forum_version, $modSettings, $user_info, $language, $db_type;
  1207. $incontext['page_title'] = $txt['congratulations'];
  1208. $incontext['sub_template'] = 'delete_install';
  1209. $incontext['continue'] = 0;
  1210. require(dirname(__FILE__) . '/Settings.php');
  1211. load_database();
  1212. chdir(dirname(__FILE__));
  1213. require_once($sourcedir . '/Errors.php');
  1214. require_once($sourcedir . '/Subs.php');
  1215. require_once($sourcedir . '/Load.php');
  1216. require_once($sourcedir . '/Security.php');
  1217. require_once($sourcedir . '/Subs-Auth.php');
  1218. // Bring a warning over.
  1219. if (!empty($incontext['account_existed']))
  1220. $incontext['warning'] = $incontext['account_existed'];
  1221. if (!empty($db_character_set) && !empty($databases[$db_type]['utf8_support']))
  1222. $smcFunc['db_query']('', '
  1223. SET NAMES {raw:db_character_set}',
  1224. array(
  1225. 'db_character_set' => $db_character_set,
  1226. 'db_error_skip' => true,
  1227. )
  1228. );
  1229. // As track stats is by default enabled let's add some activity.
  1230. $smcFunc['db_insert']('ignore',
  1231. '{db_prefix}log_activity',
  1232. array('date' => 'date', 'topics' => 'int', 'posts' => 'int', 'registers' => 'int'),
  1233. array(strftime('%Y-%m-%d', time()), 1, 1, (!empty($incontext['member_id']) ? 1 : 0)),
  1234. array('date')
  1235. );
  1236. // Automatically log them in ;)
  1237. if (isset($incontext['member_id']) && isset($incontext['member_salt']))
  1238. setLoginCookie(3153600 * 60, $incontext['member_id'], sha1(sha1(strtolower($_POST['username']) . $_POST['password1']) . $incontext['member_salt']));
  1239. $result = $smcFunc['db_query']('', '
  1240. SELECT value
  1241. FROM {db_prefix}settings
  1242. WHERE variable = {string:db_sessions}',
  1243. array(
  1244. 'db_sessions' => 'databaseSession_enable',
  1245. 'db_error_skip' => true,
  1246. )
  1247. );
  1248. if ($smcFunc['db_num_rows']($result) != 0)
  1249. list ($db_sessions) = $smcFunc['db_fetch_row']($result);
  1250. $smcFunc['db_free_result']($result);
  1251. if (empty($db_sessions))
  1252. {
  1253. if (@version_compare(PHP_VERSION, '4.2.0') == -1)
  1254. $HTTP_SESSION_VARS['php_412_bugfix'] = true;
  1255. $_SESSION['admin_time'] = time();
  1256. }
  1257. else
  1258. {
  1259. $_SERVER['HTTP_USER_AGENT'] = substr($_SERVER['HTTP_USER_AGENT'], 0, 211);
  1260. $smcFunc['db_insert']('replace',
  1261. '{db_prefix}sessions',
  1262. array(
  1263. 'session_id' => 'string', 'last_update' => 'int', 'data' => 'string',
  1264. ),
  1265. array(
  1266. session_id(), time(), 'USER_AGENT|s:' . strlen($_SERVER['HTTP_USER_AGENT']) . ':"' . $_SERVER['HTTP_USER_AGENT'] . '";admin_time|i:' . time() . ';',
  1267. ),
  1268. array('session_id')
  1269. );
  1270. }
  1271. // We're going to want our lovely $modSettings now.
  1272. $request = $smcFunc['db_query']('', '
  1273. SELECT variable, value
  1274. FROM {db_prefix}settings',
  1275. array(
  1276. 'db_error_skip' => true,
  1277. )
  1278. );
  1279. // Only proceed if we can load the data.
  1280. if ($request)
  1281. {
  1282. while ($row = $smcFunc['db_fetch_row']($request))
  1283. $modSettings[$row[0]] = $row[1];
  1284. $smcFunc['db_free_result']($request);
  1285. }
  1286. updateStats('member');
  1287. updateStats('message');
  1288. updateStats('topic');
  1289. // This function is needed to do the updateStats('subject') call.
  1290. $smcFunc['strtolower'] = $db_character_set === 'utf8' || $txt['lang_character_set'] === 'UTF-8' ? create_func

Large files files are truncated, but you can click here to view the full file