install.php
changeset 230 3daa715e0f69
parent 198 9e09480cb38f
child 231 b11a2f1353c0
child 233 cc358458a012
equal deleted inserted replaced
224:6a4573507ff8 230:3daa715e0f69
   663     </form>
   663     </form>
   664     <?php
   664     <?php
   665     break;
   665     break;
   666   case "website":
   666   case "website":
   667     if(!isset($_POST['_cont'])) {
   667     if(!isset($_POST['_cont'])) {
   668       echo 'No POST data signature found. Please <a href="install.php?mode=license">restart the installation</a>.';
   668       echo 'No POST data signature found. Please <a href="install.php?mode=sysreqs">restart the installation</a>.';
   669       $template->footer();
   669       $template->footer();
   670       exit;
   670       exit;
   671     }
   671     }
   672     unset($_POST['_cont']);
   672     unset($_POST['_cont']);
   673     ?>
   673     ?>
   734     </form>
   734     </form>
   735     <?php
   735     <?php
   736     break;
   736     break;
   737   case "login":
   737   case "login":
   738     if(!isset($_POST['_cont'])) {
   738     if(!isset($_POST['_cont'])) {
   739       echo 'No POST data signature found. Please <a href="install.php?mode=license">restart the installation</a>.';
   739       echo 'No POST data signature found. Please <a href="install.php?mode=sysreqs">restart the installation</a>.';
   740       $template->footer();
   740       $template->footer();
   741       exit;
   741       exit;
   742     }
   742     }
   743     unset($_POST['_cont']);
   743     unset($_POST['_cont']);
   744     require('config.php');
   744     require('config.php');
   764     <script type="text/javascript">
   764     <script type="text/javascript">
   765       function verify()
   765       function verify()
   766       {
   766       {
   767         var frm = document.forms.login;
   767         var frm = document.forms.login;
   768         ret = true;
   768         ret = true;
   769         if ( frm.admin_user.value.match(/^([A-z0-9 \-\.]+)$/g) && !frm.admin_user.value.match(/^(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])$/) && frm.admin_user.value.toLowerCase() != 'anonymous' )
   769         var ip_regexp = new RegExp('^(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])$', '');
       
   770         var valid_username = new RegExp('^([A-z0-9 \-\.]+)$', '');
       
   771         if ( frm.admin_user.value.match(valid_username) && !frm.admin_user.value.match(ip_regexp) && frm.admin_user.value.toLowerCase() != 'anonymous' )
   770         {
   772         {
   771           document.getElementById('s_user').src = 'images/good.gif';
   773           document.getElementById('s_user').src = 'images/good.gif';
   772         }
   774         }
   773         else
   775         else
   774         {
   776         {
   782         else
   784         else
   783         {
   785         {
   784           document.getElementById('s_password').src = 'images/bad.gif';
   786           document.getElementById('s_password').src = 'images/bad.gif';
   785           ret = false;
   787           ret = false;
   786         }
   788         }
   787         if(frm.admin_email.value.match(/^(?:[\w\d]+\.?)+@(?:(?:[\w\d]\-?)+\.)+\w{2,4}$/))
   789         var valid_email = new RegExp('^(?:[\w\d]+\.?)+@(?:(?:[\w\d]\-?)+\.)+\w{2,4}$', '');
       
   790         if(frm.admin_email.value.match(valid_email))
   788         {
   791         {
   789           document.getElementById('s_email').src = 'images/good.gif';
   792           document.getElementById('s_email').src = 'images/good.gif';
   790         }
   793         }
   791         else
   794         else
   792         {
   795         {
   918     </script>
   921     </script>
   919     <?php
   922     <?php
   920     break;
   923     break;
   921   case "confirm":
   924   case "confirm":
   922     if(!isset($_POST['_cont'])) {
   925     if(!isset($_POST['_cont'])) {
   923       echo 'No POST data signature found. Please <a href="install.php?mode=license">restart the installation</a>.';
   926       echo 'No POST data signature found. Please <a href="install.php?mode=sysreqs">restart the installation</a>.';
   924       $template->footer();
   927       $template->footer();
   925       exit;
   928       exit;
   926     }
   929     }
   927     unset($_POST['_cont']);
   930     unset($_POST['_cont']);
   928     ?>
   931     ?>
   968        !isset($_POST['admin_pass']) ||
   971        !isset($_POST['admin_pass']) ||
   969        !isset($_POST['admin_embed_php']) || ( isset($_POST['admin_embed_php']) && !in_array($_POST['admin_embed_php'], array('2', '4')) ) ||
   972        !isset($_POST['admin_embed_php']) || ( isset($_POST['admin_embed_php']) && !in_array($_POST['admin_embed_php'], array('2', '4')) ) ||
   970        !isset($_POST['urlscheme'])
   973        !isset($_POST['urlscheme'])
   971        )
   974        )
   972     {
   975     {
   973       echo 'The installer has detected that one or more required form values is not set. Please <a href="install.php?mode=license">restart the installation</a>.';
   976       echo 'The installer has detected that one or more required form values is not set. Please <a href="install.php?mode=sysreqs">restart the installation</a>.';
   974       $template->footer();
   977       $template->footer();
   975       exit;
   978       exit;
   976     }
   979     }
   977     switch($_POST['urlscheme'])
   980     switch($_POST['urlscheme'])
   978     {
   981     {
   987         $cp = scriptPath.'/';
   990         $cp = scriptPath.'/';
   988         break;
   991         break;
   989     }
   992     }
   990     function err($t) { global $template; echo $t; $template->footer(); exit; }
   993     function err($t) { global $template; echo $t; $template->footer(); exit; }
   991     
   994     
       
   995     if ( !preg_match('/^[a-z0-9_]*$/', $_POST['table_prefix']) )
       
   996       err('Hacking attempt was detected in table_prefix.');
       
   997     
   992       echo 'Connecting to MySQL...';
   998       echo 'Connecting to MySQL...';
   993       if($_POST['db_root_user'] != '')
   999       if($_POST['db_root_user'] != '')
   994       {
  1000       {
   995         $conn = mysql_connect($_POST['db_host'], $_POST['db_root_user'], $_POST['db_root_pass']);
  1001         $conn = mysql_connect($_POST['db_host'], $_POST['db_root_user'], $_POST['db_root_pass']);
   996         if(!$conn) err('Error connecting to MySQL: '.mysql_error());
  1002         if(!$conn) err('Error connecting to MySQL: '.mysql_error());
  1136 /* Enano auto-generated configuration file - editing not recommended! */
  1142 /* Enano auto-generated configuration file - editing not recommended! */
  1137 $dbhost   = \''.addslashes($_POST['db_host']).'\';
  1143 $dbhost   = \''.addslashes($_POST['db_host']).'\';
  1138 $dbname   = \''.addslashes($_POST['db_name']).'\';
  1144 $dbname   = \''.addslashes($_POST['db_name']).'\';
  1139 $dbuser   = \''.addslashes($_POST['db_user']).'\';
  1145 $dbuser   = \''.addslashes($_POST['db_user']).'\';
  1140 $dbpasswd = \''.addslashes($_POST['db_pass']).'\';
  1146 $dbpasswd = \''.addslashes($_POST['db_pass']).'\';
  1141 if(!defined(\'ENANO_CONSTANTS\')) {
  1147 if ( !defined(\'ENANO_CONSTANTS\') )
  1142 define(\'ENANO_CONSTANTS\', \'\');
  1148 {
  1143 define(\'table_prefix\', \''.$_POST['table_prefix'].'\');
  1149   define(\'ENANO_CONSTANTS\', \'\');
  1144 define(\'scriptPath\', \''.scriptPath.'\');
  1150   define(\'table_prefix\', \''.addslashes($_POST['table_prefix']).'\');
  1145 define(\'contentPath\', \''.$cp.'\');
  1151   define(\'scriptPath\', \''.scriptPath.'\');
  1146 define(\'ENANO_INSTALLED\', \'true\');
  1152   define(\'contentPath\', \''.$cp.'\');
       
  1153   define(\'ENANO_INSTALLED\', \'true\');
  1147 }
  1154 }
  1148 $crypto_key = \''.$privkey.'\';
  1155 $crypto_key = \''.$privkey.'\';
  1149 ?>';
  1156 ?>';
  1150 
  1157 
  1151       $cf_handle = fopen(ENANO_ROOT.'/config.php', 'w');
  1158       $cf_handle = fopen(ENANO_ROOT.'/config.php', 'w');