0
+ − 1
<?php
73
0a74676a2f2f
Made the move to Loch Ness, and got some basic page grouping functionality working. TODO: fix some UI issues in Javascript ACL editor and change non-JS ACL editor to work with page groups too
Dan
diff
changeset
+ − 2
0
+ − 3
/*
+ − 4
* Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
142
ca9118d9c0f2
Rebrand as 1.0.2 (Coblynau); internal links are now parsed by RenderMan::parse_internal_links()
Dan
diff
changeset
+ − 5
* Version 1.0.2 (Coblynau)
0
+ − 6
* Copyright (C) 2006-2007 Dan Fuhry
+ − 7
* install.php - handles everything related to installation and initial configuration
+ − 8
*
+ − 9
* This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
+ − 10
* as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
+ − 11
*
+ − 12
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ − 13
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
+ − 14
*/
+ − 15
11
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 16
@include('config.php');
186
+ − 17
if( ( defined('ENANO_INSTALLED') || defined('MIDGET_INSTALLED') ) && ((isset($_GET['mode']) && ($_GET['mode']!='finish' && $_GET['mode']!='css')) || !isset($_GET['mode'])))
+ − 18
{
148
+ − 19
$_GET['title'] = 'Enano:Installation_locked';
0
+ − 20
require('includes/common.php');
+ − 21
die_friendly('Installation locked', '<p>The Enano installer has found a Enano installation in this directory. You MUST delete config.php if you want to re-install Enano.</p><p>If you wish to upgrade an older Enano installation to this version, please use the <a href="upgrade.php">upgrade script</a>.</p>');
+ − 22
exit;
+ − 23
}
+ − 24
+ − 25
define('IN_ENANO_INSTALL', 'true');
+ − 26
145
+ − 27
define('ENANO_VERSION', '1.0.2');
0
+ − 28
// In beta versions, define ENANO_BETA_VERSION here
+ − 29
+ − 30
if(!defined('scriptPath')) {
+ − 31
$sp = dirname($_SERVER['REQUEST_URI']);
+ − 32
if($sp == '/' || $sp == '\\') $sp = '';
+ − 33
define('scriptPath', $sp);
+ − 34
}
+ − 35
+ − 36
if(!defined('contentPath')) {
+ − 37
$sp = dirname($_SERVER['REQUEST_URI']);
+ − 38
if($sp == '/' || $sp == '\\') $sp = '';
+ − 39
define('contentPath', $sp);
+ − 40
}
+ − 41
global $_starttime, $this_page, $sideinfo;
+ − 42
$_starttime = microtime(true);
+ − 43
12
+ − 44
// Determine directory (special case for development servers)
+ − 45
if ( strpos(__FILE__, '/repo/') && file_exists('.enanodev') )
+ − 46
{
+ − 47
$filename = str_replace('/repo/', '/', __FILE__);
+ − 48
}
+ − 49
else
+ − 50
{
+ − 51
$filename = __FILE__;
+ − 52
}
+ − 53
+ − 54
define('ENANO_ROOT', dirname($filename));
0
+ − 55
13
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 56
function is_page($p)
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 57
{
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 58
return true;
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 59
}
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 60
0
+ − 61
require('includes/wikiformat.php');
+ − 62
require('includes/constants.php');
+ − 63
require('includes/rijndael.php');
+ − 64
require('includes/functions.php');
+ − 65
40
+ − 66
strip_magic_quotes_gpc();
+ − 67
0
+ − 68
//die('Key size: ' . AES_BITS . '<br />Block size: ' . AES_BLOCKSIZE);
+ − 69
13
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 70
if(!function_exists('wikiFormat'))
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 71
{
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 72
function wikiFormat($message, $filter_links = true)
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 73
{
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 74
$wiki = & Text_Wiki::singleton('Mediawiki');
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 75
$wiki->setRenderConf('Xhtml', 'code', 'css_filename', 'codefilename');
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 76
$wiki->setRenderConf('Xhtml', 'wikilink', 'view_url', contentPath);
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 77
$result = $wiki->transform($message, 'Xhtml');
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 78
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 79
// HTML fixes
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 80
$result = preg_replace('#<tr>([\s]*?)<\/tr>#is', '', $result);
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 81
$result = preg_replace('#<p>([\s]*?)<\/p>#is', '', $result);
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 82
$result = preg_replace('#<br />([\s]*?)<table#is', '<table', $result);
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 83
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 84
return $result;
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 85
}
0
+ − 86
}
+ − 87
+ − 88
global $failed, $warned;
13
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 89
0
+ − 90
$failed = false;
+ − 91
$warned = false;
13
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 92
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 93
function not($var)
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 94
{
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 95
if($var)
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 96
{
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 97
return false;
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 98
}
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 99
else
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 100
{
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 101
return true;
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 102
}
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 103
}
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 104
0
+ − 105
function run_test($code, $desc, $extended_desc, $warn = false)
+ − 106
{
+ − 107
global $failed, $warned;
+ − 108
static $cv = true;
+ − 109
$cv = not($cv);
+ − 110
$val = eval($code);
+ − 111
if($val)
+ − 112
{
+ − 113
if($cv) $color='CCFFCC'; else $color='AAFFAA';
+ − 114
echo "<tr><td style='background-color: #$color; width: 500px;'>$desc</td><td style='padding-left: 10px;'><img alt='Test passed' src='images/good.gif' /></td></tr>";
+ − 115
} elseif(!$val && $warn) {
+ − 116
if($cv) $color='FFFFCC'; else $color='FFFFAA';
+ − 117
echo "<tr><td style='background-color: #$color; width: 500px;'>$desc<br /><b>$extended_desc</b></td><td style='padding-left: 10px;'><img alt='Test passed with warning' src='images/unknown.gif' /></td></tr>";
+ − 118
$warned = true;
+ − 119
} else {
+ − 120
if($cv) $color='FFCCCC'; else $color='FFAAAA';
+ − 121
echo "<tr><td style='background-color: #$color; width: 500px;'>$desc<br /><b>$extended_desc</b></td><td style='padding-left: 10px;'><img alt='Test failed' src='images/bad.gif' /></td></tr>";
+ − 122
$failed = true;
+ − 123
}
+ − 124
}
+ − 125
function is_apache() { $r = strstr($_SERVER['SERVER_SOFTWARE'], 'Apache') ? true : false; return $r; }
+ − 126
+ − 127
require_once('includes/template.php');
+ − 128
+ − 129
if(!isset($_GET['mode'])) $_GET['mode'] = 'welcome';
+ − 130
switch($_GET['mode'])
+ − 131
{
+ − 132
case 'mysql_test':
+ − 133
error_reporting(0);
+ − 134
$dbhost = rawurldecode($_POST['host']);
+ − 135
$dbname = rawurldecode($_POST['name']);
+ − 136
$dbuser = rawurldecode($_POST['user']);
+ − 137
$dbpass = rawurldecode($_POST['pass']);
+ − 138
$dbrootuser = rawurldecode($_POST['root_user']);
+ − 139
$dbrootpass = rawurldecode($_POST['root_pass']);
+ − 140
if($dbrootuser != '')
+ − 141
{
+ − 142
$conn = mysql_connect($dbhost, $dbrootuser, $dbrootpass);
+ − 143
if(!$conn)
+ − 144
{
+ − 145
$e = mysql_error();
+ − 146
if(strstr($e, "Lost connection"))
+ − 147
die('host'.$e);
+ − 148
else
+ − 149
die('root'.$e);
+ − 150
}
+ − 151
$rsp = 'good';
+ − 152
$q = mysql_query('USE '.$dbname, $conn);
+ − 153
if(!$q)
+ − 154
{
+ − 155
$e = mysql_error();
+ − 156
if(strstr($e, 'Unknown database'))
+ − 157
{
+ − 158
$rsp .= '_creating_db';
+ − 159
}
+ − 160
}
+ − 161
mysql_close($conn);
+ − 162
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
+ − 163
if(!$conn)
+ − 164
{
+ − 165
$e = mysql_error();
+ − 166
if(strstr($e, "Lost connection"))
+ − 167
die('host'.$e);
+ − 168
else
+ − 169
$rsp .= '_creating_user';
+ − 170
}
+ − 171
mysql_close($conn);
+ − 172
die($rsp);
+ − 173
}
+ − 174
else
+ − 175
{
+ − 176
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
+ − 177
if(!$conn)
+ − 178
{
+ − 179
$e = mysql_error();
+ − 180
if(strstr($e, "Lost connection"))
+ − 181
die('host'.$e);
+ − 182
else
+ − 183
die('auth'.$e);
+ − 184
}
+ − 185
$q = mysql_query('USE '.$dbname, $conn);
+ − 186
if(!$q)
+ − 187
{
+ − 188
$e = mysql_error();
+ − 189
if(strstr($e, 'Unknown database'))
+ − 190
{
+ − 191
die('name'.$e);
+ − 192
}
+ − 193
else
+ − 194
{
+ − 195
die('perm'.$e);
+ − 196
}
+ − 197
}
+ − 198
}
+ − 199
$v = mysql_get_server_info();
+ − 200
if(version_compare($v, '4.1.17', '<')) die('vers'.$v);
+ − 201
mysql_close($conn);
+ − 202
die('good');
+ − 203
break;
11
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 204
case 'pophelp':
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 205
$topic = ( isset($_GET['topic']) ) ? $_GET['topic'] : 'invalid';
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 206
switch($topic)
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 207
{
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 208
case 'admin_embed_php':
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 209
$title = 'Allow administrators to embed PHP';
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 210
$content = '<p>This option allows you to control whether anything between the standard <?php and ?> tags will be treated as
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 211
PHP code by Enano. If this option is enabled, and members of the Administrators group use these tags, Enano will
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 212
execute that code when the page is loaded. There are obvious potential security implications here, which should
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 213
be carefully considered before enabling this option.</p>
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 214
<p>If you are the only administrator of this site, or if you have a high level of trust for those will be administering
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 215
the site with you, you should enable this to allow extreme customization of pages.</p>
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 216
<p>Leave this option off if you are at all concerned about security – if your account is compromised and PHP embedding
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 217
is enabled, an attacker can run arbitrary code on your server! Enabling this will also allow administrators to
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 218
embed Javascript and arbitrary HTML and CSS.</p>
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 219
<p>If you don\'t have experience coding in PHP, you can safely disable this option. You may change this at any time
98
6457a9b983c6
Fixed non-object reference in databaseless template, added locking for Javascript paginator, made comments on AES key size more clear in constants, and disallowed "anonymous" and IP addresses for admin username in install.php; Loch Ness release candidate
Dan
diff
changeset
+ − 220
using the ACL editor by selecting the Administrators group and This Entire Website under the scope selection. <!-- , or by
6457a9b983c6
Fixed non-object reference in databaseless template, added locking for Javascript paginator, made comments on AES key size more clear in constants, and disallowed "anonymous" and IP addresses for admin username in install.php; Loch Ness release candidate
Dan
diff
changeset
+ − 221
using the "embedded PHP kill switch" in the administration panel. --></p>';
11
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 222
break;
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 223
default:
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 224
$title = 'Invalid topic';
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 225
$content = 'Invalid help topic.';
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 226
break;
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 227
}
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 228
echo <<<EOF
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 229
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 230
<html>
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 231
<head>
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 232
<title>Enano installation quick help • {$title}</title>
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 233
<meta http-equiv="Content-type" content="text/html; charset=utf-8" />
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 234
<style type="text/css">
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 235
body {
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 236
font-family: trebuchet ms, verdana, arial, helvetica, sans-serif;
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 237
font-size: 9pt;
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 238
}
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 239
h2 { border-bottom: 1px solid #90B0D0; margin-bottom: 0; }
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 240
h3 { font-size: 11pt; font-weight: bold; }
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 241
li { list-style: url(../images/bullet.gif); }
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 242
p { margin: 1.0em; }
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 243
blockquote { background-color: #F4F4F4; border: 1px dotted #406080; margin: 1em; padding: 10px; max-height: 250px; overflow: auto; }
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 244
a { color: #7090B0; }
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 245
a:hover { color: #90B0D0; }
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 246
</style>
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 247
</head>
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 248
<body>
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 249
<h2>{$title}</h2>
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 250
{$content}
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 251
<p style="text-align: right;">
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 252
<a href="#" onclick="window.close(); return false;">Close window</a>
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 253
</p>
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 254
</body>
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 255
</html>
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 256
EOF;
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 257
exit;
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 258
break;
0
+ − 259
default:
+ − 260
break;
+ − 261
}
+ − 262
+ − 263
$template = new template_nodb();
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 264
$template->load_theme('oxygen', 'bleu', false);
0
+ − 265
+ − 266
$modestrings = Array(
+ − 267
'welcome' => 'Welcome',
+ − 268
'license' => 'License Agreement',
+ − 269
'sysreqs' => 'Server requirements',
+ − 270
'database'=> 'Database information',
+ − 271
'website' => 'Website configuration',
+ − 272
'login' => 'Administration login',
+ − 273
'confirm' => 'Confirm installation',
+ − 274
'install' => 'Database installation',
+ − 275
'finish' => 'Installation complete'
+ − 276
);
+ − 277
+ − 278
$sideinfo = '';
+ − 279
$vars = $template->extract_vars('elements.tpl');
+ − 280
$p = $template->makeParserText($vars['sidebar_button']);
+ − 281
foreach ( $modestrings as $id => $str )
+ − 282
{
+ − 283
if ( $_GET['mode'] == $id )
+ − 284
{
+ − 285
$flags = 'style="font-weight: bold; text-decoration: underline;"';
+ − 286
$this_page = $str;
+ − 287
}
+ − 288
else
+ − 289
{
+ − 290
$flags = '';
+ − 291
}
+ − 292
$p->assign_vars(Array(
+ − 293
'HREF' => '#',
+ − 294
'FLAGS' => $flags . ' onclick="return false;"',
+ − 295
'TEXT' => $str
+ − 296
));
+ − 297
$sideinfo .= $p->run();
+ − 298
}
+ − 299
+ − 300
$template->init_vars();
+ − 301
+ − 302
if(isset($_GET['mode']) && $_GET['mode'] == 'css')
+ − 303
{
+ − 304
header('Content-type: text/css');
+ − 305
echo $template->get_css();
+ − 306
exit;
+ − 307
}
+ − 308
+ − 309
$template->header();
+ − 310
if(!isset($_GET['mode'])) $_GET['mode'] = 'license';
+ − 311
switch($_GET['mode'])
+ − 312
{
+ − 313
default:
+ − 314
case 'welcome':
+ − 315
?>
+ − 316
<div style="text-align: center; margin-top: 10px;">
+ − 317
<img alt="[ Enano CMS Project logo ]" src="images/enano-artwork/installer-greeting-blue.png" style="display: block; margin: 0 auto; padding-left: 100px;" />
+ − 318
<h2>Welcome to Enano</h2>
148
+ − 319
<h3>version 1.0.2 – stable<br />
145
+ − 320
<span style="font-weight: normal;">also affectionately known as "coblynau" <tt>:)</tt></span></h3>
0
+ − 321
<?php
+ − 322
if ( file_exists('./_nightly.php') )
+ − 323
{
+ − 324
echo '<div class="warning-box" style="text-align: left; margin: 10px 0;"><b>You are about to install a NIGHTLY BUILD of Enano.</b><br />Nightly builds are NOT upgradeable and may contain serious flaws, security problems, or extraneous debugging information. Installing this version of Enano on a production site is NOT recommended.</div>';
+ − 325
}
+ − 326
?>
+ − 327
<form action="install.php?mode=license" method="post">
+ − 328
<input type="submit" value="Start installation" />
+ − 329
</form>
+ − 330
</div>
+ − 331
<?php
+ − 332
break;
+ − 333
case "license":
+ − 334
?>
+ − 335
<h3>Welcome to the Enano installer.</h3>
+ − 336
<p>Thank you for choosing Enano as your CMS. You've selected the finest in design, the strongest in security, and the latest in Web 2.0 toys. Trust us, you'll like it.</p>
+ − 337
<p>To get started, please read and accept the following license agreement. You've probably seen it before.</p>
+ − 338
<div style="height: 500px; clip: rect(0px,auto,500px,auto); overflow: auto; padding: 10px; border: 1px dashed #456798; margin: 1em;">
+ − 339
<h2>GNU General Public License</h2>
+ − 340
<h3>Declaration of license usage</h3>
+ − 341
<p>Enano is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.</p>
+ − 342
<p>This program is distributed in the hope that it will be useful, but <u>without any warranty</u>; without even the implied warranty of <u>merchantability</u> or <u>fitness for a particular purpose</u>. See the GNU General Public License (below) for more details.</p>
72
bda11e521e8a
Fixed a few presentation bugs in installer, made installer more "legally binding", and fixed global permissions inheritance in $session->fetch_page_acl()
Dan
diff
changeset
+ − 343
<p><b>By clicking the button below or otherwise continuing the installation, you indicate your acceptance of this license agreement.</b></p>
0
+ − 344
<h3>Human-readable version</h3>
+ − 345
<p>Enano is distributed under certain licensing terms that we believe make it of the greatest possible use to the public. The license we distribute it under, the GNU General Public License, provides certain terms and conditions that, rather than limit your use of Enano, allow you to get the most out of it. If you would like to read the full text, it can be found below. Here is a human-readable version that we think is a little easier to understand.</p>
+ − 346
<ul>
+ − 347
<li>You may to run Enano for any purpose.</li>
+ − 348
<li>You may study how Enano works and adapt it to your needs.</li>
+ − 349
<li>You may redistribute copies so you can help your neighbor.</li>
+ − 350
<li>You may improve Enano and release your improvements to the public, so that the whole community benefits.</li>
+ − 351
</ul>
+ − 352
<p>You may exercise the freedoms specified here provided that you comply with the express conditions of this license. The principal conditions are:</p>
+ − 353
<ul>
+ − 354
<li>You must conspicuously and appropriately publish on each copy distributed an appropriate copyright notice and disclaimer of warranty and keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of Enano a copy of the GNU General Public License along with Enano. Any translation of the GNU General Public License must be accompanied by the GNU General Public License.</li>
+ − 355
<li>If you modify your copy or copies of Enano or any portion of it, or develop a program based upon it, you may distribute the resulting work provided you do so under the GNU General Public License. Any translation of the GNU General Public License must be accompanied by the GNU General Public License.</li>
+ − 356
<li>If you copy or distribute Enano, you must accompany it with the complete corresponding machine-readable source code or with a written offer, valid for at least three years, to furnish the complete corresponding machine-readable source code.</li>
+ − 357
</ul>
+ − 358
<p><b>Disclaimer</b>: The above text is not a license. It is simply a handy reference for understanding the Legal Code (the full license) – it is a human-readable expression of some of its key terms. Think of it as the user-friendly interface to the Legal Code beneath. The above text itself has no legal value, and its contents do not appear in the actual license.<br /><span style="color: #CCC">Text copied from the <a href="http://creativecommons.org/licenses/GPL/2.0/">Creative Commons GPL Deed page</a></span></p>
+ − 359
<?php
+ − 360
if ( defined('ENANO_BETA_VERSION') )
+ − 361
{
+ − 362
?>
+ − 363
<h3>Notice for prerelease versions</h3>
+ − 364
<p>This version of Enano is designed only for testing and evaluation purposes. <b>It is not yet completely stable, and should not be used on production websites.</b> As with any Enano version, Dan Fuhry and the Enano team cannot be responsible for any damage, physical or otherwise, to any property as a result of the use of Enano. While security is a number one priority, sometimes things slip through.</p>
+ − 365
<?php
+ − 366
}
+ − 367
?>
+ − 368
<h3>Lawyer-readable version</h3>
+ − 369
<?php echo wikiFormat(file_get_contents(ENANO_ROOT . '/GPL')); ?>
+ − 370
</div>
+ − 371
<div class="pagenav">
+ − 372
<form action="install.php?mode=sysreqs" method="post">
+ − 373
<table border="0">
+ − 374
<tr>
72
bda11e521e8a
Fixed a few presentation bugs in installer, made installer more "legally binding", and fixed global permissions inheritance in $session->fetch_page_acl()
Dan
diff
changeset
+ − 375
<td><input type="submit" value="I agree to the license terms" /></td><td><p><span style="font-weight: bold;">Before clicking continue:</span><br />• Ensure that you agree with the terms of the license<br />• Have your database host, name, username, and password available</p></td>
0
+ − 376
</tr>
+ − 377
</table>
+ − 378
</form>
+ − 379
</div>
+ − 380
<?php
+ − 381
break;
+ − 382
case "sysreqs":
+ − 383
error_reporting(E_ALL);
+ − 384
?>
+ − 385
<h3>Checking your server</h3>
+ − 386
<p>Enano has several requirements that must be met before it can be installed. If all is good then note any warnings and click Continue below.</p>
+ − 387
<table border="0" cellspacing="0" cellpadding="0">
+ − 388
<?php
+ − 389
run_test('return version_compare(\'4.3.0\', PHP_VERSION, \'<\');', 'PHP Version >=4.3.0', 'It seems that the version of PHP that your server is running is too old to support Enano properly. If this is your server, please upgrade to the most recent version of PHP, remembering to use the --with-mysql configure option if you compile it yourself. If this is not your server, please contact your webhost and ask them if it would be possible to upgrade PHP. If this is not possible, you will need to switch to a different webhost in order to use Enano.');
+ − 390
run_test('return function_exists(\'mysql_connect\');', 'MySQL extension for PHP', 'It seems that your PHP installation does not have the MySQL extension enabled. If this is your own server, you may need to just enable the "libmysql.so" extension in php.ini. If you do not have the MySQL extension installed, you will need to either use your distribution\'s package manager to install it, or you will have to compile PHP from source. If you compile PHP from source, please remember to use the "--with-mysql" configure option, and you will have to have the MySQL development files installed (they usually are). If this is not your server, please contact your hosting company and ask them to install the PHP MySQL extension.');
+ − 391
run_test('return @ini_get(\'file_uploads\');', 'File upload support', 'It seems that your server does not support uploading files. Enano *requires* this functionality in order to work properly. Please ask your server administrator to set the "file_uploads" option in php.ini to "On".');
+ − 392
run_test('return is_apache();', 'Apache HTTP Server', 'Apparently your server is running a web server other than Apache. Enano will work nontheless, but there are some known bugs with non-Apache servers, and the "fancy" URLs will not work properly. The "Standard URLs" option will be set on the website configuration page, only change it if you are absolutely certain that your server is running Apache.', true);
+ − 393
//run_test('return function_exists(\'finfo_file\');', 'Fileinfo PECL extension', 'The MIME magic PHP extension is used to determine the type of a file by looking for a certain "magic" string of characters inside it. This functionality is used by Enano to more effectively prevent malicious file uploads. The MIME magic option will be disabled by default.', true);
+ − 394
run_test('return is_writable(ENANO_ROOT.\'/config.php\');', 'Configuration file writable', 'It looks like the configuration file, config.php, is not writable. Enano needs to be able to write to this file in order to install.<br /><br /><b>If you are installing Enano on a SourceForge web site:</b><br />SourceForge mounts the web partitions read-only now, so you will need to use the project shell service to symlink config.php to a file in the /tmp/persistent directory.');
+ − 395
run_test('return file_exists(\'/usr/bin/convert\');', 'ImageMagick support', 'Enano uses ImageMagick to scale images into thumbnails. Because ImageMagick was not found on your server, Enano will use the width= and height= attributes on the <img> tag to scale images. This can cause somewhat of a performance increase, but bandwidth usage will be higher, especially if you use high-resolution images on your site.<br /><br />If you are sure that you have ImageMagick, you can set the location of the "convert" program using the administration panel after installation is complete.', true);
+ − 396
run_test('return is_writable(ENANO_ROOT.\'/cache/\');', 'Cache directory writable', 'Apparently the cache/ directory is not writable. Enano will still work, but you will not be able to cache thumbnails, meaning the server will need to re-render them each time they are requested. In some cases, this can cause a significant slowdown.', true);
72
bda11e521e8a
Fixed a few presentation bugs in installer, made installer more "legally binding", and fixed global permissions inheritance in $session->fetch_page_acl()
Dan
diff
changeset
+ − 397
run_test('return is_writable(ENANO_ROOT.\'/files/\');', 'File uploads directory writable', 'It seems that the directory where uploaded files are stored (' . ENANO_ROOT . '/files) cannot be written by the server. Enano will still function, but file uploads will not function, and will be disabled by default.', true);
0
+ − 398
echo '</table>';
+ − 399
if(!$failed)
+ − 400
{
+ − 401
?>
+ − 402
+ − 403
<div class="pagenav">
+ − 404
<?php
+ − 405
if($warned) {
+ − 406
echo '<table border="0" cellspacing="0" cellpadding="0">';
+ − 407
run_test('return false;', 'Some scalebacks were made due to your server configuration.', 'Enano has detected that some of the features or configuration settings on your server are not optimal for the best behavior and/or performance for Enano. As a result, certain features or enhancements that are part of Enano have been disabled to prevent further errors. You have seen those "fatal error" notices that spew from PHP, haven\'t you?<br /><br />Fatal error:</b> call to undefined function wannahokaloogie() in file <b>'.__FILE__.'</b> on line <b>'.__LINE__.'', true);
+ − 408
echo '</table>';
+ − 409
} else {
+ − 410
echo '<table border="0" cellspacing="0" cellpadding="0">';
72
bda11e521e8a
Fixed a few presentation bugs in installer, made installer more "legally binding", and fixed global permissions inheritance in $session->fetch_page_acl()
Dan
diff
changeset
+ − 411
run_test('return true;', '<b>Your server meets all the requirements for running Enano.</b><br />Click the button below to continue the installation.', 'You should never see this text. Congratulations for being an Enano hacker!');
0
+ − 412
echo '</table>';
+ − 413
}
+ − 414
?>
+ − 415
<form action="install.php?mode=database" method="post">
+ − 416
<table border="0">
+ − 417
<tr>
+ − 418
<td><input type="submit" value="Continue" /></td><td><p><span style="font-weight: bold;">Before clicking continue:</span><br />• Ensure that you are satisfied with any scalebacks that may have been made to accomodate your server configuration<br />• Have your database host, name, username, and password available</p></td>
+ − 419
</tr>
+ − 420
</table>
+ − 421
</form>
+ − 422
</div>
+ − 423
<?php
+ − 424
} else {
+ − 425
if($failed) {
+ − 426
echo '<div class="pagenav"><table border="0" cellspacing="0" cellpadding="0">';
+ − 427
run_test('return false;', 'Your server does not meet the requirements for Enano to run.', 'As a precaution, Enano will not install until the above requirements have been met. Contact your server administrator or hosting company and convince them to upgrade. Good luck.');
+ − 428
echo '</table></div>';
+ − 429
}
+ − 430
}
+ − 431
?>
+ − 432
<?php
+ − 433
break;
+ − 434
case "database":
+ − 435
?>
+ − 436
<script type="text/javascript">
+ − 437
function ajaxGet(uri, f) {
+ − 438
if (window.XMLHttpRequest) {
+ − 439
ajax = new XMLHttpRequest();
+ − 440
} else {
+ − 441
if (window.ActiveXObject) {
+ − 442
ajax = new ActiveXObject("Microsoft.XMLHTTP");
+ − 443
} else {
+ − 444
alert('Enano client-side runtime error: No AJAX support, unable to continue');
+ − 445
return;
+ − 446
}
+ − 447
}
+ − 448
ajax.onreadystatechange = f;
+ − 449
ajax.open('GET', uri, true);
+ − 450
ajax.send(null);
+ − 451
}
+ − 452
+ − 453
function ajaxPost(uri, parms, f) {
+ − 454
if (window.XMLHttpRequest) {
+ − 455
ajax = new XMLHttpRequest();
+ − 456
} else {
+ − 457
if (window.ActiveXObject) {
+ − 458
ajax = new ActiveXObject("Microsoft.XMLHTTP");
+ − 459
} else {
+ − 460
alert('Enano client-side runtime error: No AJAX support, unable to continue');
+ − 461
return;
+ − 462
}
+ − 463
}
+ − 464
ajax.onreadystatechange = f;
+ − 465
ajax.open('POST', uri, true);
+ − 466
ajax.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
+ − 467
ajax.setRequestHeader("Content-length", parms.length);
+ − 468
ajax.setRequestHeader("Connection", "close");
+ − 469
ajax.send(parms);
+ − 470
}
+ − 471
function ajaxTestConnection()
+ − 472
{
+ − 473
v = verify();
+ − 474
if(!v)
+ − 475
{
+ − 476
alert('One or more of the form fields is incorrect. Please correct any information in the form that has an "X" next to it.');
+ − 477
return false;
+ − 478
}
+ − 479
var frm = document.forms.dbinfo;
+ − 480
db_host = escape(frm.db_host.value.replace('+', '%2B'));
+ − 481
db_name = escape(frm.db_name.value.replace('+', '%2B'));
+ − 482
db_user = escape(frm.db_user.value.replace('+', '%2B'));
+ − 483
db_pass = escape(frm.db_pass.value.replace('+', '%2B'));
+ − 484
db_root_user = escape(frm.db_root_user.value.replace('+', '%2B'));
+ − 485
db_root_pass = escape(frm.db_root_pass.value.replace('+', '%2B'));
+ − 486
+ − 487
parms = 'host='+db_host+'&name='+db_name+'&user='+db_user+'&pass='+db_pass+'&root_user='+db_root_user+'&root_pass='+db_root_pass;
+ − 488
ajaxPost('<?php echo scriptPath; ?>/install.php?mode=mysql_test', parms, function() {
+ − 489
if(ajax.readyState==4)
+ − 490
{
+ − 491
s = ajax.responseText.substr(0, 4);
+ − 492
t = ajax.responseText.substr(4, ajax.responseText.length);
+ − 493
if(s.substr(0, 4)=='good')
+ − 494
{
+ − 495
document.getElementById('s_db_host').src='images/good.gif';
+ − 496
document.getElementById('s_db_name').src='images/good.gif';
+ − 497
document.getElementById('s_db_auth').src='images/good.gif';
+ − 498
document.getElementById('s_db_root').src='images/good.gif';
+ − 499
if(t.match(/_creating_db/)) document.getElementById('e_db_name').innerHTML = '<b>Warning:<\/b> The database you specified does not exist. It will be created during installation.';
+ − 500
if(t.match(/_creating_user/)) document.getElementById('e_db_auth').innerHTML = '<b>Warning:<\/b> The specified regular user does not exist or the password is incorrect. The user will be created during installation. If the user already exists, the password will be reset.';
+ − 501
document.getElementById('s_mysql_version').src='images/good.gif';
+ − 502
document.getElementById('e_mysql_version').innerHTML = 'Your version of MySQL meets Enano requirements.';
+ − 503
}
+ − 504
else
+ − 505
{
+ − 506
switch(s)
+ − 507
{
+ − 508
case 'host':
+ − 509
document.getElementById('s_db_host').src='images/bad.gif';
+ − 510
document.getElementById('s_db_name').src='images/unknown.gif';
+ − 511
document.getElementById('s_db_auth').src='images/unknown.gif';
+ − 512
document.getElementById('s_db_root').src='images/unknown.gif';
+ − 513
document.getElementById('e_db_host').innerHTML = '<b>Error:<\/b> The database server "'+document.forms.dbinfo.db_host.value+'" couldn\'t be contacted.<br \/>'+t;
+ − 514
document.getElementById('e_mysql_version').innerHTML = 'The MySQL version that your server is running could not be determined.';
+ − 515
break;
+ − 516
case 'auth':
+ − 517
document.getElementById('s_db_host').src='images/good.gif';
+ − 518
document.getElementById('s_db_name').src='images/unknown.gif';
+ − 519
document.getElementById('s_db_auth').src='images/bad.gif';
+ − 520
document.getElementById('s_db_root').src='images/unknown.gif';
+ − 521
document.getElementById('e_db_auth').innerHTML = '<b>Error:<\/b> Access to MySQL under the specified credentials was denied.<br \/>'+t;
+ − 522
document.getElementById('e_mysql_version').innerHTML = 'The MySQL version that your server is running could not be determined.';
+ − 523
break;
+ − 524
case 'perm':
+ − 525
document.getElementById('s_db_host').src='images/good.gif';
+ − 526
document.getElementById('s_db_name').src='images/bad.gif';
+ − 527
document.getElementById('s_db_auth').src='images/good.gif';
+ − 528
document.getElementById('s_db_root').src='images/unknown.gif';
+ − 529
document.getElementById('e_db_name').innerHTML = '<b>Error:<\/b> Access to the specified database using those login credentials was denied.<br \/>'+t;
+ − 530
document.getElementById('e_mysql_version').innerHTML = 'The MySQL version that your server is running could not be determined.';
+ − 531
break;
+ − 532
case 'name':
+ − 533
document.getElementById('s_db_host').src='images/good.gif';
+ − 534
document.getElementById('s_db_name').src='images/bad.gif';
+ − 535
document.getElementById('s_db_auth').src='images/good.gif';
+ − 536
document.getElementById('s_db_root').src='images/unknown.gif';
+ − 537
document.getElementById('e_db_name').innerHTML = '<b>Error:<\/b> The specified database does not exist<br \/>'+t;
+ − 538
document.getElementById('e_mysql_version').innerHTML = 'The MySQL version that your server is running could not be determined.';
+ − 539
break;
+ − 540
case 'root':
+ − 541
document.getElementById('s_db_host').src='images/good.gif';
+ − 542
document.getElementById('s_db_name').src='images/unknown.gif';
+ − 543
document.getElementById('s_db_auth').src='images/unknown.gif';
+ − 544
document.getElementById('s_db_root').src='images/bad.gif';
+ − 545
document.getElementById('e_db_root').innerHTML = '<b>Error:<\/b> Access to MySQL under the specified credentials was denied.<br \/>'+t;
+ − 546
document.getElementById('e_mysql_version').innerHTML = 'The MySQL version that your server is running could not be determined.';
+ − 547
break;
+ − 548
case 'vers':
+ − 549
document.getElementById('s_db_host').src='images/good.gif';
+ − 550
document.getElementById('s_db_name').src='images/good.gif';
+ − 551
document.getElementById('s_db_auth').src='images/good.gif';
+ − 552
document.getElementById('s_db_root').src='images/good.gif';
+ − 553
if(t.match(/_creating_db/)) document.getElementById('e_db_name').innerHTML = '<b>Warning:<\/b> The database you specified does not exist. It will be created during installation.';
+ − 554
if(t.match(/_creating_user/)) document.getElementById('e_db_auth').innerHTML = '<b>Warning:<\/b> The specified regular user does not exist or the password is incorrect. The user will be created during installation. If the user already exists, the password will be reset.';
+ − 555
+ − 556
document.getElementById('e_mysql_version').innerHTML = '<b>Error:<\/b> Your version of MySQL ('+t+') is older than 4.1.17. Enano will still work, but there is a known bug with the comment system and MySQL 4.1.11 that involves some comments not being displayed, due to an issue with the PHP function mysql_fetch_row().';
+ − 557
document.getElementById('s_mysql_version').src='images/bad.gif';
+ − 558
default:
+ − 559
alert(t);
+ − 560
break;
+ − 561
}
+ − 562
}
+ − 563
}
+ − 564
});
+ − 565
}
+ − 566
function verify()
+ − 567
{
+ − 568
document.getElementById('e_db_host').innerHTML = '';
+ − 569
document.getElementById('e_db_auth').innerHTML = '';
+ − 570
document.getElementById('e_db_name').innerHTML = '';
+ − 571
document.getElementById('e_db_root').innerHTML = '';
+ − 572
var frm = document.forms.dbinfo;
+ − 573
ret = true;
+ − 574
if(frm.db_host.value != '')
+ − 575
{
+ − 576
document.getElementById('s_db_host').src='images/unknown.gif';
+ − 577
}
+ − 578
else
+ − 579
{
+ − 580
document.getElementById('s_db_host').src='images/bad.gif';
+ − 581
ret = false;
+ − 582
}
+ − 583
if(frm.db_name.value.match(/^([a-z0-9_]+)$/g))
+ − 584
{
+ − 585
document.getElementById('s_db_name').src='images/unknown.gif';
+ − 586
}
+ − 587
else
+ − 588
{
+ − 589
document.getElementById('s_db_name').src='images/bad.gif';
+ − 590
ret = false;
+ − 591
}
+ − 592
if(frm.db_user.value != '')
+ − 593
{
+ − 594
document.getElementById('s_db_auth').src='images/unknown.gif';
+ − 595
}
+ − 596
else
+ − 597
{
+ − 598
document.getElementById('s_db_auth').src='images/bad.gif';
+ − 599
ret = false;
+ − 600
}
+ − 601
if(frm.table_prefix.value.match(/^([a-z0-9_]*)$/g))
+ − 602
{
+ − 603
document.getElementById('s_table_prefix').src='images/good.gif';
+ − 604
}
+ − 605
else
+ − 606
{
+ − 607
document.getElementById('s_table_prefix').src='images/bad.gif';
+ − 608
ret = false;
+ − 609
}
+ − 610
if(frm.db_root_user.value == '')
+ − 611
{
+ − 612
document.getElementById('s_db_root').src='images/good.gif';
+ − 613
}
+ − 614
else if(frm.db_root_user.value != '' && frm.db_root_pass.value == '')
+ − 615
{
+ − 616
document.getElementById('s_db_root').src='images/bad.gif';
+ − 617
ret = false;
+ − 618
}
+ − 619
else
+ − 620
{
+ − 621
document.getElementById('s_db_root').src='images/unknown.gif';
+ − 622
}
+ − 623
if(ret) frm._cont.disabled = false;
+ − 624
else frm._cont.disabled = true;
+ − 625
return ret;
+ − 626
}
+ − 627
window.onload = verify;
+ − 628
</script>
+ − 629
<p>Now we need some information that will allow Enano to contact your database server. Enano uses MySQL as a data storage backend,
+ − 630
and we need to have access to a MySQL server in order to continue.</p>
+ − 631
<p>If you do not have access to a MySQL server, and you are using your own server, you can download MySQL for free from
+ − 632
<a href="http://www.mysql.com/">MySQL.com</a>. <b>Please note that, like Enano, MySQL is licensed under the GNU GPL.</b>
+ − 633
If you need to modify MySQL and then distribute your modifications, you must either distribute them under the terms of the GPL
+ − 634
or purchase a proprietary license.</p>
140
40f7fa5fd061
Revamped the administrator's user CP, big time. The admin module now uses a smart form and enables all profile fields, including users_extra, to be changed. Passwords are encrypted when sent. The whole CP has been split off into a different file to accomodate the large amount of code.
Dan
diff
changeset
+ − 635
<?php
40f7fa5fd061
Revamped the administrator's user CP, big time. The admin module now uses a smart form and enables all profile fields, including users_extra, to be changed. Passwords are encrypted when sent. The whole CP has been split off into a different file to accomodate the large amount of code.
Dan
diff
changeset
+ − 636
if ( file_exists('/etc/enano-is-virt-appliance') )
40f7fa5fd061
Revamped the administrator's user CP, big time. The admin module now uses a smart form and enables all profile fields, including users_extra, to be changed. Passwords are encrypted when sent. The whole CP has been split off into a different file to accomodate the large amount of code.
Dan
diff
changeset
+ − 637
{
40f7fa5fd061
Revamped the administrator's user CP, big time. The admin module now uses a smart form and enables all profile fields, including users_extra, to be changed. Passwords are encrypted when sent. The whole CP has been split off into a different file to accomodate the large amount of code.
Dan
diff
changeset
+ − 638
echo '<p><b>MySQL login information for this virtual appliance:</b><br /><br />Database hostname: localhost<br />Database login: username "enano", password: "clurichaun" (without quotes)<br />Database name: enano_www1</p>';
40f7fa5fd061
Revamped the administrator's user CP, big time. The admin module now uses a smart form and enables all profile fields, including users_extra, to be changed. Passwords are encrypted when sent. The whole CP has been split off into a different file to accomodate the large amount of code.
Dan
diff
changeset
+ − 639
}
40f7fa5fd061
Revamped the administrator's user CP, big time. The admin module now uses a smart form and enables all profile fields, including users_extra, to be changed. Passwords are encrypted when sent. The whole CP has been split off into a different file to accomodate the large amount of code.
Dan
diff
changeset
+ − 640
?>
0
+ − 641
<form name="dbinfo" action="install.php?mode=website" method="post">
+ − 642
<table border="0">
+ − 643
<tr><td colspan="3" style="text-align: center"><h3>Database information</h3></td></tr>
+ − 644
<tr><td><b>Database hostname</b><br />This is the hostname (or sometimes the IP address) of your MySQL server. In many cases, this is "localhost".<br /><span style="color: #993300" id="e_db_host"></span></td><td><input onkeyup="verify();" name="db_host" size="30" type="text" /></td><td><img id="s_db_host" alt="Good/bad icon" src="images/bad.gif" /></td></tr>
+ − 645
<tr><td><b>Database name</b><br />The name of the actual database. If you don't already have a database, you can create one here, if you have the username and password of a MySQL user with administrative rights.<br /><span style="color: #993300" id="e_db_name"></span></td><td><input onkeyup="verify();" name="db_name" size="30" type="text" /></td><td><img id="s_db_name" alt="Good/bad icon" src="images/bad.gif" /></td></tr>
+ − 646
<tr><td rowspan="2"><b>Database login</b><br />These fields should be the username and password of a user with "select", "insert", "update", "delete", "create table", and "replace" privileges for your database.<br /><span style="color: #993300" id="e_db_auth"></span></td><td><input onkeyup="verify();" name="db_user" size="30" type="text" /></td><td rowspan="2"><img id="s_db_auth" alt="Good/bad icon" src="images/bad.gif" /></td></tr>
+ − 647
<tr><td><input name="db_pass" size="30" type="password" /></td></tr>
+ − 648
<tr><td colspan="3" style="text-align: center"><h3>Optional information</h3></td></tr>
+ − 649
<tr><td><b>Table prefix</b><br />The value that you enter here will be added to the beginning of the name of each Enano table. You may use lowercase letters (a-z), numbers (0-9), and underscores (_).</td><td><input onkeyup="verify();" name="table_prefix" size="30" type="text" /></td><td><img id="s_table_prefix" alt="Good/bad icon" src="images/good.gif" /></td></tr>
+ − 650
<tr><td rowspan="2"><b>Database administrative login</b><br />If the MySQL database or username that you entered above does not exist yet, you can create them here, assuming that you have the login information for an administrative user (such as root). Leave these fields blank unless you need to use them.<br /><span style="color: #993300" id="e_db_root"></span></td><td><input onkeyup="verify();" name="db_root_user" size="30" type="text" /></td><td rowspan="2"><img id="s_db_root" alt="Good/bad icon" src="images/good.gif" /></td></tr>
+ − 651
<tr><td><input onkeyup="verify();" name="db_root_pass" size="30" type="password" /></td></tr>
+ − 652
<tr><td><b>MySQL version</b></td><td id="e_mysql_version">MySQL version information will be checked when you click "Test Connection".</td><td><img id="s_mysql_version" alt="Good/bad icon" src="images/unknown.gif" /></td></tr>
+ − 653
<tr><td><b>Delete existing tables?</b><br />If this option is checked, all the tables that will be used by Enano will be dropped (deleted) before the schema is executed. Do NOT use this option unless specifically instructed to.</td><td><input type="checkbox" name="drop_tables" id="dtcheck" /> <label for="dtcheck">Drop existing tables</label></td></tr>
+ − 654
<tr><td colspan="3" style="text-align: center"><input type="button" value="Test connection" onclick="ajaxTestConnection();" /></td></tr>
+ − 655
</table>
+ − 656
<div class="pagenav">
+ − 657
<table border="0">
+ − 658
<tr>
+ − 659
<td><input type="submit" value="Continue" onclick="return verify();" name="_cont" /></td><td><p><span style="font-weight: bold;">Before clicking continue:</span><br />• Check your MySQL connection using the "Test Connection" button.<br />• Be aware that your database information will be transmitted unencrypted several times.</p></td>
+ − 660
</tr>
+ − 661
</table>
+ − 662
</div>
+ − 663
</form>
+ − 664
<?php
+ − 665
break;
+ − 666
case "website":
+ − 667
if(!isset($_POST['_cont'])) {
195
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 668
echo 'No POST data signature found. Please <a href="install.php?mode=sysreqs">restart the installation</a>.';
0
+ − 669
$template->footer();
+ − 670
exit;
+ − 671
}
+ − 672
unset($_POST['_cont']);
+ − 673
?>
+ − 674
<script type="text/javascript">
+ − 675
function verify()
+ − 676
{
+ − 677
var frm = document.forms.siteinfo;
+ − 678
ret = true;
40
+ − 679
if(frm.sitename.value.match(/^(.+)$/g) && frm.sitename.value != 'Enano')
0
+ − 680
{
+ − 681
document.getElementById('s_name').src='images/good.gif';
+ − 682
}
+ − 683
else
+ − 684
{
+ − 685
document.getElementById('s_name').src='images/bad.gif';
+ − 686
ret = false;
+ − 687
}
+ − 688
if(frm.sitedesc.value.match(/^(.+)$/g))
+ − 689
{
+ − 690
document.getElementById('s_desc').src='images/good.gif';
+ − 691
}
+ − 692
else
+ − 693
{
+ − 694
document.getElementById('s_desc').src='images/bad.gif';
+ − 695
ret = false;
+ − 696
}
+ − 697
if(frm.copyright.value.match(/^(.+)$/g))
+ − 698
{
+ − 699
document.getElementById('s_copyright').src='images/good.gif';
+ − 700
}
+ − 701
else
+ − 702
{
+ − 703
document.getElementById('s_copyright').src='images/bad.gif';
+ − 704
ret = false;
+ − 705
}
+ − 706
if(ret) frm._cont.disabled = false;
+ − 707
else frm._cont.disabled = true;
+ − 708
return ret;
+ − 709
}
+ − 710
window.onload = verify;
+ − 711
</script>
+ − 712
<form name="siteinfo" action="install.php?mode=login" method="post">
+ − 713
<?php
+ − 714
$k = array_keys($_POST);
+ − 715
for($i=0;$i<sizeof($_POST);$i++) {
40
+ − 716
echo '<input type="hidden" name="'.htmlspecialchars($k[$i]).'" value="'.htmlspecialchars($_POST[$k[$i]]).'" />'."\n";
0
+ − 717
}
+ − 718
?>
+ − 719
<p>The next step is to enter some information about your website. You can always change this information later, using the administration panel.</p>
+ − 720
<table border="0">
+ − 721
<tr><td><b>Website name</b><br />The display name of your website. Allowed characters are uppercase and lowercase letters, numerals, and spaces. This must not be blank or "Enano".</td><td><input onkeyup="verify();" name="sitename" type="text" size="30" /></td><td><img id="s_name" alt="Good/bad icon" src="images/bad.gif" /></td></tr>
+ − 722
<tr><td><b>Website description</b><br />This text will be shown below the name of your website.</td><td><input onkeyup="verify();" name="sitedesc" type="text" size="30" /></td><td><img id="s_desc" alt="Good/bad icon" src="images/bad.gif" /></td></tr>
+ − 723
<tr><td><b>Copyright info</b><br />This should be a one-line legal notice that will appear at the bottom of all your pages.</td><td><input onkeyup="verify();" name="copyright" type="text" size="30" /></td><td><img id="s_copyright" alt="Good/bad icon" src="images/bad.gif" /></td></tr>
+ − 724
<tr><td><b>Wiki mode</b><br />This feature allows people to create and edit pages on your site. Enano keeps a history of all page modifications, and you can protect pages to prevent editing.</td><td><input name="wiki_mode" type="checkbox" id="wmcheck" /> <label for="wmcheck">Yes, make my website a wiki.</label></td><td></td></tr>
+ − 725
<tr><td><b>URL scheme</b><br />Choose how the page URLs will look. Depending on your server configuration, you may need to select the first option. If you don't know, select the first option, and you can always change it later.</td><td colspan="2"><input type="radio" <?php if(!is_apache()) echo 'checked="checked" '; ?>name="urlscheme" value="ugly" id="ugly"> <label for="ugly">Standard URLs - compatible with any web server (www.example.com/index.php?title=Page_name)</label><br /><input type="radio" <?php if(is_apache()) echo 'checked="checked" '; ?>name="urlscheme" value="short" id="short"> <label for="short">Short URLs - requires Apache with a PHP module (www.example.com/index.php/Page_name)</label><br /><input type="radio" name="urlscheme" value="tiny" id="petite"> <label for="petite">Tiny URLs - requires Apache on Linux/Unix/BSD with PHP module and mod_rewrite enabled (www.example.com/Page_name)</label></td></tr>
+ − 726
</table>
+ − 727
<div class="pagenav">
+ − 728
<table border="0">
+ − 729
<tr>
+ − 730
<td><input type="submit" value="Continue" onclick="return verify();" name="_cont" /></td><td><p><span style="font-weight: bold;">Before clicking continue:</span><br />• Verify that your site information is correct. Again, all of the above settings can be changed from the administration panel.</p></td>
+ − 731
</tr>
+ − 732
</table>
+ − 733
</div>
+ − 734
</form>
+ − 735
<?php
+ − 736
break;
+ − 737
case "login":
+ − 738
if(!isset($_POST['_cont'])) {
195
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 739
echo 'No POST data signature found. Please <a href="install.php?mode=sysreqs">restart the installation</a>.';
0
+ − 740
$template->footer();
+ − 741
exit;
+ − 742
}
+ − 743
unset($_POST['_cont']);
+ − 744
require('config.php');
+ − 745
$aes = new AESCrypt(AES_BITS, AES_BLOCKSIZE);
12
+ − 746
if ( isset($crypto_key) )
+ − 747
{
+ − 748
$cryptkey = $crypto_key;
+ − 749
}
0
+ − 750
if(!isset($cryptkey) || ( isset($cryptkey) && strlen($cryptkey) != AES_BITS / 4) )
+ − 751
{
+ − 752
$cryptkey = $aes->gen_readymade_key();
+ − 753
$handle = @fopen(ENANO_ROOT.'/config.php', 'w');
+ − 754
if(!$handle)
+ − 755
{
+ − 756
echo '<p>ERROR: Cannot open config.php for writing - exiting!</p>';
+ − 757
$template->footer();
+ − 758
exit;
+ − 759
}
+ − 760
fwrite($handle, '<?php $cryptkey = \''.$cryptkey.'\'; ?>');
+ − 761
fclose($handle);
+ − 762
}
+ − 763
?>
+ − 764
<script type="text/javascript">
+ − 765
function verify()
+ − 766
{
+ − 767
var frm = document.forms.login;
+ − 768
ret = true;
195
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 769
var ip_regexp = new RegExp('^(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])$', '');
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 770
var valid_username = new RegExp('^([A-z0-9 \-\.]+)$', '');
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 771
if ( frm.admin_user.value.match(valid_username) && !frm.admin_user.value.match(ip_regexp) && frm.admin_user.value.toLowerCase() != 'anonymous' )
0
+ − 772
{
+ − 773
document.getElementById('s_user').src = 'images/good.gif';
+ − 774
}
+ − 775
else
+ − 776
{
+ − 777
document.getElementById('s_user').src = 'images/bad.gif';
+ − 778
ret = false;
+ − 779
}
+ − 780
if(frm.admin_pass.value.length >= 6 && frm.admin_pass.value == frm.admin_pass_confirm.value)
+ − 781
{
+ − 782
document.getElementById('s_password').src = 'images/good.gif';
+ − 783
}
+ − 784
else
+ − 785
{
+ − 786
document.getElementById('s_password').src = 'images/bad.gif';
+ − 787
ret = false;
+ − 788
}
195
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 789
var valid_email = new RegExp('^(?:[\w\d]+\.?)+@(?:(?:[\w\d]\-?)+\.)+\w{2,4}$', '');
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 790
if(frm.admin_email.value.match(valid_email))
0
+ − 791
{
+ − 792
document.getElementById('s_email').src = 'images/good.gif';
+ − 793
}
+ − 794
else
+ − 795
{
+ − 796
document.getElementById('s_email').src = 'images/bad.gif';
+ − 797
ret = false;
+ − 798
}
+ − 799
if(ret) frm._cont.disabled = false;
+ − 800
else frm._cont.disabled = true;
+ − 801
return ret;
+ − 802
}
+ − 803
window.onload = verify;
+ − 804
+ − 805
function cryptdata()
+ − 806
{
+ − 807
if(!verify()) return false;
+ − 808
}
+ − 809
</script>
+ − 810
<form name="login" action="install.php?mode=confirm" method="post" onsubmit="runEncryption();">
+ − 811
<?php
+ − 812
$k = array_keys($_POST);
+ − 813
for($i=0;$i<sizeof($_POST);$i++) {
40
+ − 814
echo '<input type="hidden" name="'.htmlspecialchars($k[$i]).'" value="'.htmlspecialchars($_POST[$k[$i]]).'" />'."\n";
0
+ − 815
}
+ − 816
?>
+ − 817
<p>Next, enter your desired username and password. The account you create here will be used to administer your site.</p>
+ − 818
<table border="0">
98
6457a9b983c6
Fixed non-object reference in databaseless template, added locking for Javascript paginator, made comments on AES key size more clear in constants, and disallowed "anonymous" and IP addresses for admin username in install.php; Loch Ness release candidate
Dan
diff
changeset
+ − 819
<tr><td><b>Administration username</b><br /><small>The administration username you will use to log into your site.<br />This cannot be "anonymous" or in the form of an IP address.</small></td><td><input onkeyup="verify();" name="admin_user" type="text" size="30" /></td><td><img id="s_user" alt="Good/bad icon" src="images/bad.gif" /></td></tr>
0
+ − 820
<tr><td>Administration password:</td><td><input onkeyup="verify();" name="admin_pass" type="password" size="30" /></td><td rowspan="2"><img id="s_password" alt="Good/bad icon" src="images/bad.gif" /></td></tr>
+ − 821
<tr><td>Enter it again to confirm:</td><td><input onkeyup="verify();" name="admin_pass_confirm" type="password" size="30" /></td></tr>
+ − 822
<tr><td>Your e-mail address:</td><td><input onkeyup="verify();" name="admin_email" type="text" size="30" /></td><td><img id="s_email" alt="Good/bad icon" src="images/bad.gif" /></td></tr>
11
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 823
<tr>
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 824
<td>
80
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 825
Allow administrators to embed PHP code into pages:<br />
11
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 826
<small><span style="color: #D84308">Do not under any circumstances enable this option without reading these
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 827
<a href="install.php?mode=pophelp&topic=admin_embed_php"
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 828
onclick="window.open(this.href, 'pophelpwin', 'width=550,height=400,status=no,toolbars=no,toolbar=no,address=no,scroll=yes'); return false;"
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 829
style="color: #D84308; text-decoration: underline;">important security implications</a>.
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 830
</span></small>
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 831
</td>
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 832
<td>
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 833
<label><input type="radio" name="admin_embed_php" value="2" checked="checked" /> Disabled</label>
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 834
<label><input type="radio" name="admin_embed_php" value="4" /> Enabled</label>
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 835
</td>
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 836
<td></td>
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 837
</tr>
0
+ − 838
<tr><td colspan="3">If your browser supports Javascript, the password you enter here will be encrypted with AES before it is sent to the server.</td></tr>
+ − 839
</table>
+ − 840
<div class="pagenav">
+ − 841
<table border="0">
+ − 842
<tr>
+ − 843
<td><input type="submit" value="Continue" onclick="return cryptdata();" name="_cont" /></td><td><p><span style="font-weight: bold;">Before clicking continue:</span><br />• Remember the username and password you enter here! You will not be able to administer your site without the information you enter on this page.</p></td>
+ − 844
</tr>
+ − 845
</table>
+ − 846
</div>
+ − 847
<div id="cryptdebug"></div>
+ − 848
<input type="hidden" name="use_crypt" value="no" />
+ − 849
<input type="hidden" name="crypt_key" value="<?php echo $cryptkey; ?>" />
+ − 850
<input type="hidden" name="crypt_data" value="" />
+ − 851
</form>
+ − 852
<script type="text/javascript">
+ − 853
// <![CDATA[
+ − 854
frm.admin_user.focus();
+ − 855
function runEncryption()
+ − 856
{
40
+ − 857
str = '';
+ − 858
for(i=0;i<keySizeInBits/4;i++) str+='0';
+ − 859
var key = hexToByteArray(str);
+ − 860
var pt = hexToByteArray(str);
+ − 861
var ct = rijndaelEncrypt(pt, key, "ECB");
+ − 862
var ect = byteArrayToHex(ct);
+ − 863
switch(keySizeInBits)
+ − 864
{
+ − 865
case 128:
+ − 866
v = '66e94bd4ef8a2c3b884cfa59ca342b2e';
+ − 867
break;
+ − 868
case 192:
+ − 869
v = 'aae06992acbf52a3e8f4a96ec9300bd7aae06992acbf52a3e8f4a96ec9300bd7';
+ − 870
break;
+ − 871
case 256:
+ − 872
v = 'dc95c078a2408989ad48a21492842087dc95c078a2408989ad48a21492842087';
+ − 873
break;
+ − 874
}
+ − 875
var testpassed = ( ect == v && md5_vm_test() );
+ − 876
var frm = document.forms.login;
+ − 877
if(testpassed)
+ − 878
{
+ − 879
// alert('encryption self-test passed');
+ − 880
frm.use_crypt.value = 'yes';
+ − 881
var cryptkey = frm.crypt_key.value;
+ − 882
frm.crypt_key.value = '';
+ − 883
if(cryptkey != byteArrayToHex(hexToByteArray(cryptkey)))
+ − 884
{
+ − 885
alert('Byte array conversion SUCKS');
+ − 886
testpassed = false;
+ − 887
}
+ − 888
cryptkey = hexToByteArray(cryptkey);
+ − 889
if(!cryptkey || ( ( typeof cryptkey == 'string' || typeof cryptkey == 'object' ) ) && cryptkey.length != keySizeInBits / 8 )
+ − 890
{
+ − 891
frm._cont.disabled = true;
+ − 892
len = ( typeof cryptkey == 'string' || typeof cryptkey == 'object' ) ? '\nLen: '+cryptkey.length : '';
+ − 893
alert('The key is messed up\nType: '+typeof(cryptkey)+len);
+ − 894
}
+ − 895
}
+ − 896
else
+ − 897
{
+ − 898
// alert('encryption self-test FAILED');
+ − 899
}
0
+ − 900
if(testpassed)
+ − 901
{
+ − 902
pass = frm.admin_pass.value;
+ − 903
pass = stringToByteArray(pass);
+ − 904
cryptstring = rijndaelEncrypt(pass, cryptkey, 'ECB');
+ − 905
//decrypted = rijndaelDecrypt(cryptstring, cryptkey, 'ECB');
+ − 906
//decrypted = byteArrayToString(decrypted);
+ − 907
//return false;
+ − 908
if(!cryptstring)
+ − 909
{
+ − 910
return false;
+ − 911
}
+ − 912
cryptstring = byteArrayToHex(cryptstring);
40
+ − 913
// document.getElementById('cryptdebug').innerHTML = '<pre>Data: '+cryptstring+'<br />Key: '+byteArrayToHex(cryptkey)+'</pre>';
0
+ − 914
frm.crypt_data.value = cryptstring;
+ − 915
frm.admin_pass.value = '';
+ − 916
frm.admin_pass_confirm.value = '';
+ − 917
}
+ − 918
return false;
+ − 919
}
+ − 920
// ]]>
+ − 921
</script>
+ − 922
<?php
+ − 923
break;
+ − 924
case "confirm":
+ − 925
if(!isset($_POST['_cont'])) {
195
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 926
echo 'No POST data signature found. Please <a href="install.php?mode=sysreqs">restart the installation</a>.';
0
+ − 927
$template->footer();
+ − 928
exit;
+ − 929
}
+ − 930
unset($_POST['_cont']);
+ − 931
?>
+ − 932
<form name="confirm" action="install.php?mode=install" method="post">
+ − 933
<?php
+ − 934
$k = array_keys($_POST);
+ − 935
for($i=0;$i<sizeof($_POST);$i++) {
40
+ − 936
echo '<input type="hidden" name="'.htmlspecialchars($k[$i]).'" value="'.htmlspecialchars($_POST[$k[$i]]).'" />'."\n";
0
+ − 937
}
+ − 938
?>
+ − 939
<h3>Enano is ready to install.</h3>
+ − 940
<p>The wizard has finished collecting information and is ready to install the database schema. Please review the information below,
+ − 941
and then click the button below to install the database.</p>
+ − 942
<ul>
+ − 943
<li>Database hostname: <?php echo $_POST['db_host']; ?></li>
+ − 944
<li>Database name: <?php echo $_POST['db_name']; ?></li>
+ − 945
<li>Database user: <?php echo $_POST['db_user']; ?></li>
+ − 946
<li>Database password: <hidden></li>
+ − 947
<li>Site name: <?php echo $_POST['sitename']; ?></li>
+ − 948
<li>Site description: <?php echo $_POST['sitedesc']; ?></li>
+ − 949
<li>Administration username: <?php echo $_POST['admin_user']; ?></li>
+ − 950
<li>Cipher strength: <?php echo (string)AES_BITS; ?>-bit AES<br /><small>Cipher strength is defined in the file constants.php; if you desire to change the cipher strength, you may do so and then restart installation. Unless your site is mission-critical, changing the cipher strength is not necessary.</small></li>
+ − 951
</ul>
+ − 952
<div class="pagenav">
+ − 953
<table border="0">
+ − 954
<tr>
+ − 955
<td><input type="submit" value="Install Enano!" name="_cont" /></td><td><p><span style="font-weight: bold;">Before clicking continue:</span><br />• Pray.</p></td>
+ − 956
</tr>
+ − 957
</table>
+ − 958
</div>
+ − 959
</form>
+ − 960
<?php
+ − 961
break;
+ − 962
case "install":
+ − 963
if(!isset($_POST['db_host']) ||
+ − 964
!isset($_POST['db_name']) ||
+ − 965
!isset($_POST['db_user']) ||
+ − 966
!isset($_POST['db_pass']) ||
+ − 967
!isset($_POST['sitename']) ||
+ − 968
!isset($_POST['sitedesc']) ||
+ − 969
!isset($_POST['copyright']) ||
+ − 970
!isset($_POST['admin_user']) ||
+ − 971
!isset($_POST['admin_pass']) ||
11
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 972
!isset($_POST['admin_embed_php']) || ( isset($_POST['admin_embed_php']) && !in_array($_POST['admin_embed_php'], array('2', '4')) ) ||
0
+ − 973
!isset($_POST['urlscheme'])
+ − 974
)
+ − 975
{
195
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 976
echo 'The installer has detected that one or more required form values is not set. Please <a href="install.php?mode=sysreqs">restart the installation</a>.';
0
+ − 977
$template->footer();
+ − 978
exit;
+ − 979
}
+ − 980
switch($_POST['urlscheme'])
+ − 981
{
+ − 982
case "ugly":
+ − 983
default:
+ − 984
$cp = scriptPath.'/index.php?title=';
+ − 985
break;
+ − 986
case "short":
+ − 987
$cp = scriptPath.'/index.php/';
+ − 988
break;
+ − 989
case "tiny":
+ − 990
$cp = scriptPath.'/';
+ − 991
break;
+ − 992
}
+ − 993
function err($t) { global $template; echo $t; $template->footer(); exit; }
+ − 994
195
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 995
if ( !preg_match('/^[a-z0-9_]*$/', $_POST['table_prefix']) )
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 996
err('Hacking attempt was detected in table_prefix.');
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 997
0
+ − 998
echo 'Connecting to MySQL...';
+ − 999
if($_POST['db_root_user'] != '')
+ − 1000
{
+ − 1001
$conn = mysql_connect($_POST['db_host'], $_POST['db_root_user'], $_POST['db_root_pass']);
+ − 1002
if(!$conn) err('Error connecting to MySQL: '.mysql_error());
+ − 1003
$q = mysql_query('USE '.$_POST['db_name']);
+ − 1004
if(!$q)
+ − 1005
{
+ − 1006
$q = mysql_query('CREATE DATABASE '.$_POST['db_name']);
+ − 1007
if(!$q) err('Error initializing database: '.mysql_error());
+ − 1008
}
+ − 1009
$q = mysql_query('GRANT ALL PRIVILEGES ON '.$_POST['db_name'].'.* TO \''.$_POST['db_user'].'\'@\'localhost\' IDENTIFIED BY \''.$_POST['db_pass'].'\' WITH GRANT OPTION;');
+ − 1010
if(!$q) err('Could not create the user account');
+ − 1011
$q = mysql_query('GRANT ALL PRIVILEGES ON '.$_POST['db_name'].'.* TO \''.$_POST['db_user'].'\'@\'%\' IDENTIFIED BY \''.$_POST['db_pass'].'\' WITH GRANT OPTION;');
+ − 1012
if(!$q) err('Could not create the user account');
+ − 1013
mysql_close($conn);
+ − 1014
}
+ − 1015
$conn = mysql_connect($_POST['db_host'], $_POST['db_user'], $_POST['db_pass']);
+ − 1016
if(!$conn) err('Error connecting to MySQL: '.mysql_error());
+ − 1017
$q = mysql_query('USE '.$_POST['db_name']);
+ − 1018
if(!$q) err('Error selecting database: '.mysql_error());
+ − 1019
echo 'done!<br />';
+ − 1020
+ − 1021
// Are we supposed to drop any existing tables? If so, do it now
+ − 1022
if(isset($_POST['drop_tables']))
+ − 1023
{
+ − 1024
echo 'Dropping existing Enano tables...';
+ − 1025
// Our list of tables included in Enano
80
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 1026
$tables = Array( 'mdg_categories', 'mdg_comments', 'mdg_config', 'mdg_logs', 'mdg_page_text', 'mdg_session_keys', 'mdg_pages', 'mdg_users', 'mdg_users_extra', 'mdg_themes', 'mdg_buddies', 'mdg_banlist', 'mdg_files', 'mdg_privmsgs', 'mdg_sidebar', 'mdg_hits', 'mdg_search_index', 'mdg_groups', 'mdg_group_members', 'mdg_acl', 'mdg_search_cache', 'mdg_tags', 'mdg_page_groups', 'mdg_page_group_members' );
0
+ − 1027
$tables = implode(', ', $tables);
+ − 1028
$tables = str_replace('mdg_', $_POST['table_prefix'], $tables);
+ − 1029
$query_of_death = 'DROP TABLE '.$tables.';';
+ − 1030
mysql_query($query_of_death); // We won't check for errors here because if this operation fails it probably means the tables didn't exist
+ − 1031
echo 'done!<br />';
+ − 1032
}
+ − 1033
+ − 1034
$cacheonoff = is_writable(ENANO_ROOT.'/cache/') ? '1' : '0';
+ − 1035
+ − 1036
echo 'Decrypting administration password...';
40
+ − 1037
+ − 1038
$aes = new AESCrypt(AES_BITS, AES_BLOCKSIZE);
+ − 1039
+ − 1040
if ( !empty($_POST['crypt_data']) )
12
+ − 1041
{
40
+ − 1042
require('config.php');
+ − 1043
if ( !isset($cryptkey) )
+ − 1044
{
+ − 1045
echo 'failed!<br />Cannot get the key from config.php';
+ − 1046
break;
+ − 1047
}
+ − 1048
$key = hexdecode($cryptkey);
+ − 1049
+ − 1050
$dec = $aes->decrypt($_POST['crypt_data'], $key, ENC_HEX);
+ − 1051
12
+ − 1052
}
40
+ − 1053
else
+ − 1054
{
+ − 1055
$dec = $_POST['admin_pass'];
+ − 1056
}
0
+ − 1057
echo 'done!<br />Generating '.AES_BITS.'-bit AES private key...';
+ − 1058
$privkey = $aes->gen_readymade_key();
+ − 1059
$pkba = hexdecode($privkey);
+ − 1060
$encpass = $aes->encrypt($dec, $pkba, ENC_HEX);
+ − 1061
+ − 1062
echo 'done!<br />Preparing for schema execution...';
+ − 1063
$schema = file_get_contents('schema.sql');
+ − 1064
$schema = str_replace('{{SITE_NAME}}', mysql_real_escape_string($_POST['sitename'] ), $schema);
+ − 1065
$schema = str_replace('{{SITE_DESC}}', mysql_real_escape_string($_POST['sitedesc'] ), $schema);
+ − 1066
$schema = str_replace('{{COPYRIGHT}}', mysql_real_escape_string($_POST['copyright'] ), $schema);
+ − 1067
$schema = str_replace('{{ADMIN_USER}}', mysql_real_escape_string($_POST['admin_user'] ), $schema);
+ − 1068
$schema = str_replace('{{ADMIN_PASS}}', mysql_real_escape_string($encpass ), $schema);
+ − 1069
$schema = str_replace('{{ADMIN_EMAIL}}', mysql_real_escape_string($_POST['admin_email']), $schema);
+ − 1070
$schema = str_replace('{{ENABLE_CACHE}}', mysql_real_escape_string($cacheonoff ), $schema);
+ − 1071
$schema = str_replace('{{REAL_NAME}}', '', $schema);
+ − 1072
$schema = str_replace('{{TABLE_PREFIX}}', $_POST['table_prefix'], $schema);
+ − 1073
$schema = str_replace('{{VERSION}}', ENANO_VERSION, $schema);
11
ccad6026a168
Finalized permissions on files and directories; adding PHP shutoff button (actual shutoff not implemented)
Dan
diff
changeset
+ − 1074
$schema = str_replace('{{ADMIN_EMBED_PHP}}', $_POST['admin_embed_php'], $schema);
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 1075
// Not anymore!! :-D
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 1076
// $schema = str_replace('{{BETA_VERSION}}', ENANO_BETA_VERSION, $schema);
0
+ − 1077
27
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1078
if(isset($_POST['wiki_mode']))
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1079
{
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1080
$schema = str_replace('{{WIKI_MODE}}', '1', $schema);
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1081
}
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1082
else
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1083
{
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1084
$schema = str_replace('{{WIKI_MODE}}', '0', $schema);
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1085
}
0
+ − 1086
+ − 1087
// Build an array of queries
27
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1088
$schema = explode("\n", $schema);
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1089
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1090
foreach ( $schema as $i => $sql )
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1091
{
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1092
$query =& $schema[$i];
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1093
$t = trim($query);
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1094
if ( empty($t) || preg_match('/^(\#|--)/i', $t) )
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1095
{
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1096
unset($schema[$i]);
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1097
unset($query);
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1098
}
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1099
}
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1100
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1101
$schema = array_values($schema);
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1102
$schema = implode("\n", $schema);
0
+ − 1103
$schema = explode(";\n", $schema);
27
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1104
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1105
foreach ( $schema as $i => $sql )
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1106
{
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1107
$query =& $schema[$i];
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1108
if ( substr($query, ( strlen($query) - 1 ), 1 ) != ';' )
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1109
{
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1110
$query .= ';';
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1111
}
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1112
}
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1113
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1114
// echo '<pre>' . htmlspecialchars(print_r($schema, true)) . '</pre>';
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1115
// break;
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1116
0
+ − 1117
echo 'done!<br />Executing schema.sql...';
+ − 1118
+ − 1119
// OK, do the loop, baby!!!
+ − 1120
foreach($schema as $q)
+ − 1121
{
+ − 1122
$r = mysql_query($q, $conn);
+ − 1123
if(!$r) err('Error during mainstream installation: '.mysql_error());
+ − 1124
}
+ − 1125
+ − 1126
echo 'done!<br />Writing configuration files...';
+ − 1127
if($_POST['urlscheme']=='tiny')
+ − 1128
{
13
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 1129
$ht = fopen(ENANO_ROOT.'/.htaccess', 'a+');
0
+ − 1130
if(!$ht) err('Error opening file .htaccess for writing');
+ − 1131
fwrite($ht, '
+ − 1132
RewriteEngine on
+ − 1133
RewriteCond %{REQUEST_FILENAME} !-d
+ − 1134
RewriteCond %{REQUEST_FILENAME} !-f
85
7c68a18a27be
AJAX comments are now paginated; plugin manager can now show system plugins; typo in installer corrected; links in oxygen/stpatty/admin footers changed to "About Enano" page; 1.0.1 release candidate
Dan
diff
changeset
+ − 1135
RewriteRule ^(.+) '.scriptPath.'/index.php?title=$1 [L,QSA]
0
+ − 1136
RewriteRule \.(php|html|gif|jpg|png|css|js)$ - [L]
+ − 1137
');
+ − 1138
fclose($ht);
+ − 1139
}
+ − 1140
+ − 1141
$config_file = '<?php
+ − 1142
/* Enano auto-generated configuration file - editing not recommended! */
+ − 1143
$dbhost = \''.addslashes($_POST['db_host']).'\';
+ − 1144
$dbname = \''.addslashes($_POST['db_name']).'\';
+ − 1145
$dbuser = \''.addslashes($_POST['db_user']).'\';
+ − 1146
$dbpasswd = \''.addslashes($_POST['db_pass']).'\';
195
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 1147
if ( !defined(\'ENANO_CONSTANTS\') )
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 1148
{
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 1149
define(\'ENANO_CONSTANTS\', \'\');
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 1150
define(\'table_prefix\', \''.addslashes($_POST['table_prefix']).'\');
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 1151
define(\'scriptPath\', \''.scriptPath.'\');
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 1152
define(\'contentPath\', \''.$cp.'\');
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 1153
define(\'ENANO_INSTALLED\', \'true\');
0
+ − 1154
}
+ − 1155
$crypto_key = \''.$privkey.'\';
+ − 1156
?>';
+ − 1157
13
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 1158
$cf_handle = fopen(ENANO_ROOT.'/config.php', 'w');
0
+ − 1159
if(!$cf_handle) err('Couldn\'t open file config.php for writing');
+ − 1160
fwrite($cf_handle, $config_file);
+ − 1161
fclose($cf_handle);
+ − 1162
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1163
echo 'done!<br />Starting the Enano API...';
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1164
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1165
$template_bak = $template;
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1166
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1167
// Get Enano loaded
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1168
$_GET['title'] = 'Main_Page';
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1169
require('includes/common.php');
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1170
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1171
// We need to be logged in (with admin rights) before logs can be flushed
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1172
$session->login_without_crypto($_POST['admin_user'], $dec, false);
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1173
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1174
// Now that login cookies are set, initialize the session manager and ACLs
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1175
$session->start();
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1176
$paths->init();
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1177
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1178
unset($template);
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1179
$template =& $template_bak;
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1180
0
+ − 1181
echo 'done!<br />Initializing logs...';
+ − 1182
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1183
$q = $db->sql_query('INSERT INTO ' . $_POST['table_prefix'] . 'logs(log_type,action,time_id,date_string,author,page_text,edit_summary) VALUES(\'security\', \'install_enano\', ' . time() . ', \'' . date('d M Y h:i a') . '\', \'' . mysql_real_escape_string($_POST['admin_user']) . '\', \'' . mysql_real_escape_string(ENANO_VERSION) . '\', \'' . mysql_real_escape_string($_SERVER['REMOTE_ADDR']) . '\');', $conn);
0
+ − 1184
if ( !$q )
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1185
err('Error setting up logs: '.$db->get_error());
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1186
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1187
if ( !$session->get_permissions('clear_logs') )
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1188
{
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1189
echo '<br />Error: session manager won\'t permit flushing logs, these is a bug.';
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1190
break;
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1191
}
0
+ − 1192
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1193
// unset($session);
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1194
// $session = new sessionManager();
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1195
// $session->start();
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1196
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1197
PageUtils::flushlogs('Main_Page', 'Article');
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1198
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1199
echo 'done!<h3>Installation of Enano is complete.</h3><p>Review any warnings above, and then <a href="install.php?mode=finish">click here to finish the installation</a>.';
0
+ − 1200
+ − 1201
// echo '<script type="text/javascript">window.location="'.scriptPath.'/install.php?mode=finish";</script>';
+ − 1202
+ − 1203
break;
+ − 1204
case "finish":
+ − 1205
echo '<h3>Congratulations!</h3>
+ − 1206
<p>You have finished installing Enano on this server.</p>
+ − 1207
<h3>Now what?</h3>
+ − 1208
<p>Click the link below to see the main page for your website. Where to go from here:</p>
+ − 1209
<ul>
+ − 1210
<li>The first thing you should do is log into your site using the Log in link on the sidebar.</li>
+ − 1211
<li>Go into the Administration panel, expand General, and click General Configuration. There you will be able to configure some basic information about your site.</li>
+ − 1212
<li>Visit the <a href="http://enanocms.org/Category:Plugins" onclick="window.open(this.href); return false;">Enano Plugin Gallery</a> to download and use plugins on your site.</li>
+ − 1213
<li>Periodically create a backup of your database and filesystem, in case something goes wrong. This should be done at least once a week – more for wiki-based sites.</li>
+ − 1214
<li>Hire some moderators, to help you keep rowdy users tame.</li>
+ − 1215
<li>Tell the <a href="http://enanocms.org/Contact_us">Enano team</a> what you think.</li>
+ − 1216
<li><b>Spread the word about Enano by adding a link to the Enano homepage on your sidebar!</b> You can enable this option in the General Configuration section of the administration panel.</li>
+ − 1217
</ul>
+ − 1218
<p><a href="index.php">Go to your website...</a></p>';
+ − 1219
break;
+ − 1220
}
+ − 1221
$template->footer();
+ − 1222
+ − 1223
?>