205
+ − 1
<?php
+ − 2
+ − 3
/*
+ − 4
* Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
+ − 5
* Version 1.0.2 (Coblynau)
+ − 6
* Copyright (C) 2006-2007 Dan Fuhry
+ − 7
* install.php - handles everything related to installation and initial configuration
+ − 8
*
+ − 9
* This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
+ − 10
* as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
+ − 11
*
+ − 12
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ − 13
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
+ − 14
*/
+ − 15
+ − 16
@include('config.php');
+ − 17
if( ( defined('ENANO_INSTALLED') || defined('MIDGET_INSTALLED') ) && ((isset($_GET['mode']) && ($_GET['mode']!='finish' && $_GET['mode']!='css')) || !isset($_GET['mode'])))
+ − 18
{
+ − 19
$_GET['title'] = 'Enano:Installation_locked';
+ − 20
require('includes/common.php');
+ − 21
die_friendly('Installation locked', '<p>The Enano installer has found a Enano installation in this directory. You MUST delete config.php if you want to re-install Enano.</p><p>If you wish to upgrade an older Enano installation to this version, please use the <a href="upgrade.php">upgrade script</a>.</p>');
+ − 22
exit;
+ − 23
}
+ − 24
+ − 25
define('IN_ENANO_INSTALL', 'true');
+ − 26
+ − 27
define('ENANO_VERSION', '1.0.2');
+ − 28
// In beta versions, define ENANO_BETA_VERSION here
+ − 29
+ − 30
if(!defined('scriptPath')) {
+ − 31
$sp = dirname($_SERVER['REQUEST_URI']);
+ − 32
if($sp == '/' || $sp == '\\') $sp = '';
+ − 33
define('scriptPath', $sp);
+ − 34
}
+ − 35
+ − 36
if(!defined('contentPath')) {
+ − 37
$sp = dirname($_SERVER['REQUEST_URI']);
+ − 38
if($sp == '/' || $sp == '\\') $sp = '';
+ − 39
define('contentPath', $sp);
+ − 40
}
+ − 41
global $_starttime, $this_page, $sideinfo;
+ − 42
$_starttime = microtime(true);
+ − 43
+ − 44
// Determine directory (special case for development servers)
+ − 45
if ( strpos(__FILE__, '/repo/') && file_exists('.enanodev') )
+ − 46
{
+ − 47
$filename = str_replace('/repo/', '/', __FILE__);
+ − 48
}
+ − 49
else
+ − 50
{
+ − 51
$filename = __FILE__;
+ − 52
}
+ − 53
+ − 54
define('ENANO_ROOT', dirname($filename));
+ − 55
+ − 56
function is_page($p)
+ − 57
{
+ − 58
return true;
+ − 59
}
+ − 60
+ − 61
require('includes/wikiformat.php');
+ − 62
require('includes/constants.php');
+ − 63
require('includes/rijndael.php');
+ − 64
require('includes/functions.php');
+ − 65
+ − 66
strip_magic_quotes_gpc();
+ − 67
$neutral_color = 'C';
+ − 68
+ − 69
//
+ − 70
// INSTALLER LIBRARY
+ − 71
//
+ − 72
+ − 73
function run_installer_stage($stage_id, $stage_name, $function, $failure_explanation, $allow_skip = true)
+ − 74
{
+ − 75
static $resumed = false;
+ − 76
static $resume_stack = array();
+ − 77
+ − 78
if ( empty($resume_stack) && isset($_POST['resume_stack']) && preg_match('/[a-z_]+((\|[a-z_]+)+)/', $_POST['resume_stack']) )
+ − 79
{
+ − 80
$resume_stack = explode('|', $_POST['resume_stack']);
+ − 81
}
+ − 82
+ − 83
$already_run = false;
+ − 84
if ( in_array($stage_id, $resume_stack) )
+ − 85
{
+ − 86
$already_run = true;
+ − 87
}
+ − 88
+ − 89
if ( !$resumed )
+ − 90
{
+ − 91
if ( !isset($_GET['stage']) )
+ − 92
$resumed = true;
+ − 93
if ( isset($_GET['stage']) && $_GET['stage'] == $stage_id )
+ − 94
{
+ − 95
$resumed = true;
+ − 96
}
+ − 97
}
+ − 98
if ( !$resumed && $allow_skip )
+ − 99
{
+ − 100
echo_stage_success($stage_id, "[dbg: skipped] $stage_name");
+ − 101
return false;
+ − 102
}
+ − 103
if ( !function_exists($function) )
+ − 104
die('libenanoinstall: CRITICAL: function "' . $function . '" for ' . $stage_id . ' doesn\'t exist');
+ − 105
$result = @call_user_func($function, false, $already_run);
+ − 106
if ( $result )
+ − 107
{
+ − 108
echo_stage_success($stage_id, $stage_name);
+ − 109
$resume_stack[] = $stage_id;
+ − 110
return true;
+ − 111
}
+ − 112
else
+ − 113
{
+ − 114
echo_stage_failure($stage_id, $stage_name, $failure_explanation, $resume_stack);
+ − 115
return false;
+ − 116
}
+ − 117
}
+ − 118
+ − 119
function start_install_table()
+ − 120
{
+ − 121
echo '<table border="0" cellspacing="0" cellpadding="0">' . "\n";
+ − 122
}
+ − 123
+ − 124
function close_install_table()
+ − 125
{
+ − 126
echo '</table>' . "\n\n";
+ − 127
}
+ − 128
+ − 129
function echo_stage_success($stage_id, $stage_name)
+ − 130
{
+ − 131
global $neutral_color;
+ − 132
$neutral_color = ( $neutral_color == 'A' ) ? 'C' : 'A';
+ − 133
ob_start();
+ − 134
echo '<tr><td style="width: 500px; background-color: #' . "{$neutral_color}{$neutral_color}FF{$neutral_color}{$neutral_color}" . '; padding: 0 5px;">' . htmlspecialchars($stage_name) . '</td><td style="padding: 0 5px;"><img alt="Done" src="images/good.gif" /></td></tr>' . "\n";
+ − 135
ob_end_flush();
+ − 136
}
+ − 137
+ − 138
function echo_stage_failure($stage_id, $stage_name, $failure_explanation, $resume_stack)
+ − 139
{
+ − 140
global $neutral_color;
+ − 141
+ − 142
$neutral_color = ( $neutral_color == 'A' ) ? 'C' : 'A';
+ − 143
ob_start();
+ − 144
echo '<tr><td style="width: 500px; background-color: #' . "FF{$neutral_color}{$neutral_color}{$neutral_color}{$neutral_color}" . '; padding: 0 5px;">' . htmlspecialchars($stage_name) . '</td><td style="padding: 0 5px;"><img alt="Failed" src="images/bad.gif" /></td></tr>' . "\n";
+ − 145
ob_end_flush();
+ − 146
close_install_table();
+ − 147
$post_data = '';
+ − 148
$mysql_error = mysql_error();
+ − 149
foreach ( $_POST as $key => $value )
+ − 150
{
+ − 151
$value = htmlspecialchars($value);
+ − 152
$key = htmlspecialchars($key);
+ − 153
$post_data .= " <input type=\"hidden\" name=\"$key\" value=\"$value\" />\n";
+ − 154
}
+ − 155
echo '<form action="install.php?mode=install&stage=' . $stage_id . '" method="post">
+ − 156
' . $post_data . '
+ − 157
<input type="hidden" name="resume_stack" value="' . htmlspecialchars(implode('|', $resume_stack)) . '" />
+ − 158
<h3>Enano installation failed.</h3>
+ − 159
<p>' . $failure_explanation . '</p>
+ − 160
' . ( !empty($mysql_error) ? "<p>The error returned from MySQL was: $mysql_error</p>" : '' ) . '
+ − 161
<p>When you have corrected the error, click the button below to attempt to continue the installation.</p>
+ − 162
<p style="text-align: center;"><input type="submit" value="Retry installation" /></p>
+ − 163
</form>';
+ − 164
global $template, $template_bak;
+ − 165
if ( is_object($template_bak) )
+ − 166
$template_bak->footer();
+ − 167
else
+ − 168
$template->footer();
+ − 169
exit;
+ − 170
}
+ − 171
+ − 172
//
+ − 173
// INSTALLER STAGES
+ − 174
//
+ − 175
+ − 176
function stg_mysql_connect($act_get = false)
+ − 177
{
+ − 178
static $conn = false;
+ − 179
if ( $act_get )
+ − 180
return $conn;
+ − 181
+ − 182
$db_user =& $_POST['db_user'];
+ − 183
$db_pass =& $_POST['db_pass'];
+ − 184
$db_name =& $_POST['db_name'];
+ − 185
+ − 186
if ( !preg_match('/^[a-z0-9_-]+$/', $db_name) )
+ − 187
{
+ − 188
$db_name = htmlspecialchars($db_name);
+ − 189
die("<p>SECURITY: malformed database name \"$db_name\"</p>");
+ − 190
}
+ − 191
+ − 192
// First, try to connect using the normal credentials
+ − 193
$conn = @mysql_connect($_POST['db_host'], $_POST['db_user'], $_POST['db_pass']);
+ − 194
if ( !$conn )
+ − 195
{
+ − 196
// Connection failed. Do we have the root username and password?
+ − 197
if ( !empty($_POST['db_root_user']) && !empty($_POST['db_root_pass']) )
+ − 198
{
+ − 199
$conn_root = @mysql_connect($_POST['db_host'], $_POST['db_root_user'], $_POST['db_root_pass']);
+ − 200
if ( !$conn_root )
+ − 201
{
+ − 202
// Couldn't connect using either set of credentials. Bail out.
+ − 203
return false;
+ − 204
}
+ − 205
unset($db_user, $db_pass);
+ − 206
$db_user = mysql_real_escape_string($_POST['db_user']);
+ − 207
$db_pass = mysql_real_escape_string($_POST['db_pass']);
+ − 208
// Create the user account
+ − 209
$q = @mysql_query("GRANT ALL PRIVILEGES ON test.* TO '{$db_user}'@'localhost' IDENTIFIED BY '$db_pass' WITH GRANT OPTION;", $conn_root);
+ − 210
if ( !$q )
+ − 211
{
+ − 212
return false;
+ − 213
}
+ − 214
// Revoke privileges from test, we don't need them
+ − 215
$q = @mysql_query("REVOKE ALL PRIVILEGES ON test.* FROM '{$db_user}'@'localhost';", $conn_root);
+ − 216
if ( !$q )
+ − 217
{
+ − 218
return false;
+ − 219
}
+ − 220
if ( $_POST['db_host'] != 'localhost' && $_POST['db_host'] != '127.0.0.1' && $_POST['db_host'] != '::1' )
+ − 221
{
+ − 222
// If not connecting to a server running on localhost, allow from any host
+ − 223
// this is safer than trying to detect the hostname of the webserver, but less secure
+ − 224
$q = @mysql_query("GRANT ALL PRIVILEGES ON test.* TO '{$db_user}'@'%' IDENTIFIED BY '$db_pass' WITH GRANT OPTION;", $conn_root);
+ − 225
if ( !$q )
+ − 226
{
+ − 227
return false;
+ − 228
}
+ − 229
// Revoke privileges from test, we don't need them
+ − 230
$q = @mysql_query("REVOKE ALL PRIVILEGES ON test.* FROM '{$db_user}'@'%';", $conn_root);
+ − 231
if ( !$q )
+ − 232
{
+ − 233
return false;
+ − 234
}
+ − 235
}
+ − 236
mysql_close($conn_root);
+ − 237
$conn = @mysql_connect($_POST['db_host'], $_POST['db_user'], $_POST['db_pass']);
+ − 238
if ( !$conn )
+ − 239
{
+ − 240
// This should honestly never happen.
+ − 241
return false;
+ − 242
}
+ − 243
}
+ − 244
}
+ − 245
$q = @mysql_query("USE `$db_name`;", $conn);
+ − 246
if ( !$q )
+ − 247
{
+ − 248
// access denied to the database; try the whole root schenanegan again
+ − 249
if ( !empty($_POST['db_root_user']) && !empty($_POST['db_root_pass']) )
+ − 250
{
+ − 251
$conn_root = @mysql_connect($_POST['db_host'], $_POST['db_root_user'], $_POST['db_root_pass']);
+ − 252
if ( !$conn_root )
+ − 253
{
+ − 254
// Couldn't connect as root; bail out
+ − 255
return false;
+ − 256
}
+ − 257
// create the database, if it doesn't exist
+ − 258
$q = @mysql_query("CREATE DATABASE IF NOT EXISTS `$db_name`;", $conn_root);
+ − 259
if ( !$q )
+ − 260
{
+ − 261
// this really should never fail, so don't give any tolerance to it
+ − 262
return false;
+ − 263
}
+ − 264
unset($db_user, $db_pass);
+ − 265
$db_user = mysql_real_escape_string($_POST['db_user']);
+ − 266
$db_pass = mysql_real_escape_string($_POST['db_pass']);
+ − 267
// we're in with root rights; grant access to the database
+ − 268
$q = @mysql_query("GRANT ALL PRIVILEGES ON `$db_name`.* TO '{$db_user}'@'localhost';", $conn_root);
+ − 269
if ( !$q )
+ − 270
{
+ − 271
return false;
+ − 272
}
+ − 273
if ( $_POST['db_host'] != 'localhost' && $_POST['db_host'] != '127.0.0.1' && $_POST['db_host'] != '::1' )
+ − 274
{
+ − 275
$q = @mysql_query("GRANT ALL PRIVILEGES ON `$db_name`.* TO '{$db_user}'@'%';", $conn_root);
+ − 276
if ( !$q )
+ − 277
{
+ − 278
return false;
+ − 279
}
+ − 280
}
+ − 281
mysql_close($conn_root);
+ − 282
// grant tables have hopefully been flushed, kill and reconnect our regular user connection
+ − 283
mysql_close($conn);
+ − 284
$conn = @mysql_connect($_POST['db_host'], $_POST['db_user'], $_POST['db_pass']);
+ − 285
if ( !$conn )
+ − 286
{
+ − 287
return false;
+ − 288
}
+ − 289
}
+ − 290
else
+ − 291
{
+ − 292
return false;
+ − 293
}
+ − 294
// try again
+ − 295
$q = @mysql_query("USE `$db_name`;", $conn);
+ − 296
if ( !$q )
+ − 297
{
+ − 298
// really failed this time; bail out
+ − 299
return false;
+ − 300
}
+ − 301
}
+ − 302
// connected and database exists
+ − 303
return true;
+ − 304
}
+ − 305
+ − 306
function stg_drop_tables()
+ − 307
{
+ − 308
$conn = stg_mysql_connect(true);
+ − 309
if ( !$conn )
+ − 310
return false;
+ − 311
// Our list of tables included in Enano
+ − 312
$tables = Array( 'categories', 'comments', 'config', 'logs', 'page_text', 'session_keys', 'pages', 'users', 'users_extra', 'themes', 'buddies', 'banlist', 'files', 'privmsgs', 'sidebar', 'hits', 'search_index', 'groups', 'group_members', 'acl', 'search_cache', 'tags', 'page_groups', 'page_group_members' );
+ − 313
+ − 314
// Drop each table individually; if it fails, it probably means we're trying to drop a
+ − 315
// table that didn't exist in the Enano version we're deleting the database for.
+ − 316
foreach ( $tables as $table )
+ − 317
{
+ − 318
// Remember that table_prefix is sanitized.
+ − 319
$table = "{$_POST['table_prefix']}$table";
+ − 320
@mysql_query("DROP TABLE $table;", $conn);
+ − 321
}
+ − 322
return true;
+ − 323
}
+ − 324
+ − 325
function stg_decrypt_admin_pass($act_get = false)
+ − 326
{
+ − 327
static $decrypted_pass = false;
+ − 328
if ( $act_get )
+ − 329
return $decrypted_pass;
+ − 330
+ − 331
$aes = new AESCrypt(AES_BITS, AES_BLOCKSIZE);
+ − 332
+ − 333
if ( !empty($_POST['crypt_data']) )
+ − 334
{
+ − 335
require('config.new.php');
+ − 336
if ( !isset($cryptkey) )
+ − 337
{
+ − 338
return false;
+ − 339
}
+ − 340
define('_INSTRESUME_AES_KEYBACKUP', $key);
+ − 341
$key = hexdecode($cryptkey);
+ − 342
+ − 343
$decrypted_pass = $aes->decrypt($_POST['crypt_data'], $key, ENC_HEX);
+ − 344
+ − 345
}
+ − 346
else
+ − 347
{
+ − 348
$decrypted_pass = $_POST['admin_pass'];
+ − 349
}
+ − 350
if ( empty($decrypted_pass) )
+ − 351
return false;
+ − 352
return true;
+ − 353
}
+ − 354
+ − 355
function stg_generate_aes_key($act_get = false)
+ − 356
{
+ − 357
static $key = false;
+ − 358
if ( $act_get )
+ − 359
return $key;
+ − 360
+ − 361
$aes = new AESCrypt(AES_BITS, AES_BLOCKSIZE);
+ − 362
$key = $aes->gen_readymade_key();
+ − 363
return true;
+ − 364
}
+ − 365
+ − 366
function stg_parse_schema($act_get = false)
+ − 367
{
+ − 368
static $schema;
+ − 369
if ( $act_get )
+ − 370
return $schema;
+ − 371
+ − 372
$admin_pass = stg_decrypt_admin_pass(true);
+ − 373
$key = stg_generate_aes_key(true);
+ − 374
$aes = new AESCrypt(AES_BITS, AES_BLOCKSIZE);
+ − 375
$key = $aes->hextostring($key);
+ − 376
$admin_pass = $aes->encrypt($admin_pass, $key, ENC_HEX);
+ − 377
+ − 378
$cacheonoff = is_writable(ENANO_ROOT.'/cache/') ? '1' : '0';
+ − 379
+ − 380
$schema = file_get_contents('schema.sql');
+ − 381
$schema = str_replace('{{SITE_NAME}}', mysql_real_escape_string($_POST['sitename'] ), $schema);
+ − 382
$schema = str_replace('{{SITE_DESC}}', mysql_real_escape_string($_POST['sitedesc'] ), $schema);
+ − 383
$schema = str_replace('{{COPYRIGHT}}', mysql_real_escape_string($_POST['copyright'] ), $schema);
+ − 384
$schema = str_replace('{{ADMIN_USER}}', mysql_real_escape_string($_POST['admin_user'] ), $schema);
+ − 385
$schema = str_replace('{{ADMIN_PASS}}', mysql_real_escape_string($admin_pass ), $schema);
+ − 386
$schema = str_replace('{{ADMIN_EMAIL}}', mysql_real_escape_string($_POST['admin_email']), $schema);
+ − 387
$schema = str_replace('{{ENABLE_CACHE}}', mysql_real_escape_string($cacheonoff ), $schema);
+ − 388
$schema = str_replace('{{REAL_NAME}}', '', $schema);
+ − 389
$schema = str_replace('{{TABLE_PREFIX}}', $_POST['table_prefix'], $schema);
+ − 390
$schema = str_replace('{{VERSION}}', ENANO_VERSION, $schema);
+ − 391
$schema = str_replace('{{ADMIN_EMBED_PHP}}', $_POST['admin_embed_php'], $schema);
+ − 392
// Not anymore!! :-D
+ − 393
// $schema = str_replace('{{BETA_VERSION}}', ENANO_BETA_VERSION, $schema);
+ − 394
+ − 395
if(isset($_POST['wiki_mode']))
+ − 396
{
+ − 397
$schema = str_replace('{{WIKI_MODE}}', '1', $schema);
+ − 398
}
+ − 399
else
+ − 400
{
+ − 401
$schema = str_replace('{{WIKI_MODE}}', '0', $schema);
+ − 402
}
+ − 403
+ − 404
// Build an array of queries
+ − 405
$schema = explode("\n", $schema);
+ − 406
+ − 407
foreach ( $schema as $i => $sql )
+ − 408
{
+ − 409
$query =& $schema[$i];
+ − 410
$t = trim($query);
+ − 411
if ( empty($t) || preg_match('/^(\#|--)/i', $t) )
+ − 412
{
+ − 413
unset($schema[$i]);
+ − 414
unset($query);
+ − 415
}
+ − 416
}
+ − 417
+ − 418
$schema = array_values($schema);
+ − 419
$schema = implode("\n", $schema);
+ − 420
$schema = explode(";\n", $schema);
+ − 421
+ − 422
foreach ( $schema as $i => $sql )
+ − 423
{
+ − 424
$query =& $schema[$i];
+ − 425
if ( substr($query, ( strlen($query) - 1 ), 1 ) != ';' )
+ − 426
{
+ − 427
$query .= ';';
+ − 428
}
+ − 429
}
+ − 430
+ − 431
return true;
+ − 432
}
+ − 433
+ − 434
function stg_install($_unused, $already_run)
+ − 435
{
+ − 436
// This one's pretty easy.
+ − 437
$conn = stg_mysql_connect(true);
+ − 438
if ( !is_resource($conn) )
+ − 439
return false;
+ − 440
$schema = stg_parse_schema(true);
+ − 441
if ( !is_array($schema) )
+ − 442
return false;
+ − 443
+ − 444
// If we're resuming installation, the encryption key was regenerated.
+ − 445
// This means we'll have to update the encrypted password in the database.
+ − 446
if ( $already_run )
+ − 447
{
+ − 448
$admin_pass = stg_decrypt_admin_pass(true);
+ − 449
$key = stg_generate_aes_key(true);
+ − 450
$aes = new AESCrypt(AES_BITS, AES_BLOCKSIZE);
+ − 451
$key = $aes->hextostring($key);
+ − 452
$admin_pass = $aes->encrypt($admin_pass, $key, ENC_HEX);
+ − 453
$admin_user = mysql_real_escape_string($_POST['admin_user']);
+ − 454
+ − 455
$q = @mysql_query("UPDATE {$_POST['table_prefix']}users SET password='$admin_pass' WHERE username='$admin_user';");
+ − 456
if ( !$q )
+ − 457
{
+ − 458
echo '<p><tt>MySQL return: ' . mysql_error() . '</tt></p>';
+ − 459
return false;
+ − 460
}
+ − 461
+ − 462
return true;
+ − 463
}
+ − 464
+ − 465
// OK, do the loop, baby!!!
+ − 466
foreach($schema as $q)
+ − 467
{
+ − 468
$r = mysql_query($q, $conn);
+ − 469
if ( !$r )
+ − 470
{
+ − 471
echo '<p><tt>MySQL return: ' . mysql_error() . '</tt></p>';
+ − 472
return false;
+ − 473
}
+ − 474
}
+ − 475
+ − 476
return true;
+ − 477
}
+ − 478
+ − 479
function stg_write_config()
+ − 480
{
+ − 481
$privkey = stg_generate_aes_key(true);
+ − 482
+ − 483
switch($_POST['urlscheme'])
+ − 484
{
+ − 485
case "ugly":
+ − 486
default:
+ − 487
$cp = scriptPath.'/index.php?title=';
+ − 488
break;
+ − 489
case "short":
+ − 490
$cp = scriptPath.'/index.php/';
+ − 491
break;
+ − 492
case "tiny":
+ − 493
$cp = scriptPath.'/';
+ − 494
break;
+ − 495
}
+ − 496
+ − 497
if ( $_POST['urlscheme'] == 'tiny' )
+ − 498
{
+ − 499
$contents = '# Begin Enano rules
+ − 500
RewriteEngine on
+ − 501
RewriteCond %{REQUEST_FILENAME} !-d
+ − 502
RewriteCond %{REQUEST_FILENAME} !-f
+ − 503
RewriteRule ^(.+) '.scriptPath.'/index.php?title=$1 [L,QSA]
+ − 504
RewriteRule \.(php|html|gif|jpg|png|css|js)$ - [L]
+ − 505
# End Enano rules
+ − 506
';
+ − 507
if ( file_exists('./.htaccess') )
+ − 508
$ht = fopen(ENANO_ROOT.'/.htaccess', 'a+');
+ − 509
else
+ − 510
$ht = fopen(ENANO_ROOT.'/.htaccess.new', 'w');
+ − 511
if ( !$ht )
+ − 512
return false;
+ − 513
fwrite($ht, $contents);
+ − 514
fclose($ht);
+ − 515
}
+ − 516
+ − 517
$config_file = '<?php
+ − 518
/* Enano auto-generated configuration file - editing not recommended! */
+ − 519
$dbhost = \''.addslashes($_POST['db_host']).'\';
+ − 520
$dbname = \''.addslashes($_POST['db_name']).'\';
+ − 521
$dbuser = \''.addslashes($_POST['db_user']).'\';
+ − 522
$dbpasswd = \''.addslashes($_POST['db_pass']).'\';
+ − 523
if ( !defined(\'ENANO_CONSTANTS\') )
+ − 524
{
+ − 525
define(\'ENANO_CONSTANTS\', \'\');
+ − 526
define(\'table_prefix\', \''.addslashes($_POST['table_prefix']).'\');
+ − 527
define(\'scriptPath\', \''.scriptPath.'\');
+ − 528
define(\'contentPath\', \''.$cp.'\');
+ − 529
define(\'ENANO_INSTALLED\', \'true\');
+ − 530
}
+ − 531
$crypto_key = \''.$privkey.'\';
+ − 532
?>';
+ − 533
+ − 534
$cf_handle = fopen(ENANO_ROOT.'/config.new.php', 'w');
+ − 535
if ( !$cf_handle )
+ − 536
return false;
+ − 537
fwrite($cf_handle, $config_file);
+ − 538
+ − 539
fclose($cf_handle);
+ − 540
+ − 541
return true;
+ − 542
}
+ − 543
+ − 544
function _stg_rename_config_revert()
+ − 545
{
+ − 546
if ( file_exists('./config.php') )
+ − 547
{
+ − 548
@rename('./config.php', './config.new.php');
+ − 549
}
+ − 550
+ − 551
$handle = @fopen('./config.php.new', 'w');
+ − 552
if ( !$handle )
+ − 553
return false;
+ − 554
$contents = '<?php $cryptkey = \'' . _INSTRESUME_AES_KEYBACKUP . '\'; ?>';
+ − 555
fwrite($handle, $contents);
+ − 556
fclose($handle);
+ − 557
return true;
+ − 558
}
+ − 559
+ − 560
function stg_rename_config()
+ − 561
{
+ − 562
if ( !@rename('./config.new.php', './config.php') )
+ − 563
{
+ − 564
echo '<p>Can\'t rename config.php</p>';
+ − 565
_stg_rename_config_revert();
+ − 566
return false;
+ − 567
}
+ − 568
+ − 569
if ( $_POST['urlscheme'] == 'tiny' && !file_exists('./.htaccess') )
+ − 570
{
+ − 571
if ( !@rename('./.htaccess.new', './.htaccess') )
+ − 572
{
+ − 573
echo '<p>Can\'t rename .htaccess</p>';
+ − 574
_stg_rename_config_revert();
+ − 575
return false;
+ − 576
}
+ − 577
}
+ − 578
return true;
+ − 579
}
+ − 580
+ − 581
function stg_start_api_success()
+ − 582
{
+ − 583
return true;
+ − 584
}
+ − 585
+ − 586
function stg_start_api_failure()
+ − 587
{
+ − 588
return false;
+ − 589
}
+ − 590
+ − 591
function stg_init_logs()
+ − 592
{
+ − 593
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 594
+ − 595
$q = $db->sql_query('INSERT INTO ' . table_prefix . 'logs(log_type,action,time_id,date_string,author,page_text,edit_summary) VALUES(\'security\', \'install_enano\', ' . time() . ', \'' . date('d M Y h:i a') . '\', \'' . mysql_real_escape_string($_POST['admin_user']) . '\', \'' . mysql_real_escape_string(ENANO_VERSION) . '\', \'' . mysql_real_escape_string($_SERVER['REMOTE_ADDR']) . '\');');
+ − 596
if ( !$q )
+ − 597
{
+ − 598
echo '<p><tt>MySQL return: ' . mysql_error() . '</tt></p>';
+ − 599
return false;
+ − 600
}
+ − 601
+ − 602
if ( !$session->get_permissions('clear_logs') )
+ − 603
{
+ − 604
echo '<p><tt>$session: denied clear_logs</tt></p>';
+ − 605
return false;
+ − 606
}
+ − 607
+ − 608
PageUtils::flushlogs('Main_Page', 'Article');
+ − 609
+ − 610
return true;
+ − 611
}
+ − 612
+ − 613
//die('Key size: ' . AES_BITS . '<br />Block size: ' . AES_BLOCKSIZE);
+ − 614
+ − 615
if(!function_exists('wikiFormat'))
+ − 616
{
+ − 617
function wikiFormat($message, $filter_links = true)
+ − 618
{
+ − 619
$wiki = & Text_Wiki::singleton('Mediawiki');
+ − 620
$wiki->setRenderConf('Xhtml', 'code', 'css_filename', 'codefilename');
+ − 621
$wiki->setRenderConf('Xhtml', 'wikilink', 'view_url', contentPath);
+ − 622
$result = $wiki->transform($message, 'Xhtml');
+ − 623
+ − 624
// HTML fixes
+ − 625
$result = preg_replace('#<tr>([\s]*?)<\/tr>#is', '', $result);
+ − 626
$result = preg_replace('#<p>([\s]*?)<\/p>#is', '', $result);
+ − 627
$result = preg_replace('#<br />([\s]*?)<table#is', '<table', $result);
+ − 628
+ − 629
return $result;
+ − 630
}
+ − 631
}
+ − 632
+ − 633
global $failed, $warned;
+ − 634
+ − 635
$failed = false;
+ − 636
$warned = false;
+ − 637
+ − 638
function not($var)
+ − 639
{
+ − 640
if($var)
+ − 641
{
+ − 642
return false;
+ − 643
}
+ − 644
else
+ − 645
{
+ − 646
return true;
+ − 647
}
+ − 648
}
+ − 649
+ − 650
function run_test($code, $desc, $extended_desc, $warn = false)
+ − 651
{
+ − 652
global $failed, $warned;
+ − 653
static $cv = true;
+ − 654
$cv = not($cv);
+ − 655
$val = eval($code);
+ − 656
if($val)
+ − 657
{
+ − 658
if($cv) $color='CCFFCC'; else $color='AAFFAA';
+ − 659
echo "<tr><td style='background-color: #$color; width: 500px;'>$desc</td><td style='padding-left: 10px;'><img alt='Test passed' src='images/good.gif' /></td></tr>";
+ − 660
} elseif(!$val && $warn) {
+ − 661
if($cv) $color='FFFFCC'; else $color='FFFFAA';
+ − 662
echo "<tr><td style='background-color: #$color; width: 500px;'>$desc<br /><b>$extended_desc</b></td><td style='padding-left: 10px;'><img alt='Test passed with warning' src='images/unknown.gif' /></td></tr>";
+ − 663
$warned = true;
+ − 664
} else {
+ − 665
if($cv) $color='FFCCCC'; else $color='FFAAAA';
+ − 666
echo "<tr><td style='background-color: #$color; width: 500px;'>$desc<br /><b>$extended_desc</b></td><td style='padding-left: 10px;'><img alt='Test failed' src='images/bad.gif' /></td></tr>";
+ − 667
$failed = true;
+ − 668
}
+ − 669
}
+ − 670
function is_apache() { $r = strstr($_SERVER['SERVER_SOFTWARE'], 'Apache') ? true : false; return $r; }
+ − 671
+ − 672
require_once('includes/template.php');
+ − 673
+ − 674
if(!isset($_GET['mode'])) $_GET['mode'] = 'welcome';
+ − 675
switch($_GET['mode'])
+ − 676
{
+ − 677
case 'mysql_test':
+ − 678
error_reporting(0);
+ − 679
$dbhost = rawurldecode($_POST['host']);
+ − 680
$dbname = rawurldecode($_POST['name']);
+ − 681
$dbuser = rawurldecode($_POST['user']);
+ − 682
$dbpass = rawurldecode($_POST['pass']);
+ − 683
$dbrootuser = rawurldecode($_POST['root_user']);
+ − 684
$dbrootpass = rawurldecode($_POST['root_pass']);
+ − 685
if($dbrootuser != '')
+ − 686
{
+ − 687
$conn = mysql_connect($dbhost, $dbrootuser, $dbrootpass);
+ − 688
if(!$conn)
+ − 689
{
+ − 690
$e = mysql_error();
+ − 691
if(strstr($e, "Lost connection"))
+ − 692
die('host'.$e);
+ − 693
else
+ − 694
die('root'.$e);
+ − 695
}
+ − 696
$rsp = 'good';
+ − 697
$q = mysql_query('USE '.$dbname, $conn);
+ − 698
if(!$q)
+ − 699
{
+ − 700
$e = mysql_error();
+ − 701
if(strstr($e, 'Unknown database'))
+ − 702
{
+ − 703
$rsp .= '_creating_db';
+ − 704
}
+ − 705
}
+ − 706
mysql_close($conn);
+ − 707
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
+ − 708
if(!$conn)
+ − 709
{
+ − 710
$e = mysql_error();
+ − 711
if(strstr($e, "Lost connection"))
+ − 712
die('host'.$e);
+ − 713
else
+ − 714
$rsp .= '_creating_user';
+ − 715
}
+ − 716
mysql_close($conn);
+ − 717
die($rsp);
+ − 718
}
+ − 719
else
+ − 720
{
+ − 721
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
+ − 722
if(!$conn)
+ − 723
{
+ − 724
$e = mysql_error();
+ − 725
if(strstr($e, "Lost connection"))
+ − 726
die('host'.$e);
+ − 727
else
+ − 728
die('auth'.$e);
+ − 729
}
+ − 730
$q = mysql_query('USE '.$dbname, $conn);
+ − 731
if(!$q)
+ − 732
{
+ − 733
$e = mysql_error();
+ − 734
if(strstr($e, 'Unknown database'))
+ − 735
{
+ − 736
die('name'.$e);
+ − 737
}
+ − 738
else
+ − 739
{
+ − 740
die('perm'.$e);
+ − 741
}
+ − 742
}
+ − 743
}
+ − 744
$v = mysql_get_server_info();
+ − 745
if(version_compare($v, '4.1.17', '<')) die('vers'.$v);
+ − 746
mysql_close($conn);
+ − 747
die('good');
+ − 748
break;
+ − 749
case 'pophelp':
+ − 750
$topic = ( isset($_GET['topic']) ) ? $_GET['topic'] : 'invalid';
+ − 751
switch($topic)
+ − 752
{
+ − 753
case 'admin_embed_php':
+ − 754
$title = 'Allow administrators to embed PHP';
+ − 755
$content = '<p>This option allows you to control whether anything between the standard <?php and ?> tags will be treated as
+ − 756
PHP code by Enano. If this option is enabled, and members of the Administrators group use these tags, Enano will
+ − 757
execute that code when the page is loaded. There are obvious potential security implications here, which should
+ − 758
be carefully considered before enabling this option.</p>
+ − 759
<p>If you are the only administrator of this site, or if you have a high level of trust for those will be administering
+ − 760
the site with you, you should enable this to allow extreme customization of pages.</p>
+ − 761
<p>Leave this option off if you are at all concerned about security – if your account is compromised and PHP embedding
+ − 762
is enabled, an attacker can run arbitrary code on your server! Enabling this will also allow administrators to
+ − 763
embed Javascript and arbitrary HTML and CSS.</p>
+ − 764
<p>If you don\'t have experience coding in PHP, you can safely disable this option. You may change this at any time
+ − 765
using the ACL editor by selecting the Administrators group and This Entire Website under the scope selection. <!-- , or by
+ − 766
using the "embedded PHP kill switch" in the administration panel. --></p>';
+ − 767
break;
+ − 768
default:
+ − 769
$title = 'Invalid topic';
+ − 770
$content = 'Invalid help topic.';
+ − 771
break;
+ − 772
}
+ − 773
echo <<<EOF
+ − 774
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
+ − 775
<html>
+ − 776
<head>
+ − 777
<title>Enano installation quick help • {$title}</title>
+ − 778
<meta http-equiv="Content-type" content="text/html; charset=utf-8" />
+ − 779
<style type="text/css">
+ − 780
body {
+ − 781
font-family: trebuchet ms, verdana, arial, helvetica, sans-serif;
+ − 782
font-size: 9pt;
+ − 783
}
+ − 784
h2 { border-bottom: 1px solid #90B0D0; margin-bottom: 0; }
+ − 785
h3 { font-size: 11pt; font-weight: bold; }
+ − 786
li { list-style: url(../images/bullet.gif); }
+ − 787
p { margin: 1.0em; }
+ − 788
blockquote { background-color: #F4F4F4; border: 1px dotted #406080; margin: 1em; padding: 10px; max-height: 250px; overflow: auto; }
+ − 789
a { color: #7090B0; }
+ − 790
a:hover { color: #90B0D0; }
+ − 791
</style>
+ − 792
</head>
+ − 793
<body>
+ − 794
<h2>{$title}</h2>
+ − 795
{$content}
+ − 796
<p style="text-align: right;">
+ − 797
<a href="#" onclick="window.close(); return false;">Close window</a>
+ − 798
</p>
+ − 799
</body>
+ − 800
</html>
+ − 801
EOF;
+ − 802
exit;
+ − 803
break;
+ − 804
default:
+ − 805
break;
+ − 806
}
+ − 807
+ − 808
$template = new template_nodb();
+ − 809
$template->load_theme('oxygen', 'bleu', false);
+ − 810
+ − 811
$modestrings = Array(
+ − 812
'welcome' => 'Welcome',
+ − 813
'license' => 'License Agreement',
+ − 814
'sysreqs' => 'Server requirements',
+ − 815
'database'=> 'Database information',
+ − 816
'website' => 'Website configuration',
+ − 817
'login' => 'Administration login',
+ − 818
'confirm' => 'Confirm installation',
+ − 819
'install' => 'Database installation',
+ − 820
'finish' => 'Installation complete'
+ − 821
);
+ − 822
+ − 823
$sideinfo = '';
+ − 824
$vars = $template->extract_vars('elements.tpl');
+ − 825
$p = $template->makeParserText($vars['sidebar_button']);
+ − 826
foreach ( $modestrings as $id => $str )
+ − 827
{
+ − 828
if ( $_GET['mode'] == $id )
+ − 829
{
+ − 830
$flags = 'style="font-weight: bold; text-decoration: underline;"';
+ − 831
$this_page = $str;
+ − 832
}
+ − 833
else
+ − 834
{
+ − 835
$flags = '';
+ − 836
}
+ − 837
$p->assign_vars(Array(
+ − 838
'HREF' => '#',
+ − 839
'FLAGS' => $flags . ' onclick="return false;"',
+ − 840
'TEXT' => $str
+ − 841
));
+ − 842
$sideinfo .= $p->run();
+ − 843
}
+ − 844
+ − 845
$template->init_vars();
+ − 846
+ − 847
if(isset($_GET['mode']) && $_GET['mode'] == 'css')
+ − 848
{
+ − 849
header('Content-type: text/css');
+ − 850
echo $template->get_css();
+ − 851
exit;
+ − 852
}
+ − 853
+ − 854
$template->header();
+ − 855
if(!isset($_GET['mode'])) $_GET['mode'] = 'license';
+ − 856
switch($_GET['mode'])
+ − 857
{
+ − 858
default:
+ − 859
case 'welcome':
+ − 860
?>
+ − 861
<div style="text-align: center; margin-top: 10px;">
+ − 862
<img alt="[ Enano CMS Project logo ]" src="images/enano-artwork/installer-greeting-blue.png" style="display: block; margin: 0 auto; padding-left: 100px;" />
+ − 863
<h2>Welcome to Enano</h2>
+ − 864
<h3>version 1.0.2 – stable<br />
+ − 865
<span style="font-weight: normal;">also affectionately known as "coblynau" <tt>:)</tt></span></h3>
+ − 866
<?php
+ − 867
if ( file_exists('./_nightly.php') )
+ − 868
{
+ − 869
echo '<div class="warning-box" style="text-align: left; margin: 10px 0;"><b>You are about to install a NIGHTLY BUILD of Enano.</b><br />Nightly builds are NOT upgradeable and may contain serious flaws, security problems, or extraneous debugging information. Installing this version of Enano on a production site is NOT recommended.</div>';
+ − 870
}
+ − 871
?>
+ − 872
<form action="install.php?mode=license" method="post">
+ − 873
<input type="submit" value="Start installation" />
+ − 874
</form>
+ − 875
</div>
+ − 876
<?php
+ − 877
break;
+ − 878
case "license":
+ − 879
?>
+ − 880
<h3>Welcome to the Enano installer.</h3>
+ − 881
<p>Thank you for choosing Enano as your CMS. You've selected the finest in design, the strongest in security, and the latest in Web 2.0 toys. Trust us, you'll like it.</p>
+ − 882
<p>To get started, please read and accept the following license agreement. You've probably seen it before.</p>
+ − 883
<div style="height: 500px; clip: rect(0px,auto,500px,auto); overflow: auto; padding: 10px; border: 1px dashed #456798; margin: 1em;">
+ − 884
<h2>GNU General Public License</h2>
+ − 885
<h3>Declaration of license usage</h3>
+ − 886
<p>Enano is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.</p>
+ − 887
<p>This program is distributed in the hope that it will be useful, but <u>without any warranty</u>; without even the implied warranty of <u>merchantability</u> or <u>fitness for a particular purpose</u>. See the GNU General Public License (below) for more details.</p>
+ − 888
<p><b>By clicking the button below or otherwise continuing the installation, you indicate your acceptance of this license agreement.</b></p>
+ − 889
<h3>Human-readable version</h3>
+ − 890
<p>Enano is distributed under certain licensing terms that we believe make it of the greatest possible use to the public. The license we distribute it under, the GNU General Public License, provides certain terms and conditions that, rather than limit your use of Enano, allow you to get the most out of it. If you would like to read the full text, it can be found below. Here is a human-readable version that we think is a little easier to understand.</p>
+ − 891
<ul>
+ − 892
<li>You may to run Enano for any purpose.</li>
+ − 893
<li>You may study how Enano works and adapt it to your needs.</li>
+ − 894
<li>You may redistribute copies so you can help your neighbor.</li>
+ − 895
<li>You may improve Enano and release your improvements to the public, so that the whole community benefits.</li>
+ − 896
</ul>
+ − 897
<p>You may exercise the freedoms specified here provided that you comply with the express conditions of this license. The principal conditions are:</p>
+ − 898
<ul>
+ − 899
<li>You must conspicuously and appropriately publish on each copy distributed an appropriate copyright notice and disclaimer of warranty and keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of Enano a copy of the GNU General Public License along with Enano. Any translation of the GNU General Public License must be accompanied by the GNU General Public License.</li>
+ − 900
<li>If you modify your copy or copies of Enano or any portion of it, or develop a program based upon it, you may distribute the resulting work provided you do so under the GNU General Public License. Any translation of the GNU General Public License must be accompanied by the GNU General Public License.</li>
+ − 901
<li>If you copy or distribute Enano, you must accompany it with the complete corresponding machine-readable source code or with a written offer, valid for at least three years, to furnish the complete corresponding machine-readable source code.</li>
+ − 902
</ul>
+ − 903
<p><b>Disclaimer</b>: The above text is not a license. It is simply a handy reference for understanding the Legal Code (the full license) – it is a human-readable expression of some of its key terms. Think of it as the user-friendly interface to the Legal Code beneath. The above text itself has no legal value, and its contents do not appear in the actual license.<br /><span style="color: #CCC">Text copied from the <a href="http://creativecommons.org/licenses/GPL/2.0/">Creative Commons GPL Deed page</a></span></p>
+ − 904
<?php
+ − 905
if ( defined('ENANO_BETA_VERSION') )
+ − 906
{
+ − 907
?>
+ − 908
<h3>Notice for prerelease versions</h3>
+ − 909
<p>This version of Enano is designed only for testing and evaluation purposes. <b>It is not yet completely stable, and should not be used on production websites.</b> As with any Enano version, Dan Fuhry and the Enano team cannot be responsible for any damage, physical or otherwise, to any property as a result of the use of Enano. While security is a number one priority, sometimes things slip through.</p>
+ − 910
<?php
+ − 911
}
+ − 912
?>
+ − 913
<h3>Lawyer-readable version</h3>
+ − 914
<?php echo wikiFormat(file_get_contents(ENANO_ROOT . '/GPL')); ?>
+ − 915
</div>
+ − 916
<div class="pagenav">
+ − 917
<form action="install.php?mode=sysreqs" method="post">
+ − 918
<table border="0">
+ − 919
<tr>
+ − 920
<td><input type="submit" value="I agree to the license terms" /></td><td><p><span style="font-weight: bold;">Before clicking continue:</span><br />• Ensure that you agree with the terms of the license<br />• Have your database host, name, username, and password available</p></td>
+ − 921
</tr>
+ − 922
</table>
+ − 923
</form>
+ − 924
</div>
+ − 925
<?php
+ − 926
break;
+ − 927
case "sysreqs":
+ − 928
error_reporting(E_ALL);
+ − 929
?>
+ − 930
<h3>Checking your server</h3>
+ − 931
<p>Enano has several requirements that must be met before it can be installed. If all is good then note any warnings and click Continue below.</p>
+ − 932
<table border="0" cellspacing="0" cellpadding="0">
+ − 933
<?php
+ − 934
run_test('return version_compare(\'4.3.0\', PHP_VERSION, \'<\');', 'PHP Version >=4.3.0', 'It seems that the version of PHP that your server is running is too old to support Enano properly. If this is your server, please upgrade to the most recent version of PHP, remembering to use the --with-mysql configure option if you compile it yourself. If this is not your server, please contact your webhost and ask them if it would be possible to upgrade PHP. If this is not possible, you will need to switch to a different webhost in order to use Enano.');
+ − 935
run_test('return function_exists(\'mysql_connect\');', 'MySQL extension for PHP', 'It seems that your PHP installation does not have the MySQL extension enabled. If this is your own server, you may need to just enable the "libmysql.so" extension in php.ini. If you do not have the MySQL extension installed, you will need to either use your distribution\'s package manager to install it, or you will have to compile PHP from source. If you compile PHP from source, please remember to use the "--with-mysql" configure option, and you will have to have the MySQL development files installed (they usually are). If this is not your server, please contact your hosting company and ask them to install the PHP MySQL extension.');
+ − 936
run_test('return @ini_get(\'file_uploads\');', 'File upload support', 'It seems that your server does not support uploading files. Enano *requires* this functionality in order to work properly. Please ask your server administrator to set the "file_uploads" option in php.ini to "On".');
+ − 937
run_test('return is_apache();', 'Apache HTTP Server', 'Apparently your server is running a web server other than Apache. Enano will work nontheless, but there are some known bugs with non-Apache servers, and the "fancy" URLs will not work properly. The "Standard URLs" option will be set on the website configuration page, only change it if you are absolutely certain that your server is running Apache.', true);
+ − 938
//run_test('return function_exists(\'finfo_file\');', 'Fileinfo PECL extension', 'The MIME magic PHP extension is used to determine the type of a file by looking for a certain "magic" string of characters inside it. This functionality is used by Enano to more effectively prevent malicious file uploads. The MIME magic option will be disabled by default.', true);
+ − 939
run_test('return is_writable(ENANO_ROOT.\'/config.new.php\');', 'Configuration file writable', 'It looks like the configuration file, config.new.php, is not writable. Enano needs to be able to write to this file in order to install.<br /><br /><b>If you are installing Enano on a SourceForge web site:</b><br />SourceForge mounts the web partitions read-only now, so you will need to use the project shell service to symlink config.php to a file in the /tmp/persistent directory.');
+ − 940
run_test('return file_exists(\'/usr/bin/convert\');', 'ImageMagick support', 'Enano uses ImageMagick to scale images into thumbnails. Because ImageMagick was not found on your server, Enano will use the width= and height= attributes on the <img> tag to scale images. This can cause somewhat of a performance increase, but bandwidth usage will be higher, especially if you use high-resolution images on your site.<br /><br />If you are sure that you have ImageMagick, you can set the location of the "convert" program using the administration panel after installation is complete.', true);
+ − 941
run_test('return is_writable(ENANO_ROOT.\'/cache/\');', 'Cache directory writable', 'Apparently the cache/ directory is not writable. Enano will still work, but you will not be able to cache thumbnails, meaning the server will need to re-render them each time they are requested. In some cases, this can cause a significant slowdown.', true);
+ − 942
run_test('return is_writable(ENANO_ROOT.\'/files/\');', 'File uploads directory writable', 'It seems that the directory where uploaded files are stored (' . ENANO_ROOT . '/files) cannot be written by the server. Enano will still function, but file uploads will not function, and will be disabled by default.', true);
+ − 943
echo '</table>';
+ − 944
if(!$failed)
+ − 945
{
+ − 946
?>
+ − 947
+ − 948
<div class="pagenav">
+ − 949
<?php
+ − 950
if($warned) {
+ − 951
echo '<table border="0" cellspacing="0" cellpadding="0">';
+ − 952
run_test('return false;', 'Some of the features of Enano have been turned off to accommodate your server.', 'Enano has detected that some of the features or configuration settings on your server are not optimal for the best behavior and/or performance for Enano. As a result, certain features or enhancements that are part of Enano have been disabled to prevent further errors. You have seen those "fatal error" notices that spew from PHP, haven\'t you?<br /><br /> <tt>Fatal error:</tt></b><tt> call to undefined function wannahockaloogie() in file <b>'.__FILE__.'</b> on line </tt><b><tt>'.__LINE__.'</tt>', true);
+ − 953
echo '</table>';
+ − 954
} else {
+ − 955
echo '<table border="0" cellspacing="0" cellpadding="0">';
+ − 956
run_test('return true;', '<b>Your server meets all the requirements for running Enano.</b><br />Click the button below to continue the installation.', 'You should never see this text. Congratulations for being an Enano hacker!');
+ − 957
echo '</table>';
+ − 958
}
+ − 959
?>
+ − 960
<form action="install.php?mode=database" method="post">
+ − 961
<table border="0">
+ − 962
<tr>
+ − 963
<td><input type="submit" value="Continue" /></td><td><p><span style="font-weight: bold;">Before clicking continue:</span><br />• Review the list above to ensure that you are satisfied with any of Enano's workarounds for your server. If you need a particular feature and that feature is listed as disabled above, you should take the opportunity now to correct the problem.<br />• Have your database host, name, username, and password available</p></td>
+ − 964
</tr>
+ − 965
</table>
+ − 966
</form>
+ − 967
</div>
+ − 968
<?php
+ − 969
} else {
+ − 970
if($failed) {
+ − 971
echo '<div class="pagenav"><table border="0" cellspacing="0" cellpadding="0">';
+ − 972
run_test('return false;', 'Your server does not meet the requirements for Enano to run.', 'As a precaution, Enano will not install until the above requirements have been met. Contact your server administrator or hosting company and convince them to upgrade. Good luck.');
+ − 973
echo '</table></div>';
+ − 974
}
+ − 975
}
+ − 976
?>
+ − 977
<?php
+ − 978
break;
+ − 979
case "database":
+ − 980
?>
+ − 981
<script type="text/javascript">
+ − 982
function ajaxGet(uri, f) {
+ − 983
if (window.XMLHttpRequest) {
+ − 984
ajax = new XMLHttpRequest();
+ − 985
} else {
+ − 986
if (window.ActiveXObject) {
+ − 987
ajax = new ActiveXObject("Microsoft.XMLHTTP");
+ − 988
} else {
+ − 989
alert('Enano client-side runtime error: No AJAX support, unable to continue');
+ − 990
return;
+ − 991
}
+ − 992
}
+ − 993
ajax.onreadystatechange = f;
+ − 994
ajax.open('GET', uri, true);
+ − 995
ajax.send(null);
+ − 996
}
+ − 997
+ − 998
function ajaxPost(uri, parms, f) {
+ − 999
if (window.XMLHttpRequest) {
+ − 1000
ajax = new XMLHttpRequest();
+ − 1001
} else {
+ − 1002
if (window.ActiveXObject) {
+ − 1003
ajax = new ActiveXObject("Microsoft.XMLHTTP");
+ − 1004
} else {
+ − 1005
alert('Enano client-side runtime error: No AJAX support, unable to continue');
+ − 1006
return;
+ − 1007
}
+ − 1008
}
+ − 1009
ajax.onreadystatechange = f;
+ − 1010
ajax.open('POST', uri, true);
+ − 1011
ajax.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
+ − 1012
ajax.setRequestHeader("Content-length", parms.length);
+ − 1013
ajax.setRequestHeader("Connection", "close");
+ − 1014
ajax.send(parms);
+ − 1015
}
+ − 1016
function ajaxTestConnection()
+ − 1017
{
+ − 1018
v = verify();
+ − 1019
if(!v)
+ − 1020
{
+ − 1021
alert('One or more of the form fields is incorrect. Please correct any information in the form that has an "X" next to it.');
+ − 1022
return false;
+ − 1023
}
+ − 1024
var frm = document.forms.dbinfo;
+ − 1025
db_host = escape(frm.db_host.value.replace('+', '%2B'));
+ − 1026
db_name = escape(frm.db_name.value.replace('+', '%2B'));
+ − 1027
db_user = escape(frm.db_user.value.replace('+', '%2B'));
+ − 1028
db_pass = escape(frm.db_pass.value.replace('+', '%2B'));
+ − 1029
db_root_user = escape(frm.db_root_user.value.replace('+', '%2B'));
+ − 1030
db_root_pass = escape(frm.db_root_pass.value.replace('+', '%2B'));
+ − 1031
+ − 1032
parms = 'host='+db_host+'&name='+db_name+'&user='+db_user+'&pass='+db_pass+'&root_user='+db_root_user+'&root_pass='+db_root_pass;
+ − 1033
ajaxPost('<?php echo scriptPath; ?>/install.php?mode=mysql_test', parms, function() {
+ − 1034
if(ajax.readyState==4)
+ − 1035
{
+ − 1036
s = ajax.responseText.substr(0, 4);
+ − 1037
t = ajax.responseText.substr(4, ajax.responseText.length);
+ − 1038
if(s.substr(0, 4)=='good')
+ − 1039
{
+ − 1040
document.getElementById('s_db_host').src='images/good.gif';
+ − 1041
document.getElementById('s_db_name').src='images/good.gif';
+ − 1042
document.getElementById('s_db_auth').src='images/good.gif';
+ − 1043
document.getElementById('s_db_root').src='images/good.gif';
+ − 1044
if(t.match(/_creating_db/)) document.getElementById('e_db_name').innerHTML = '<b>Warning:<\/b> The database you specified does not exist. It will be created during installation.';
+ − 1045
if(t.match(/_creating_user/)) document.getElementById('e_db_auth').innerHTML = '<b>Warning:<\/b> The specified regular user does not exist or the password is incorrect. The user will be created during installation. If the user already exists, the password will be reset.';
+ − 1046
document.getElementById('s_mysql_version').src='images/good.gif';
+ − 1047
document.getElementById('e_mysql_version').innerHTML = 'Your version of MySQL meets Enano requirements.';
+ − 1048
}
+ − 1049
else
+ − 1050
{
+ − 1051
switch(s)
+ − 1052
{
+ − 1053
case 'host':
+ − 1054
document.getElementById('s_db_host').src='images/bad.gif';
+ − 1055
document.getElementById('s_db_name').src='images/unknown.gif';
+ − 1056
document.getElementById('s_db_auth').src='images/unknown.gif';
+ − 1057
document.getElementById('s_db_root').src='images/unknown.gif';
+ − 1058
document.getElementById('e_db_host').innerHTML = '<b>Error:<\/b> The database server "'+document.forms.dbinfo.db_host.value+'" couldn\'t be contacted.<br \/>'+t;
+ − 1059
document.getElementById('e_mysql_version').innerHTML = 'The MySQL version that your server is running could not be determined.';
+ − 1060
break;
+ − 1061
case 'auth':
+ − 1062
document.getElementById('s_db_host').src='images/good.gif';
+ − 1063
document.getElementById('s_db_name').src='images/unknown.gif';
+ − 1064
document.getElementById('s_db_auth').src='images/bad.gif';
+ − 1065
document.getElementById('s_db_root').src='images/unknown.gif';
+ − 1066
document.getElementById('e_db_auth').innerHTML = '<b>Error:<\/b> Access to MySQL under the specified credentials was denied.<br \/>'+t;
+ − 1067
document.getElementById('e_mysql_version').innerHTML = 'The MySQL version that your server is running could not be determined.';
+ − 1068
break;
+ − 1069
case 'perm':
+ − 1070
document.getElementById('s_db_host').src='images/good.gif';
+ − 1071
document.getElementById('s_db_name').src='images/bad.gif';
+ − 1072
document.getElementById('s_db_auth').src='images/good.gif';
+ − 1073
document.getElementById('s_db_root').src='images/unknown.gif';
+ − 1074
document.getElementById('e_db_name').innerHTML = '<b>Error:<\/b> Access to the specified database using those login credentials was denied.<br \/>'+t;
+ − 1075
document.getElementById('e_mysql_version').innerHTML = 'The MySQL version that your server is running could not be determined.';
+ − 1076
break;
+ − 1077
case 'name':
+ − 1078
document.getElementById('s_db_host').src='images/good.gif';
+ − 1079
document.getElementById('s_db_name').src='images/bad.gif';
+ − 1080
document.getElementById('s_db_auth').src='images/good.gif';
+ − 1081
document.getElementById('s_db_root').src='images/unknown.gif';
+ − 1082
document.getElementById('e_db_name').innerHTML = '<b>Error:<\/b> The specified database does not exist<br \/>'+t;
+ − 1083
document.getElementById('e_mysql_version').innerHTML = 'The MySQL version that your server is running could not be determined.';
+ − 1084
break;
+ − 1085
case 'root':
+ − 1086
document.getElementById('s_db_host').src='images/good.gif';
+ − 1087
document.getElementById('s_db_name').src='images/unknown.gif';
+ − 1088
document.getElementById('s_db_auth').src='images/unknown.gif';
+ − 1089
document.getElementById('s_db_root').src='images/bad.gif';
+ − 1090
document.getElementById('e_db_root').innerHTML = '<b>Error:<\/b> Access to MySQL under the specified credentials was denied.<br \/>'+t;
+ − 1091
document.getElementById('e_mysql_version').innerHTML = 'The MySQL version that your server is running could not be determined.';
+ − 1092
break;
+ − 1093
case 'vers':
+ − 1094
document.getElementById('s_db_host').src='images/good.gif';
+ − 1095
document.getElementById('s_db_name').src='images/good.gif';
+ − 1096
document.getElementById('s_db_auth').src='images/good.gif';
+ − 1097
document.getElementById('s_db_root').src='images/good.gif';
+ − 1098
if(t.match(/_creating_db/)) document.getElementById('e_db_name').innerHTML = '<b>Warning:<\/b> The database you specified does not exist. It will be created during installation.';
+ − 1099
if(t.match(/_creating_user/)) document.getElementById('e_db_auth').innerHTML = '<b>Warning:<\/b> The specified regular user does not exist or the password is incorrect. The user will be created during installation. If the user already exists, the password will be reset.';
+ − 1100
+ − 1101
document.getElementById('e_mysql_version').innerHTML = '<b>Error:<\/b> Your version of MySQL ('+t+') is older than 4.1.17. Enano will still work, but there is a known bug with the comment system and MySQL 4.1.11 that involves some comments not being displayed, due to an issue with the PHP function mysql_fetch_row().';
+ − 1102
document.getElementById('s_mysql_version').src='images/bad.gif';
+ − 1103
default:
+ − 1104
alert(t);
+ − 1105
break;
+ − 1106
}
+ − 1107
}
+ − 1108
}
+ − 1109
});
+ − 1110
}
+ − 1111
function verify()
+ − 1112
{
+ − 1113
document.getElementById('e_db_host').innerHTML = '';
+ − 1114
document.getElementById('e_db_auth').innerHTML = '';
+ − 1115
document.getElementById('e_db_name').innerHTML = '';
+ − 1116
document.getElementById('e_db_root').innerHTML = '';
+ − 1117
var frm = document.forms.dbinfo;
+ − 1118
ret = true;
+ − 1119
if(frm.db_host.value != '')
+ − 1120
{
+ − 1121
document.getElementById('s_db_host').src='images/unknown.gif';
+ − 1122
}
+ − 1123
else
+ − 1124
{
+ − 1125
document.getElementById('s_db_host').src='images/bad.gif';
+ − 1126
ret = false;
+ − 1127
}
+ − 1128
if(frm.db_name.value.match(/^([a-z0-9_-]+)$/g))
+ − 1129
{
+ − 1130
document.getElementById('s_db_name').src='images/unknown.gif';
+ − 1131
}
+ − 1132
else
+ − 1133
{
+ − 1134
document.getElementById('s_db_name').src='images/bad.gif';
+ − 1135
ret = false;
+ − 1136
}
+ − 1137
if(frm.db_user.value != '')
+ − 1138
{
+ − 1139
document.getElementById('s_db_auth').src='images/unknown.gif';
+ − 1140
}
+ − 1141
else
+ − 1142
{
+ − 1143
document.getElementById('s_db_auth').src='images/bad.gif';
+ − 1144
ret = false;
+ − 1145
}
+ − 1146
if(frm.table_prefix.value.match(/^([a-z0-9_]*)$/g))
+ − 1147
{
+ − 1148
document.getElementById('s_table_prefix').src='images/good.gif';
+ − 1149
}
+ − 1150
else
+ − 1151
{
+ − 1152
document.getElementById('s_table_prefix').src='images/bad.gif';
+ − 1153
ret = false;
+ − 1154
}
+ − 1155
if(frm.db_root_user.value == '')
+ − 1156
{
+ − 1157
document.getElementById('s_db_root').src='images/good.gif';
+ − 1158
}
+ − 1159
else if(frm.db_root_user.value != '' && frm.db_root_pass.value == '')
+ − 1160
{
+ − 1161
document.getElementById('s_db_root').src='images/bad.gif';
+ − 1162
ret = false;
+ − 1163
}
+ − 1164
else
+ − 1165
{
+ − 1166
document.getElementById('s_db_root').src='images/unknown.gif';
+ − 1167
}
+ − 1168
if(ret) frm._cont.disabled = false;
+ − 1169
else frm._cont.disabled = true;
+ − 1170
return ret;
+ − 1171
}
+ − 1172
window.onload = verify;
+ − 1173
</script>
+ − 1174
<p>Now we need some information that will allow Enano to contact your database server. Enano uses MySQL as a data storage backend,
+ − 1175
and we need to have access to a MySQL server in order to continue.</p>
+ − 1176
<p>If you do not have access to a MySQL server, and you are using your own server, you can download MySQL for free from
+ − 1177
<a href="http://www.mysql.com/">MySQL.com</a>. <b>Please note that, like Enano, MySQL is licensed under the GNU GPL.</b>
+ − 1178
If you need to modify MySQL and then distribute your modifications, you must either distribute them under the terms of the GPL
+ − 1179
or purchase a proprietary license.</p>
+ − 1180
<?php
+ − 1181
if ( file_exists('/etc/enano-is-virt-appliance') )
+ − 1182
{
+ − 1183
echo '<p><b>MySQL login information for this virtual appliance:</b><br /><br />Database hostname: localhost<br />Database login: username "enano", password: "clurichaun" (without quotes)<br />Database name: enano_www1</p>';
+ − 1184
}
+ − 1185
?>
+ − 1186
<form name="dbinfo" action="install.php?mode=website" method="post">
+ − 1187
<table border="0">
+ − 1188
<tr>
+ − 1189
<td colspan="3" style="text-align: center">
+ − 1190
<h3>Database information</h3>
+ − 1191
</td>
+ − 1192
</tr>
+ − 1193
<tr>
+ − 1194
<td>
+ − 1195
<b>Database hostname</b>
+ − 1196
<br />This is the hostname (or sometimes the IP address) of your MySQL server. In many cases, this is "localhost".
+ − 1197
<br /><span style="color: #993300" id="e_db_host"></span>
+ − 1198
</td>
+ − 1199
<td>
+ − 1200
<input onkeyup="verify();" name="db_host" size="30" type="text" />
+ − 1201
</td>
+ − 1202
<td>
+ − 1203
<img id="s_db_host" alt="Good/bad icon" src="images/bad.gif" />
+ − 1204
</td>
+ − 1205
</tr>
+ − 1206
<tr>
+ − 1207
<td>
+ − 1208
<b>Database name</b><br />
+ − 1209
The name of the actual database. If you don't already have a database, you can create one here, if you have the username and password
+ − 1210
of a MySQL user with administrative rights.<br />
+ − 1211
<span style="color: #993300" id="e_db_name"></span>
+ − 1212
</td>
+ − 1213
<td>
+ − 1214
<input onkeyup="verify();" name="db_name" size="30" type="text" />
+ − 1215
</td>
+ − 1216
<td>
+ − 1217
<img id="s_db_name" alt="Good/bad icon" src="images/bad.gif" />
+ − 1218
</td>
+ − 1219
</tr>
+ − 1220
<tr>
+ − 1221
<td rowspan="2">
+ − 1222
<b>Database login</b><br />
+ − 1223
These fields should be the username and password of a user with "select", "insert", "update", "delete", "create table", and "replace"
+ − 1224
privileges for your database.<br />
+ − 1225
<span style="color: #993300" id="e_db_auth"></span>
+ − 1226
</td>
+ − 1227
<td>
+ − 1228
<input onkeyup="verify();" name="db_user" size="30" type="text" />
+ − 1229
</td>
+ − 1230
<td rowspan="2">
+ − 1231
<img id="s_db_auth" alt="Good/bad icon" src="images/bad.gif" />
+ − 1232
</td>
+ − 1233
</tr>
+ − 1234
<tr>
+ − 1235
<td>
+ − 1236
<input name="db_pass" size="30" type="password" />
+ − 1237
</td>
+ − 1238
</tr>
+ − 1239
<tr>
+ − 1240
<td colspan="3" style="text-align: center">
+ − 1241
<h3>Optional information</h3>
+ − 1242
</td>
+ − 1243
</tr>
+ − 1244
<tr>
+ − 1245
<td>
+ − 1246
<b>Table prefix</b><br />
+ − 1247
The value that you enter here will be added to the beginning of the name of each Enano table. You may use lowercase letters (a-z),
+ − 1248
numbers (0-9), and underscores (_).
+ − 1249
</td>
+ − 1250
<td>
+ − 1251
<input onkeyup="verify();" name="table_prefix" size="30" type="text" />
+ − 1252
</td>
+ − 1253
<td>
+ − 1254
<img id="s_table_prefix" alt="Good/bad icon" src="images/good.gif" />
+ − 1255
</td>
+ − 1256
</tr>
+ − 1257
<tr>
+ − 1258
<td rowspan="2">
+ − 1259
<b>Database administrative login</b><br />
+ − 1260
If the MySQL database or username that you entered above does not exist yet, you can create them here, assuming that you have the
+ − 1261
login information for an administrative user (such as root). Leave these fields blank unless you need to use them.<br />
+ − 1262
<span style="color: #993300" id="e_db_root"></span>
+ − 1263
</td>
+ − 1264
<td>
+ − 1265
<input onkeyup="verify();" name="db_root_user" size="30" type="text" />
+ − 1266
</td>
+ − 1267
<td rowspan="2">
+ − 1268
<img id="s_db_root" alt="Good/bad icon" src="images/good.gif" />
+ − 1269
</td>
+ − 1270
</tr>
+ − 1271
<tr>
+ − 1272
<td>
+ − 1273
<input onkeyup="verify();" name="db_root_pass" size="30" type="password" />
+ − 1274
</td>
+ − 1275
</tr>
+ − 1276
<tr>
+ − 1277
<td>
+ − 1278
<b>MySQL version</b>
+ − 1279
</td>
+ − 1280
<td id="e_mysql_version">
+ − 1281
MySQL version information will be checked when you click "Test Connection".
+ − 1282
</td>
+ − 1283
<td>
+ − 1284
<img id="s_mysql_version" alt="Good/bad icon" src="images/unknown.gif" />
+ − 1285
</td>
+ − 1286
</tr>
+ − 1287
<tr>
+ − 1288
<td>
+ − 1289
<b>Delete existing tables?</b><br />
+ − 1290
If this option is checked, all the tables that will be used by Enano will be dropped (deleted) before the schema is executed. Do
+ − 1291
NOT use this option unless specifically instructed to.
+ − 1292
</td>
+ − 1293
<td>
+ − 1294
<input type="checkbox" name="drop_tables" id="dtcheck" /> <label for="dtcheck">Drop existing tables</label>
+ − 1295
</td>
+ − 1296
</tr>
+ − 1297
<tr>
+ − 1298
<td colspan="3" style="text-align: center">
+ − 1299
<input type="button" value="Test connection" onclick="ajaxTestConnection();" />
+ − 1300
</td>
+ − 1301
</tr>
+ − 1302
</table>
+ − 1303
<div class="pagenav">
+ − 1304
<table border="0">
+ − 1305
<tr>
+ − 1306
<td>
+ − 1307
<input type="submit" value="Continue" onclick="return verify();" name="_cont" />
+ − 1308
</td>
+ − 1309
<td>
+ − 1310
<p>
+ − 1311
<span style="font-weight: bold;">Before continuing:</span><br />
+ − 1312
• Check your MySQL connection using the "Test Connection" button.<br />
+ − 1313
• Be aware that your database information will be transmitted unencrypted several times.
+ − 1314
</p>
+ − 1315
</td>
+ − 1316
</tr>
+ − 1317
</table>
+ − 1318
</div>
+ − 1319
</form>
+ − 1320
<?php
+ − 1321
break;
+ − 1322
case "website":
+ − 1323
if(!isset($_POST['_cont'])) {
+ − 1324
echo 'No POST data signature found. Please <a href="install.php?mode=sysreqs">restart the installation</a>.';
+ − 1325
$template->footer();
+ − 1326
exit;
+ − 1327
}
+ − 1328
unset($_POST['_cont']);
+ − 1329
?>
+ − 1330
<script type="text/javascript">
+ − 1331
function verify()
+ − 1332
{
+ − 1333
var frm = document.forms.siteinfo;
+ − 1334
ret = true;
+ − 1335
if(frm.sitename.value.match(/^(.+)$/g) && frm.sitename.value != 'Enano')
+ − 1336
{
+ − 1337
document.getElementById('s_name').src='images/good.gif';
+ − 1338
}
+ − 1339
else
+ − 1340
{
+ − 1341
document.getElementById('s_name').src='images/bad.gif';
+ − 1342
ret = false;
+ − 1343
}
+ − 1344
if(frm.sitedesc.value.match(/^(.+)$/g))
+ − 1345
{
+ − 1346
document.getElementById('s_desc').src='images/good.gif';
+ − 1347
}
+ − 1348
else
+ − 1349
{
+ − 1350
document.getElementById('s_desc').src='images/bad.gif';
+ − 1351
ret = false;
+ − 1352
}
+ − 1353
if(frm.copyright.value.match(/^(.+)$/g))
+ − 1354
{
+ − 1355
document.getElementById('s_copyright').src='images/good.gif';
+ − 1356
}
+ − 1357
else
+ − 1358
{
+ − 1359
document.getElementById('s_copyright').src='images/bad.gif';
+ − 1360
ret = false;
+ − 1361
}
+ − 1362
if(ret) frm._cont.disabled = false;
+ − 1363
else frm._cont.disabled = true;
+ − 1364
return ret;
+ − 1365
}
+ − 1366
window.onload = verify;
+ − 1367
</script>
+ − 1368
<form name="siteinfo" action="install.php?mode=login" method="post">
+ − 1369
<?php
+ − 1370
$k = array_keys($_POST);
+ − 1371
for($i=0;$i<sizeof($_POST);$i++) {
+ − 1372
echo '<input type="hidden" name="'.htmlspecialchars($k[$i]).'" value="'.htmlspecialchars($_POST[$k[$i]]).'" />'."\n";
+ − 1373
}
+ − 1374
?>
+ − 1375
<p>The next step is to enter some information about your website. You can always change this information later, using the administration panel.</p>
+ − 1376
<table border="0">
+ − 1377
<tr>
+ − 1378
<td>
+ − 1379
<b>Website name</b><br />
+ − 1380
The display name of your website. Allowed characters are uppercase and lowercase letters, numerals, and spaces. This must not
+ − 1381
be blank or "Enano".
+ − 1382
</td>
+ − 1383
<td>
+ − 1384
<input onkeyup="verify();" name="sitename" type="text" size="30" />
+ − 1385
</td>
+ − 1386
<td>
+ − 1387
<img id="s_name" alt="Good/bad icon" src="images/bad.gif" />
+ − 1388
</td>
+ − 1389
</tr>
+ − 1390
<tr>
+ − 1391
<td>
+ − 1392
<b>Website description</b><br />
+ − 1393
This text will be shown below the name of your website.
+ − 1394
</td>
+ − 1395
<td>
+ − 1396
<input onkeyup="verify();" name="sitedesc" type="text" size="30" />
+ − 1397
</td>
+ − 1398
<td>
+ − 1399
<img id="s_desc" alt="Good/bad icon" src="images/bad.gif" />
+ − 1400
</td>
+ − 1401
</tr>
+ − 1402
<tr>
+ − 1403
<td>
+ − 1404
<b>Copyright info</b><br />
+ − 1405
This should be a one-line legal notice that will appear at the bottom of all your pages.
+ − 1406
</td>
+ − 1407
<td>
+ − 1408
<input onkeyup="verify();" name="copyright" type="text" size="30" />
+ − 1409
</td>
+ − 1410
<td>
+ − 1411
<img id="s_copyright" alt="Good/bad icon" src="images/bad.gif" />
+ − 1412
</td>
+ − 1413
</tr>
+ − 1414
<tr>
+ − 1415
<td>
+ − 1416
<b>Wiki mode</b><br />
+ − 1417
This feature allows people to create and edit pages on your site. Enano keeps a history of all page modifications, and you can
+ − 1418
protect pages to prevent editing.
+ − 1419
</td>
+ − 1420
<td>
+ − 1421
<input name="wiki_mode" type="checkbox" id="wmcheck" /> <label for="wmcheck">Yes, make my website a wiki.</label>
+ − 1422
</td>
+ − 1423
<td>
+ − 1424
+ − 1425
</td>
+ − 1426
</tr>
+ − 1427
<tr>
+ − 1428
<td>
+ − 1429
<b>URL scheme</b><br />
+ − 1430
Choose how the page URLs will look. Depending on your server configuration, you may need to select the first option. If you
+ − 1431
don't know, select the first option, and you can always change it later.
+ − 1432
</td>
+ − 1433
<td colspan="2">
+ − 1434
<input type="radio" <?php if(!is_apache()) echo 'checked="checked" '; ?>name="urlscheme" value="ugly" id="ugly" /> <label for="ugly">Standard URLs - compatible with any web server (www.example.com/index.php?title=Page_name)</label><br />
+ − 1435
<input type="radio" <?php if(is_apache()) echo 'checked="checked" '; ?>name="urlscheme" value="short" id="short" /> <label for="short">Short URLs - requires Apache with a PHP module (www.example.com/index.php/Page_name)</label><br />
+ − 1436
<input type="radio" name="urlscheme" value="tiny" id="petite"> <label for="petite">Tiny URLs - requires Apache on Linux/Unix/BSD with PHP module and mod_rewrite enabled (www.example.com/Page_name)</label>
+ − 1437
</td>
+ − 1438
</tr>
+ − 1439
</table>
+ − 1440
<div class="pagenav">
+ − 1441
<table border="0">
+ − 1442
<tr>
+ − 1443
<td>
+ − 1444
<input type="submit" value="Continue" onclick="return verify();" name="_cont" />
+ − 1445
</td>
+ − 1446
<td>
+ − 1447
<p>
+ − 1448
<span style="font-weight: bold;">Before clicking continue:</span><br />
+ − 1449
• Verify that your site information is correct. Again, all of the above settings can be changed from the administration
+ − 1450
panel.
+ − 1451
</p>
+ − 1452
</td>
+ − 1453
</tr>
+ − 1454
</table>
+ − 1455
</div>
+ − 1456
</form>
+ − 1457
<?php
+ − 1458
break;
+ − 1459
case "login":
+ − 1460
if(!isset($_POST['_cont'])) {
+ − 1461
echo 'No POST data signature found. Please <a href="install.php?mode=sysreqs">restart the installation</a>.';
+ − 1462
$template->footer();
+ − 1463
exit;
+ − 1464
}
+ − 1465
unset($_POST['_cont']);
+ − 1466
require('config.new.php');
+ − 1467
$aes = new AESCrypt(AES_BITS, AES_BLOCKSIZE);
+ − 1468
if ( isset($crypto_key) )
+ − 1469
{
+ − 1470
$cryptkey = $crypto_key;
+ − 1471
}
+ − 1472
if(!isset($cryptkey) || ( isset($cryptkey) && strlen($cryptkey) != AES_BITS / 4) )
+ − 1473
{
+ − 1474
$cryptkey = $aes->gen_readymade_key();
+ − 1475
$handle = @fopen(ENANO_ROOT.'/config.new.php', 'w');
+ − 1476
if(!$handle)
+ − 1477
{
+ − 1478
echo '<p>ERROR: Cannot open config.php for writing - exiting!</p>';
+ − 1479
$template->footer();
+ − 1480
exit;
+ − 1481
}
+ − 1482
fwrite($handle, '<?php $cryptkey = \''.$cryptkey.'\'; ?>');
+ − 1483
fclose($handle);
+ − 1484
}
+ − 1485
// Sorry for the ugly hack, but this f***s up jEdit badly.
+ − 1486
echo '
+ − 1487
<script type="text/javascript">
+ − 1488
function verify()
+ − 1489
{
+ − 1490
var frm = document.forms.login;
+ − 1491
ret = true;
+ − 1492
if ( frm.admin_user.value.match(/^([A-z0-9 \\-\\.]+)$/) && !frm.admin_user.value.match(/^(?:(?:\\d{1,2}|1\\d\\d|2[0-4]\\d|25[0-5])\\.){3}(?:\\d{1,2}|1\\d\\d|2[0-4]\\d|25[0-5])$/) && frm.admin_user.value.toLowerCase() != \'anonymous\' )
+ − 1493
{
+ − 1494
document.getElementById(\'s_user\').src = \'images/good.gif\';
+ − 1495
}
+ − 1496
else
+ − 1497
{
+ − 1498
document.getElementById(\'s_user\').src = \'images/bad.gif\';
+ − 1499
ret = false;
+ − 1500
}
+ − 1501
if(frm.admin_pass.value.length >= 6 && frm.admin_pass.value == frm.admin_pass_confirm.value)
+ − 1502
{
+ − 1503
document.getElementById(\'s_password\').src = \'images/good.gif\';
+ − 1504
}
+ − 1505
else
+ − 1506
{
+ − 1507
document.getElementById(\'s_password\').src = \'images/bad.gif\';
+ − 1508
ret = false;
+ − 1509
}
+ − 1510
if(frm.admin_email.value.match(/^(?:[\\w\\d]+\\.?)+@(?:(?:[\\w\\d]\\-?)+\\.)+\\w{2,4}$/))
+ − 1511
{
+ − 1512
document.getElementById(\'s_email\').src = \'images/good.gif\';
+ − 1513
}
+ − 1514
else
+ − 1515
{
+ − 1516
document.getElementById(\'s_email\').src = \'images/bad.gif\';
+ − 1517
ret = false;
+ − 1518
}
+ − 1519
if(ret) frm._cont.disabled = false;
+ − 1520
else frm._cont.disabled = true;
+ − 1521
return ret;
+ − 1522
}
+ − 1523
window.onload = verify;
+ − 1524
+ − 1525
function cryptdata()
+ − 1526
{
+ − 1527
if(!verify()) return false;
+ − 1528
}
+ − 1529
</script>
+ − 1530
';
+ − 1531
?>
+ − 1532
<form name="login" action="install.php?mode=confirm" method="post" onsubmit="runEncryption();">
+ − 1533
<?php
+ − 1534
$k = array_keys($_POST);
+ − 1535
for($i=0;$i<sizeof($_POST);$i++) {
+ − 1536
echo '<input type="hidden" name="'.htmlspecialchars($k[$i]).'" value="'.htmlspecialchars($_POST[$k[$i]]).'" />'."\n";
+ − 1537
}
+ − 1538
?>
+ − 1539
<p>Next, enter your desired username and password. The account you create here will be used to administer your site.</p>
+ − 1540
<table border="0">
+ − 1541
<tr>
+ − 1542
<td><b>Administration username</b><br /><small>The administration username you will use to log into your site.<br />This cannot be "anonymous" or in the form of an IP address.</small></td><td><input onkeyup="verify();" name="admin_user" type="text" size="30" /></td><td><img id="s_user" alt="Good/bad icon" src="images/bad.gif" /></td>
+ − 1543
</tr>
+ − 1544
<tr>
+ − 1545
<td>Administration password:</td>
+ − 1546
<td><input onkeyup="verify();" name="admin_pass" type="password" size="30" /></td>
+ − 1547
<td rowspan="2"><img id="s_password" alt="Good/bad icon" src="images/bad.gif" /></td>
+ − 1548
</tr>
+ − 1549
<tr>
+ − 1550
<td>Enter it again to confirm:</td>
+ − 1551
<td><input onkeyup="verify();" name="admin_pass_confirm" type="password" size="30" /></td>
+ − 1552
</tr>
+ − 1553
<tr>
+ − 1554
<td>Your e-mail address:</td>
+ − 1555
<td><input onkeyup="verify();" name="admin_email" type="text" size="30" /></td>
+ − 1556
<td><img id="s_email" alt="Good/bad icon" src="images/bad.gif" /></td>
+ − 1557
</tr>
+ − 1558
<tr>
+ − 1559
<td>
+ − 1560
Allow administrators to embed PHP code into pages:<br />
+ − 1561
<small><span style="color: #D84308">Do not under any circumstances enable this option without reading these
+ − 1562
<a href="install.php?mode=pophelp&topic=admin_embed_php"
+ − 1563
onclick="window.open(this.href, 'pophelpwin', 'width=550,height=400,status=no,toolbars=no,toolbar=no,address=no,scroll=yes'); return false;"
+ − 1564
style="color: #D84308; text-decoration: underline;">important security implications</a>.
+ − 1565
</span></small>
+ − 1566
</td>
+ − 1567
<td>
+ − 1568
<label><input type="radio" name="admin_embed_php" value="2" checked="checked" /> Disabled</label>
+ − 1569
<label><input type="radio" name="admin_embed_php" value="4" /> Enabled</label>
+ − 1570
</td>
+ − 1571
<td></td>
+ − 1572
</tr>
+ − 1573
<tr><td colspan="3">If your browser supports Javascript, the password you enter here will be encrypted with AES before it is sent to the server.</td></tr>
+ − 1574
</table>
+ − 1575
<div class="pagenav">
+ − 1576
<table border="0">
+ − 1577
<tr>
+ − 1578
<td>
+ − 1579
<input type="submit" value="Continue" onclick="return cryptdata();" name="_cont" />
+ − 1580
</td>
+ − 1581
<td>
+ − 1582
<p>
+ − 1583
<span style="font-weight: bold;">Before clicking continue:</span><br />
+ − 1584
• Remember the username and password you enter here! You will not be able to administer your site without the
+ − 1585
information you enter on this page.
+ − 1586
</p>
+ − 1587
</td>
+ − 1588
</tr>
+ − 1589
</table>
+ − 1590
</div>
+ − 1591
<div id="cryptdebug"></div>
+ − 1592
<input type="hidden" name="use_crypt" value="no" />
+ − 1593
<input type="hidden" name="crypt_key" value="<?php echo $cryptkey; ?>" />
+ − 1594
<input type="hidden" name="crypt_data" value="" />
+ − 1595
</form>
+ − 1596
<script type="text/javascript">
+ − 1597
// <![CDATA[
+ − 1598
var frm = document.forms.login;
+ − 1599
frm.admin_user.focus();
+ − 1600
function runEncryption()
+ − 1601
{
+ − 1602
str = '';
+ − 1603
for(i=0;i<keySizeInBits/4;i++) str+='0';
+ − 1604
var key = hexToByteArray(str);
+ − 1605
var pt = hexToByteArray(str);
+ − 1606
var ct = rijndaelEncrypt(pt, key, "ECB");
+ − 1607
var ect = byteArrayToHex(ct);
+ − 1608
switch(keySizeInBits)
+ − 1609
{
+ − 1610
case 128:
+ − 1611
v = '66e94bd4ef8a2c3b884cfa59ca342b2e';
+ − 1612
break;
+ − 1613
case 192:
+ − 1614
v = 'aae06992acbf52a3e8f4a96ec9300bd7aae06992acbf52a3e8f4a96ec9300bd7';
+ − 1615
break;
+ − 1616
case 256:
+ − 1617
v = 'dc95c078a2408989ad48a21492842087dc95c078a2408989ad48a21492842087';
+ − 1618
break;
+ − 1619
}
+ − 1620
var testpassed = ( ect == v && md5_vm_test() );
+ − 1621
var frm = document.forms.login;
+ − 1622
if(testpassed)
+ − 1623
{
+ − 1624
// alert('encryption self-test passed');
+ − 1625
frm.use_crypt.value = 'yes';
+ − 1626
var cryptkey = frm.crypt_key.value;
+ − 1627
frm.crypt_key.value = '';
+ − 1628
if(cryptkey != byteArrayToHex(hexToByteArray(cryptkey)))
+ − 1629
{
+ − 1630
alert('Byte array conversion SUCKS');
+ − 1631
testpassed = false;
+ − 1632
}
+ − 1633
cryptkey = hexToByteArray(cryptkey);
+ − 1634
if(!cryptkey || ( ( typeof cryptkey == 'string' || typeof cryptkey == 'object' ) ) && cryptkey.length != keySizeInBits / 8 )
+ − 1635
{
+ − 1636
frm._cont.disabled = true;
+ − 1637
len = ( typeof cryptkey == 'string' || typeof cryptkey == 'object' ) ? '\nLen: '+cryptkey.length : '';
+ − 1638
alert('The key is messed up\nType: '+typeof(cryptkey)+len);
+ − 1639
}
+ − 1640
}
+ − 1641
else
+ − 1642
{
+ − 1643
// alert('encryption self-test FAILED');
+ − 1644
}
+ − 1645
if(testpassed)
+ − 1646
{
+ − 1647
pass = frm.admin_pass.value;
+ − 1648
pass = stringToByteArray(pass);
+ − 1649
cryptstring = rijndaelEncrypt(pass, cryptkey, 'ECB');
+ − 1650
//decrypted = rijndaelDecrypt(cryptstring, cryptkey, 'ECB');
+ − 1651
//decrypted = byteArrayToString(decrypted);
+ − 1652
//return false;
+ − 1653
if(!cryptstring)
+ − 1654
{
+ − 1655
return false;
+ − 1656
}
+ − 1657
cryptstring = byteArrayToHex(cryptstring);
+ − 1658
// document.getElementById('cryptdebug').innerHTML = '<pre>Data: '+cryptstring+'<br />Key: '+byteArrayToHex(cryptkey)+'</pre>';
+ − 1659
frm.crypt_data.value = cryptstring;
+ − 1660
frm.admin_pass.value = '';
+ − 1661
frm.admin_pass_confirm.value = '';
+ − 1662
}
+ − 1663
return false;
+ − 1664
}
+ − 1665
// ]]>
+ − 1666
</script>
+ − 1667
<?php
+ − 1668
break;
+ − 1669
case "confirm":
+ − 1670
if(!isset($_POST['_cont'])) {
+ − 1671
echo 'No POST data signature found. Please <a href="install.php?mode=sysreqs">restart the installation</a>.';
+ − 1672
$template->footer();
+ − 1673
exit;
+ − 1674
}
+ − 1675
unset($_POST['_cont']);
+ − 1676
?>
+ − 1677
<form name="confirm" action="install.php?mode=install" method="post">
+ − 1678
<?php
+ − 1679
$k = array_keys($_POST);
+ − 1680
for($i=0;$i<sizeof($_POST);$i++) {
+ − 1681
echo '<input type="hidden" name="'.htmlspecialchars($k[$i]).'" value="'.htmlspecialchars($_POST[$k[$i]]).'" />'."\n";
+ − 1682
}
+ − 1683
?>
+ − 1684
<h3>Enano is ready to install.</h3>
+ − 1685
<p>The wizard has finished collecting information and is ready to install the database schema. Please review the information below,
+ − 1686
and then click the button below to install the database.</p>
+ − 1687
<ul>
+ − 1688
<li>Database hostname: <?php echo $_POST['db_host']; ?></li>
+ − 1689
<li>Database name: <?php echo $_POST['db_name']; ?></li>
+ − 1690
<li>Database user: <?php echo $_POST['db_user']; ?></li>
+ − 1691
<li>Database password: <hidden></li>
+ − 1692
<li>Site name: <?php echo $_POST['sitename']; ?></li>
+ − 1693
<li>Site description: <?php echo $_POST['sitedesc']; ?></li>
+ − 1694
<li>Administration username: <?php echo $_POST['admin_user']; ?></li>
+ − 1695
<li>Cipher strength: <?php echo (string)AES_BITS; ?>-bit AES<br /><small>Cipher strength is defined in the file constants.php; if you desire to change the cipher strength, you may do so and then restart installation. Unless your site is mission-critical, changing the cipher strength is not necessary.</small></li>
+ − 1696
</ul>
+ − 1697
<div class="pagenav">
+ − 1698
<table border="0">
+ − 1699
<tr>
+ − 1700
<td><input type="submit" value="Install Enano!" name="_cont" /></td><td><p><span style="font-weight: bold;">Before clicking continue:</span><br />• Pray.</p></td>
+ − 1701
</tr>
+ − 1702
</table>
+ − 1703
</div>
+ − 1704
</form>
+ − 1705
<?php
+ − 1706
break;
+ − 1707
case "install":
+ − 1708
if(!isset($_POST['db_host']) ||
+ − 1709
!isset($_POST['db_name']) ||
+ − 1710
!isset($_POST['db_user']) ||
+ − 1711
!isset($_POST['db_pass']) ||
+ − 1712
!isset($_POST['sitename']) ||
+ − 1713
!isset($_POST['sitedesc']) ||
+ − 1714
!isset($_POST['copyright']) ||
+ − 1715
!isset($_POST['admin_user']) ||
+ − 1716
!isset($_POST['admin_pass']) ||
+ − 1717
!isset($_POST['admin_embed_php']) || ( isset($_POST['admin_embed_php']) && !in_array($_POST['admin_embed_php'], array('2', '4')) ) ||
+ − 1718
!isset($_POST['urlscheme'])
+ − 1719
)
+ − 1720
{
+ − 1721
echo 'The installer has detected that one or more required form values is not set. Please <a href="install.php?mode=sysreqs">restart the installation</a>.';
+ − 1722
$template->footer();
+ − 1723
exit;
+ − 1724
}
+ − 1725
switch($_POST['urlscheme'])
+ − 1726
{
+ − 1727
case "ugly":
+ − 1728
default:
+ − 1729
$cp = scriptPath.'/index.php?title=';
+ − 1730
break;
+ − 1731
case "short":
+ − 1732
$cp = scriptPath.'/index.php/';
+ − 1733
break;
+ − 1734
case "tiny":
+ − 1735
$cp = scriptPath.'/';
+ − 1736
break;
+ − 1737
}
+ − 1738
function err($t) { global $template; echo $t; $template->footer(); exit; }
+ − 1739
+ − 1740
// $stages = array('connect', 'decrypt', 'genkey', 'parse', 'sql', 'writeconfig', 'renameconfig', 'startapi', 'initlogs');
+ − 1741
+ − 1742
if ( !preg_match('/^[a-z0-9_]*$/', $_POST['table_prefix']) )
+ − 1743
err('Hacking attempt was detected in table_prefix.');
+ − 1744
+ − 1745
start_install_table();
+ − 1746
// The stages connect, decrypt, genkey, and parse are preprocessing and don't do any actual data modification.
+ − 1747
// Thus, they need to be run on each retry, e.g. never skipped.
+ − 1748
run_installer_stage('connect', 'Connect to MySQL', 'stg_mysql_connect', 'MySQL denied our attempt to connect to the database. This is most likely because your login information was incorrect. You will most likely need to <a href="install.php?mode=license">restart the installation</a>.', false);
+ − 1749
if ( isset($_POST['drop_tables']) )
+ − 1750
{
+ − 1751
// Are we supposed to drop any existing tables? If so, do it now
+ − 1752
run_installer_stage('drop', 'Drop existing Enano tables', 'stg_drop_tables', 'This step never returns failure');
+ − 1753
}
+ − 1754
run_installer_stage('decrypt', 'Decrypt administration password', 'stg_decrypt_admin_pass', 'The administration password you entered couldn\'t be decrypted. It is possible that your server did not properly store the encryption key in the configuration file. Please check the file permissions on config.new.php. You may have to return to the login stage of the installation, clear your browser cache, and then rerun this installation.', false);
+ − 1755
run_installer_stage('genkey', 'Generate ' . AES_BITS . '-bit AES private key', 'stg_generate_aes_key', 'Enano encountered an internal error while generating the site encryption key. Please contact the Enano team for support.', false);
+ − 1756
run_installer_stage('parse', 'Prepare to execute schema file', 'stg_parse_schema', 'Enano encountered an internal error while parsing the SQL file that contains the database structure and initial data. Please contact the Enano team for support.', false);
+ − 1757
run_installer_stage('sql', 'Execute installer schema', 'stg_install', 'The installation failed because an SQL query wasn\'t quite correct. It is possible that you entered malformed data into a form field, or there may be a bug in Enano with your version of MySQL. Please contact the Enano team for support.', false);
+ − 1758
run_installer_stage('writeconfig', 'Write configuration files', 'stg_write_config', 'Enano was unable to write the configuration file with your site\'s database credentials. This is almost always because your configuration file does not have the correct permissions. On Windows servers, you may see this message even if the check on the System Requirements page passed. Temporarily running IIS as the Administrator user may help.');
+ − 1759
run_installer_stage('renameconfig', 'Rename configuration files', 'stg_rename_config', 'Enano couldn\'t rename the configuration files to their correct production names. On some UNIX systems, you need to CHMOD the directory with your Enano files to 777 in order for this stage to succeed.');
+ − 1760
+ − 1761
// Mainstream installation complete - Enano should be usable now
+ − 1762
// The stage of starting the API is special because it has to be called out of function context.
+ − 1763
// To alleviate this, we have two functions, one that returns success and one that returns failure
+ − 1764
// If the Enano API load is successful, the success function is called to report the action to the user
+ − 1765
// If unsuccessful, the failure report is sent
+ − 1766
+ − 1767
$template_bak = $template;
+ − 1768
+ − 1769
$_GET['title'] = 'Main_Page';
+ − 1770
require('includes/common.php');
+ − 1771
+ − 1772
if ( is_object($db) && is_object($session) )
+ − 1773
{
+ − 1774
run_installer_stage('startapi', 'Start the Enano API', 'stg_start_api_success', '...', false);
+ − 1775
}
+ − 1776
else
+ − 1777
{
+ − 1778
run_installer_stage('startapi', 'Start the Enano API', 'stg_start_api_failure', 'The Enano API could not be started. This is an error that should never occur; please contact the Enano team for support.', false);
+ − 1779
}
+ − 1780
+ − 1781
// We need to be logged in (with admin rights) before logs can be flushed
+ − 1782
$admin_password = stg_decrypt_admin_pass(true);
+ − 1783
$session->login_without_crypto($_POST['admin_user'], $admin_password, false);
+ − 1784
+ − 1785
// Now that login cookies are set, initialize the session manager and ACLs
+ − 1786
$session->start();
+ − 1787
$paths->init();
+ − 1788
+ − 1789
run_installer_stage('initlogs', 'Initialize logs', 'stg_init_logs', '<b>The session manager denied the request to flush logs for the main page.</b><br />
+ − 1790
While under most circumstances you can still <a href="install.php?mode=finish">finish the installation</a>, you should be aware that some servers cannot
+ − 1791
properly set cookies due to limitations with PHP. These limitations are exposed primarily when this issue is encountered during installation. If you choose
+ − 1792
to finish the installation, please be aware that you may be unable to log into your site.');
+ − 1793
close_install_table();
+ − 1794
+ − 1795
unset($template);
+ − 1796
$template =& $template_bak;
+ − 1797
+ − 1798
echo '<h3>Installation of Enano is complete.</h3><p>Review any warnings above, and then <a href="install.php?mode=finish">click here to finish the installation</a>.';
+ − 1799
+ − 1800
// echo '<script type="text/javascript">window.location="'.scriptPath.'/install.php?mode=finish";</script>';
+ − 1801
+ − 1802
break;
+ − 1803
case "finish":
+ − 1804
echo '<h3>Congratulations!</h3>
+ − 1805
<p>You have finished installing Enano on this server.</p>
+ − 1806
<h3>Now what?</h3>
+ − 1807
<p>Click the link below to see the main page for your website. Where to go from here:</p>
+ − 1808
<ul>
+ − 1809
<li>The first thing you should do is log into your site using the Log in link on the sidebar.</li>
+ − 1810
<li>Go into the Administration panel, expand General, and click General Configuration. There you will be able to configure some basic information about your site.</li>
+ − 1811
<li>Visit the <a href="http://enanocms.org/Category:Plugins" onclick="window.open(this.href); return false;">Enano Plugin Gallery</a> to download and use plugins on your site.</li>
+ − 1812
<li>Periodically create a backup of your database and filesystem, in case something goes wrong. This should be done at least once a week – more for wiki-based sites.</li>
+ − 1813
<li>Hire some moderators, to help you keep rowdy users tame.</li>
+ − 1814
<li>Tell the <a href="http://enanocms.org/Contact_us">Enano team</a> what you think.</li>
+ − 1815
<li><b>Spread the word about Enano by adding a link to the Enano homepage on your sidebar!</b> You can enable this option in the General Configuration section of the administration panel.</li>
+ − 1816
</ul>
+ − 1817
<p><a href="index.php">Go to your website...</a></p>';
+ − 1818
break;
+ − 1819
}
+ − 1820
$template->footer();
+ − 1821
+ − 1822
?>