install.php
changeset 257 e7bbbb92385b
parent 256 62ee6685ad18
parent 255 ba28d43a6b86
child 258 808281bfd200
equal deleted inserted replaced
256:62ee6685ad18 257:e7bbbb92385b
   177 {
   177 {
   178   static $conn = false;
   178   static $conn = false;
   179   if ( $act_get )
   179   if ( $act_get )
   180     return $conn;
   180     return $conn;
   181   
   181   
   182   $db_user =& $_POST['db_user'];
   182   $db_user = mysql_real_escape_string($_POST['db_user']);
   183   $db_pass =& $_POST['db_pass'];
   183   $db_pass = mysql_real_escape_string($_POST['db_pass']);
   184   $db_name =& $_POST['db_name'];
   184   $db_name = mysql_real_escape_string($_POST['db_name']);
   185   
   185   
   186   if ( !preg_match('/^[a-z0-9_-]+$/', $db_name) )
   186   if ( !preg_match('/^[a-z0-9_]+$/', $db_name) )
   187   {
   187     die("<p>SECURITY: malformed database name</p>");
   188     $db_name = htmlspecialchars($db_name);
       
   189     die("<p>SECURITY: malformed database name \"$db_name\"</p>");
       
   190   }
       
   191   
   188   
   192   // First, try to connect using the normal credentials
   189   // First, try to connect using the normal credentials
   193   $conn = @mysql_connect($_POST['db_host'], $_POST['db_user'], $_POST['db_pass']);
   190   $conn = @mysql_connect($_POST['db_host'], $_POST['db_user'], $_POST['db_pass']);
   194   if ( !$conn )
   191   if ( !$conn )
   195   {
   192   {
   200       if ( !$conn_root )
   197       if ( !$conn_root )
   201       {
   198       {
   202         // Couldn't connect using either set of credentials. Bail out.
   199         // Couldn't connect using either set of credentials. Bail out.
   203         return false;
   200         return false;
   204       }
   201       }
   205       unset($db_user, $db_pass);
       
   206       $db_user = mysql_real_escape_string($_POST['db_user']);
       
   207       $db_pass = mysql_real_escape_string($_POST['db_pass']);
       
   208       // Create the user account
   202       // Create the user account
   209       $q = @mysql_query("GRANT ALL PRIVILEGES ON test.* TO '{$db_user}'@'localhost' IDENTIFIED BY '$db_pass' WITH GRANT OPTION;", $conn_root);
   203       $q = @mysql_query("GRANT ALL PRIVILEGES ON test.* TO '{$db_user}'@'localhost' IDENTIFIED BY '$db_pass' WITH GRANT OPTION;", $conn_root);
   210       if ( !$q )
   204       if ( !$q )
   211       {
   205       {
   212         return false;
   206         return false;
   231         if ( !$q )
   225         if ( !$q )
   232         {
   226         {
   233           return false;
   227           return false;
   234         }
   228         }
   235       }
   229       }
   236       mysql_close($conn_root);
   230     }
   237       $conn = @mysql_connect($_POST['db_host'], $_POST['db_user'], $_POST['db_pass']);
   231   }
   238       if ( !$conn )
   232   $q = @mysql_query("USE $db_name;", $conn);
   239       {
       
   240         // This should honestly never happen.
       
   241         return false;
       
   242       }
       
   243     }
       
   244   }
       
   245   $q = @mysql_query("USE `$db_name`;", $conn);
       
   246   if ( !$q )
   233   if ( !$q )
   247   {
   234   {
   248     // access denied to the database; try the whole root schenanegan again
   235     // access denied to the database; try the whole root schenanegan again
   249     if ( !empty($_POST['db_root_user']) && !empty($_POST['db_root_pass']) )
   236     if ( !empty($_POST['db_root_user']) && !empty($_POST['db_root_pass']) )
   250     {
   237     {
   253       {
   240       {
   254         // Couldn't connect as root; bail out
   241         // Couldn't connect as root; bail out
   255         return false;
   242         return false;
   256       }
   243       }
   257       // create the database, if it doesn't exist
   244       // create the database, if it doesn't exist
   258       $q = @mysql_query("CREATE DATABASE IF NOT EXISTS `$db_name`;", $conn_root);
   245       $q = @mysql_query("CREATE DATABASE IF NOT EXISTS $db_name;", $conn_root);
   259       if ( !$q )
   246       if ( !$q )
   260       {
   247       {
   261         // this really should never fail, so don't give any tolerance to it
   248         // this really should never fail, so don't give any tolerance to it
   262         return false;
   249         return false;
   263       }
   250       }
   264       unset($db_user, $db_pass);
       
   265       $db_user = mysql_real_escape_string($_POST['db_user']);
       
   266       $db_pass = mysql_real_escape_string($_POST['db_pass']);
       
   267       // we're in with root rights; grant access to the database
   251       // we're in with root rights; grant access to the database
   268       $q = @mysql_query("GRANT ALL PRIVILEGES ON `$db_name`.* TO '{$db_user}'@'localhost';", $conn_root);
   252       $q = @mysql_query("GRANT ALL PRIVILEGES ON $db_name.* TO '{$db_user}'@'localhost';", $conn_root);
   269       if ( !$q )
   253       if ( !$q )
   270       {
   254       {
   271         return false;
   255         return false;
   272       }
   256       }
   273       if ( $_POST['db_host'] != 'localhost' && $_POST['db_host'] != '127.0.0.1' && $_POST['db_host'] != '::1' )
   257       if ( $_POST['db_host'] != 'localhost' && $_POST['db_host'] != '127.0.0.1' && $_POST['db_host'] != '::1' )
   274       {
   258       {
   275         $q = @mysql_query("GRANT ALL PRIVILEGES ON `$db_name`.* TO '{$db_user}'@'%';", $conn_root);
   259         $q = @mysql_query("GRANT ALL PRIVILEGES ON $db_name.* TO '{$db_user}'@'%';", $conn_root);
   276         if ( !$q )
   260         if ( !$q )
   277         {
   261         {
   278           return false;
   262           return false;
   279         }
   263         }
   280       }
   264       }
   281       mysql_close($conn_root);
       
   282       // grant tables have hopefully been flushed, kill and reconnect our regular user connection
       
   283       mysql_close($conn);
       
   284       $conn = @mysql_connect($_POST['db_host'], $_POST['db_user'], $_POST['db_pass']);
       
   285       if ( !$conn )
       
   286       {
       
   287         return false;
       
   288       }
       
   289     }
   265     }
   290     else
   266     else
   291     {
   267     {
   292       return false;
   268       return false;
   293     }
   269     }
   294     // try again
   270     // try again
   295     $q = @mysql_query("USE `$db_name`;", $conn);
   271     $q = @mysql_query("USE $db_name;", $conn);
   296     if ( !$q )
   272     if ( !$q )
   297     {
   273     {
   298       // really failed this time; bail out
   274       // really failed this time; bail out
   299       return false;
   275       return false;
   300     }
   276     }
   692           die('host'.$e);
   668           die('host'.$e);
   693         else
   669         else
   694           die('root'.$e);
   670           die('root'.$e);
   695       }
   671       }
   696       $rsp = 'good';
   672       $rsp = 'good';
   697       $q = mysql_query('USE '.$dbname, $conn);
   673       $q = mysql_query('USE `' . mysql_real_escape_string($dbname) . '`;', $conn);
   698       if(!$q)
   674       if(!$q)
   699       {
   675       {
   700         $e = mysql_error();
   676         $e = mysql_error();
   701         if(strstr($e, 'Unknown database'))
   677         if(strstr($e, 'Unknown database'))
   702         {
   678         {
   725         if(strstr($e, "Lost connection"))
   701         if(strstr($e, "Lost connection"))
   726           die('host'.$e);
   702           die('host'.$e);
   727         else
   703         else
   728           die('auth'.$e);
   704           die('auth'.$e);
   729       }
   705       }
   730       $q = mysql_query('USE '.$dbname, $conn);
   706       $q = mysql_query('USE `' . mysql_real_escape_string($dbname) . '`;', $conn);
   731       if(!$q)
   707       if(!$q)
   732       {
   708       {
   733         $e = mysql_error();
   709         $e = mysql_error();
   734         if(strstr($e, 'Unknown database'))
   710         if(strstr($e, 'Unknown database'))
   735         {
   711         {
   947       
   923       
   948       <div class="pagenav">
   924       <div class="pagenav">
   949       <?php
   925       <?php
   950       if($warned) {
   926       if($warned) {
   951         echo '<table border="0" cellspacing="0" cellpadding="0">';
   927         echo '<table border="0" cellspacing="0" cellpadding="0">';
   952         run_test('return false;', 'Some of the features of Enano have been turned off to accommodate your server.', 'Enano has detected that some of the features or configuration settings on your server are not optimal for the best behavior and/or performance for Enano. As a result, certain features or enhancements that are part of Enano have been disabled to prevent further errors. You have seen those "fatal error" notices that spew from PHP, haven\'t you?<br /><br />&nbsp;&nbsp;&nbsp;<tt>Fatal error:</tt></b><tt> call to undefined function wannahockaloogie() in file <b>'.__FILE__.'</b> on line </tt><b><tt>'.__LINE__.'</tt>', true);
   928         run_test('return false;', 'Some scalebacks were made due to your server configuration.', 'Enano has detected that some of the features or configuration settings on your server are not optimal for the best behavior and/or performance for Enano. As a result, certain features or enhancements that are part of Enano have been disabled to prevent further errors. You have seen those "fatal error" notices that spew from PHP, haven\'t you?<br /><br />Fatal error:</b> call to undefined function wannahokaloogie() in file <b>'.__FILE__.'</b> on line <b>'.__LINE__.'', true);
   953         echo '</table>';
   929         echo '</table>';
   954       } else {
   930       } else {
   955         echo '<table border="0" cellspacing="0" cellpadding="0">';
   931         echo '<table border="0" cellspacing="0" cellpadding="0">';
   956         run_test('return true;', '<b>Your server meets all the requirements for running Enano.</b><br />Click the button below to continue the installation.', 'You should never see this text. Congratulations for being an Enano hacker!');
   932         run_test('return true;', '<b>Your server meets all the requirements for running Enano.</b><br />Click the button below to continue the installation.', 'You should never see this text. Congratulations for being an Enano hacker!');
   957         echo '</table>';
   933         echo '</table>';
   958       }
   934       }
   959       ?>
   935       ?>
   960        <form action="install.php?mode=database" method="post">
   936        <form action="install.php?mode=database" method="post">
   961          <table border="0">
   937          <table border="0">
   962          <tr>
   938          <tr>
   963          <td><input type="submit" value="Continue" /></td><td><p><span style="font-weight: bold;">Before clicking continue:</span><br />&bull; Review the list above to ensure that you are satisfied with any of Enano's workarounds for your server. If you need a particular feature and that feature is listed as disabled above, you should take the opportunity now to correct the problem.<br />&bull; Have your database host, name, username, and password available</p></td>
   939          <td><input type="submit" value="Continue" /></td><td><p><span style="font-weight: bold;">Before clicking continue:</span><br />&bull; Ensure that you are satisfied with any scalebacks that may have been made to accomodate your server configuration<br />&bull; Have your database host, name, username, and password available</p></td>
   964          </tr>
   940          </tr>
   965          </table>
   941          </table>
   966        </form>
   942        </form>
   967      </div>
   943      </div>
   968      <?php
   944      <?php
  1123         else
  1099         else
  1124         {
  1100         {
  1125           document.getElementById('s_db_host').src='images/bad.gif';
  1101           document.getElementById('s_db_host').src='images/bad.gif';
  1126           ret = false;
  1102           ret = false;
  1127         }
  1103         }
  1128         if(frm.db_name.value.match(/^([a-z0-9_-]+)$/g))
  1104         if(frm.db_name.value.match(/^([a-z0-9_]+)$/g))
  1129         {
  1105         {
  1130           document.getElementById('s_db_name').src='images/unknown.gif';
  1106           document.getElementById('s_db_name').src='images/unknown.gif';
  1131         }
  1107         }
  1132         else
  1108         else
  1133         {
  1109         {
  1176     <p>If you do not have access to a MySQL server, and you are using your own server, you can download MySQL for free from
  1152     <p>If you do not have access to a MySQL server, and you are using your own server, you can download MySQL for free from
  1177        <a href="http://www.mysql.com/">MySQL.com</a>. <b>Please note that, like Enano, MySQL is licensed under the GNU GPL.</b>
  1153        <a href="http://www.mysql.com/">MySQL.com</a>. <b>Please note that, like Enano, MySQL is licensed under the GNU GPL.</b>
  1178        If you need to modify MySQL and then distribute your modifications, you must either distribute them under the terms of the GPL
  1154        If you need to modify MySQL and then distribute your modifications, you must either distribute them under the terms of the GPL
  1179        or purchase a proprietary license.</p>
  1155        or purchase a proprietary license.</p>
  1180     <?php
  1156     <?php
  1181     if ( file_exists('/etc/enano-is-virt-appliance') )
  1157     if ( @file_exists('/etc/enano-is-virt-appliance') )
  1182     {
  1158     {
  1183       echo '<p><b>MySQL login information for this virtual appliance:</b><br /><br />Database hostname: localhost<br />Database login: username "enano", password: "clurichaun" (without quotes)<br />Database name: enano_www1</p>';
  1159       echo '<p><b>MySQL login information for this virtual appliance:</b><br /><br />Database hostname: localhost<br />Database login: username "enano", password: "clurichaun" (without quotes)<br />Database name: enano_www1</p>';
  1184     }
  1160     }
  1185     ?>
  1161     ?>
  1186     <form name="dbinfo" action="install.php?mode=website" method="post">
  1162     <form name="dbinfo" action="install.php?mode=website" method="post">
  1187       <table border="0">
  1163       <table border="0">
  1188         <tr>
  1164         <tr><td colspan="3" style="text-align: center"><h3>Database information</h3></td></tr>
  1189           <td colspan="3" style="text-align: center">
  1165         <tr><td><b>Database hostname</b><br />This is the hostname (or sometimes the IP address) of your MySQL server. In many cases, this is "localhost".<br /><span style="color: #993300" id="e_db_host"></span></td><td><input onkeyup="verify();" name="db_host" size="30" type="text" /></td><td><img id="s_db_host" alt="Good/bad icon" src="images/bad.gif" /></td></tr>
  1190             <h3>Database information</h3>
  1166         <tr><td><b>Database name</b><br />The name of the actual database. If you don't already have a database, you can create one here, if you have the username and password of a MySQL user with administrative rights.<br /><span style="color: #993300" id="e_db_name"></span></td><td><input onkeyup="verify();" name="db_name" size="30" type="text" /></td><td><img id="s_db_name" alt="Good/bad icon" src="images/bad.gif" /></td></tr>
  1191           </td>
  1167         <tr><td rowspan="2"><b>Database login</b><br />These fields should be the username and password of a user with "select", "insert", "update", "delete", "create table", and "replace" privileges for your database.<br /><span style="color: #993300" id="e_db_auth"></span></td><td><input onkeyup="verify();" name="db_user" size="30" type="text" /></td><td rowspan="2"><img id="s_db_auth" alt="Good/bad icon" src="images/bad.gif" /></td></tr>
  1192         </tr>
  1168         <tr><td><input name="db_pass" size="30" type="password" /></td></tr>
  1193         <tr>
  1169         <tr><td colspan="3" style="text-align: center"><h3>Optional information</h3></td></tr>
  1194           <td>
  1170         <tr><td><b>Table prefix</b><br />The value that you enter here will be added to the beginning of the name of each Enano table. You may use lowercase letters (a-z), numbers (0-9), and underscores (_).</td><td><input onkeyup="verify();" name="table_prefix" size="30" type="text" /></td><td><img id="s_table_prefix" alt="Good/bad icon" src="images/good.gif" /></td></tr>
  1195             <b>Database hostname</b>
  1171         <tr><td rowspan="2"><b>Database administrative login</b><br />If the MySQL database or username that you entered above does not exist yet, you can create them here, assuming that you have the login information for an administrative user (such as root). Leave these fields blank unless you need to use them.<br /><span style="color: #993300" id="e_db_root"></span></td><td><input onkeyup="verify();" name="db_root_user" size="30" type="text" /></td><td rowspan="2"><img id="s_db_root" alt="Good/bad icon" src="images/good.gif" /></td></tr>
  1196             <br />This is the hostname (or sometimes the IP address) of your MySQL server. In many cases, this is "localhost".
  1172         <tr><td><input onkeyup="verify();" name="db_root_pass" size="30" type="password" /></td></tr>
  1197             <br /><span style="color: #993300" id="e_db_host"></span>
  1173         <tr><td><b>MySQL version</b></td><td id="e_mysql_version">MySQL version information will be checked when you click "Test Connection".</td><td><img id="s_mysql_version" alt="Good/bad icon" src="images/unknown.gif" /></td></tr>
  1198           </td>
  1174         <tr><td><b>Delete existing tables?</b><br />If this option is checked, all the tables that will be used by Enano will be dropped (deleted) before the schema is executed. Do NOT use this option unless specifically instructed to.</td><td><input type="checkbox" name="drop_tables" id="dtcheck" />  <label for="dtcheck">Drop existing tables</label></td></tr>
  1199           <td>
  1175         <tr><td colspan="3" style="text-align: center"><input type="button" value="Test connection" onclick="ajaxTestConnection();" /></td></tr>
  1200             <input onkeyup="verify();" name="db_host" size="30" type="text" />
       
  1201           </td>
       
  1202           <td>
       
  1203             <img id="s_db_host" alt="Good/bad icon" src="images/bad.gif" />
       
  1204           </td>
       
  1205         </tr>
       
  1206         <tr>
       
  1207           <td>
       
  1208             <b>Database name</b><br />
       
  1209             The name of the actual database. If you don't already have a database, you can create one here, if you have the username and password
       
  1210             of a MySQL user with administrative rights.<br />
       
  1211             <span style="color: #993300" id="e_db_name"></span>
       
  1212           </td>
       
  1213           <td>
       
  1214             <input onkeyup="verify();" name="db_name" size="30" type="text" />
       
  1215           </td>
       
  1216           <td>
       
  1217             <img id="s_db_name" alt="Good/bad icon" src="images/bad.gif" />
       
  1218           </td>
       
  1219         </tr>
       
  1220         <tr>
       
  1221           <td rowspan="2">
       
  1222             <b>Database login</b><br />
       
  1223             These fields should be the username and password of a user with "select", "insert", "update", "delete", "create table", and "replace"
       
  1224             privileges for your database.<br />
       
  1225             <span style="color: #993300" id="e_db_auth"></span>
       
  1226           </td>
       
  1227           <td>
       
  1228             <input onkeyup="verify();" name="db_user" size="30" type="text" />
       
  1229           </td>
       
  1230           <td rowspan="2">
       
  1231             <img id="s_db_auth" alt="Good/bad icon" src="images/bad.gif" />
       
  1232           </td>
       
  1233         </tr>
       
  1234         <tr>
       
  1235           <td>
       
  1236             <input name="db_pass" size="30" type="password" />
       
  1237           </td>
       
  1238         </tr>
       
  1239         <tr>
       
  1240           <td colspan="3" style="text-align: center">
       
  1241             <h3>Optional information</h3>
       
  1242           </td>
       
  1243         </tr>
       
  1244         <tr>
       
  1245           <td>
       
  1246             <b>Table prefix</b><br />
       
  1247             The value that you enter here will be added to the beginning of the name of each Enano table. You may use lowercase letters (a-z),
       
  1248             numbers (0-9), and underscores (_).
       
  1249           </td>
       
  1250           <td>
       
  1251             <input onkeyup="verify();" name="table_prefix" size="30" type="text" />
       
  1252           </td>
       
  1253           <td>
       
  1254             <img id="s_table_prefix" alt="Good/bad icon" src="images/good.gif" />
       
  1255           </td>
       
  1256         </tr>
       
  1257         <tr>
       
  1258           <td rowspan="2">
       
  1259             <b>Database administrative login</b><br />
       
  1260             If the MySQL database or username that you entered above does not exist yet, you can create them here, assuming that you have the
       
  1261             login information for an administrative user (such as root). Leave these fields blank unless you need to use them.<br />
       
  1262             <span style="color: #993300" id="e_db_root"></span>
       
  1263           </td>
       
  1264           <td>
       
  1265             <input onkeyup="verify();" name="db_root_user" size="30" type="text" />
       
  1266           </td>
       
  1267           <td rowspan="2">
       
  1268             <img id="s_db_root" alt="Good/bad icon" src="images/good.gif" />
       
  1269           </td>
       
  1270         </tr>
       
  1271         <tr>
       
  1272           <td>
       
  1273             <input onkeyup="verify();" name="db_root_pass" size="30" type="password" />
       
  1274           </td>
       
  1275         </tr>
       
  1276         <tr>
       
  1277           <td>
       
  1278             <b>MySQL version</b>
       
  1279           </td>
       
  1280           <td id="e_mysql_version">
       
  1281             MySQL version information will be checked when you click "Test Connection".
       
  1282           </td>
       
  1283           <td>
       
  1284             <img id="s_mysql_version" alt="Good/bad icon" src="images/unknown.gif" />
       
  1285           </td>
       
  1286         </tr>
       
  1287         <tr>
       
  1288           <td>
       
  1289             <b>Delete existing tables?</b><br />
       
  1290             If this option is checked, all the tables that will be used by Enano will be dropped (deleted) before the schema is executed. Do
       
  1291             NOT use this option unless specifically instructed to.
       
  1292           </td>
       
  1293           <td>
       
  1294             <input type="checkbox" name="drop_tables" id="dtcheck" />  <label for="dtcheck">Drop existing tables</label>
       
  1295           </td>
       
  1296         </tr>
       
  1297         <tr>
       
  1298           <td colspan="3" style="text-align: center">
       
  1299             <input type="button" value="Test connection" onclick="ajaxTestConnection();" />
       
  1300           </td>
       
  1301         </tr>
       
  1302       </table>
  1176       </table>
  1303       <div class="pagenav">
  1177       <div class="pagenav">
  1304         <table border="0">
  1178        <table border="0">
  1305         <tr>
  1179        <tr>
  1306           <td>
  1180        <td><input type="submit" value="Continue" onclick="return verify();" name="_cont" /></td><td><p><span style="font-weight: bold;">Before clicking continue:</span><br />&bull; Check your MySQL connection using the "Test Connection" button.<br />&bull; Be aware that your database information will be transmitted unencrypted several times.</p></td>
  1307             <input type="submit" value="Continue" onclick="return verify();" name="_cont" />
  1181        </tr>
  1308           </td>
  1182        </table>
  1309           <td>
  1183      </div>
  1310             <p>
       
  1311               <span style="font-weight: bold;">Before continuing:</span><br />
       
  1312               &bull; Check your MySQL connection using the "Test Connection" button.<br />
       
  1313               &bull; Be aware that your database information will be transmitted unencrypted several times.
       
  1314             </p>
       
  1315           </td>
       
  1316         </tr>
       
  1317         </table>
       
  1318       </div>
       
  1319     </form>
  1184     </form>
  1320     <?php
  1185     <?php
  1321     break;
  1186     break;
  1322   case "website":
  1187   case "website":
  1323     if(!isset($_POST['_cont'])) {
  1188     if(!isset($_POST['_cont'])) {
  1372           echo '<input type="hidden" name="'.htmlspecialchars($k[$i]).'" value="'.htmlspecialchars($_POST[$k[$i]]).'" />'."\n";
  1237           echo '<input type="hidden" name="'.htmlspecialchars($k[$i]).'" value="'.htmlspecialchars($_POST[$k[$i]]).'" />'."\n";
  1373         }
  1238         }
  1374       ?>
  1239       ?>
  1375       <p>The next step is to enter some information about your website. You can always change this information later, using the administration panel.</p>
  1240       <p>The next step is to enter some information about your website. You can always change this information later, using the administration panel.</p>
  1376       <table border="0">
  1241       <table border="0">
  1377         <tr>
  1242         <tr><td><b>Website name</b><br />The display name of your website. Allowed characters are uppercase and lowercase letters, numerals, and spaces. This must not be blank or "Enano".</td><td><input onkeyup="verify();" name="sitename" type="text" size="30" /></td><td><img id="s_name" alt="Good/bad icon" src="images/bad.gif" /></td></tr>
  1378           <td>
  1243         <tr><td><b>Website description</b><br />This text will be shown below the name of your website.</td><td><input onkeyup="verify();" name="sitedesc" type="text" size="30" /></td><td><img id="s_desc" alt="Good/bad icon" src="images/bad.gif" /></td></tr>
  1379             <b>Website name</b><br />
  1244         <tr><td><b>Copyright info</b><br />This should be a one-line legal notice that will appear at the bottom of all your pages.</td><td><input onkeyup="verify();" name="copyright" type="text" size="30" /></td><td><img id="s_copyright" alt="Good/bad icon" src="images/bad.gif" /></td></tr>
  1380             The display name of your website. Allowed characters are uppercase and lowercase letters, numerals, and spaces. This must not
  1245         <tr><td><b>Wiki mode</b><br />This feature allows people to create and edit pages on your site. Enano keeps a history of all page modifications, and you can protect pages to prevent editing.</td><td><input name="wiki_mode" type="checkbox" id="wmcheck" />  <label for="wmcheck">Yes, make my website a wiki.</label></td><td></td></tr>
  1381             be blank or "Enano".
  1246         <tr><td><b>URL scheme</b><br />Choose how the page URLs will look. Depending on your server configuration, you may need to select the first option. If you don't know, select the first option, and you can always change it later.</td><td colspan="2"><input type="radio" <?php if(!is_apache()) echo 'checked="checked" '; ?>name="urlscheme" value="ugly" id="ugly">  <label for="ugly">Standard URLs - compatible with any web server (www.example.com/index.php?title=Page_name)</label><br /><input type="radio" <?php if(is_apache()) echo 'checked="checked" '; ?>name="urlscheme" value="short" id="short">  <label for="short">Short URLs - requires Apache with a PHP module (www.example.com/index.php/Page_name)</label><br /><input type="radio" name="urlscheme" value="tiny" id="petite">  <label for="petite">Tiny URLs - requires Apache on Linux/Unix/BSD with PHP module and mod_rewrite enabled (www.example.com/Page_name)</label></td></tr>
  1382           </td>
       
  1383           <td>
       
  1384             <input onkeyup="verify();" name="sitename" type="text" size="30" />
       
  1385           </td>
       
  1386           <td>
       
  1387             <img id="s_name" alt="Good/bad icon" src="images/bad.gif" />
       
  1388           </td>
       
  1389         </tr>
       
  1390         <tr>
       
  1391           <td>
       
  1392             <b>Website description</b><br />
       
  1393             This text will be shown below the name of your website.
       
  1394           </td>
       
  1395           <td>
       
  1396             <input onkeyup="verify();" name="sitedesc" type="text" size="30" />
       
  1397           </td>
       
  1398           <td>
       
  1399             <img id="s_desc" alt="Good/bad icon" src="images/bad.gif" />
       
  1400           </td>
       
  1401         </tr>
       
  1402         <tr>
       
  1403           <td>
       
  1404             <b>Copyright info</b><br />
       
  1405             This should be a one-line legal notice that will appear at the bottom of all your pages.
       
  1406           </td>
       
  1407           <td>
       
  1408             <input onkeyup="verify();" name="copyright" type="text" size="30" />
       
  1409           </td>
       
  1410           <td>
       
  1411             <img id="s_copyright" alt="Good/bad icon" src="images/bad.gif" />
       
  1412           </td>
       
  1413         </tr>
       
  1414         <tr>
       
  1415           <td>
       
  1416             <b>Wiki mode</b><br />
       
  1417             This feature allows people to create and edit pages on your site. Enano keeps a history of all page modifications, and you can
       
  1418             protect pages to prevent editing.
       
  1419           </td>
       
  1420           <td>
       
  1421             <input name="wiki_mode" type="checkbox" id="wmcheck" />  <label for="wmcheck">Yes, make my website a wiki.</label>
       
  1422           </td>
       
  1423           <td>
       
  1424             &nbsp;
       
  1425           </td>
       
  1426         </tr>
       
  1427         <tr>
       
  1428           <td>
       
  1429             <b>URL scheme</b><br />
       
  1430             Choose how the page URLs will look. Depending on your server configuration, you may need to select the first option. If you
       
  1431             don't know, select the first option, and you can always change it later.
       
  1432           </td>
       
  1433           <td colspan="2">
       
  1434             <input type="radio" <?php if(!is_apache()) echo 'checked="checked" '; ?>name="urlscheme" value="ugly" id="ugly"  />  <label for="ugly">Standard URLs - compatible with any web server (www.example.com/index.php?title=Page_name)</label><br />
       
  1435             <input type="radio" <?php if(is_apache()) echo 'checked="checked" '; ?>name="urlscheme" value="short" id="short" />  <label for="short">Short URLs - requires Apache with a PHP module (www.example.com/index.php/Page_name)</label><br />
       
  1436             <input type="radio" name="urlscheme" value="tiny" id="petite">  <label for="petite">Tiny URLs - requires Apache on Linux/Unix/BSD with PHP module and mod_rewrite enabled (www.example.com/Page_name)</label>
       
  1437           </td>
       
  1438         </tr>
       
  1439       </table>
  1247       </table>
  1440       <div class="pagenav">
  1248       <div class="pagenav">
  1441        <table border="0">
  1249        <table border="0">
  1442          <tr>
  1250        <tr>
  1443            <td>
  1251        <td><input type="submit" value="Continue" onclick="return verify();" name="_cont" /></td><td><p><span style="font-weight: bold;">Before clicking continue:</span><br />&bull; Verify that your site information is correct. Again, all of the above settings can be changed from the administration panel.</p></td>
  1444              <input type="submit" value="Continue" onclick="return verify();" name="_cont" />
  1252        </tr>
  1445            </td>
       
  1446            <td>
       
  1447              <p>
       
  1448                <span style="font-weight: bold;">Before clicking continue:</span><br />
       
  1449                &bull; Verify that your site information is correct. Again, all of the above settings can be changed from the administration
       
  1450                       panel.
       
  1451              </p>
       
  1452            </td>
       
  1453          </tr>
       
  1454        </table>
  1253        </table>
  1455      </div>
  1254      </div>
  1456     </form>
  1255     </form>
  1457     <?php
  1256     <?php
  1458     break;
  1257     break;
  1536           echo '<input type="hidden" name="'.htmlspecialchars($k[$i]).'" value="'.htmlspecialchars($_POST[$k[$i]]).'" />'."\n";
  1335           echo '<input type="hidden" name="'.htmlspecialchars($k[$i]).'" value="'.htmlspecialchars($_POST[$k[$i]]).'" />'."\n";
  1537         }
  1336         }
  1538       ?>
  1337       ?>
  1539       <p>Next, enter your desired username and password. The account you create here will be used to administer your site.</p>
  1338       <p>Next, enter your desired username and password. The account you create here will be used to administer your site.</p>
  1540       <table border="0">
  1339       <table border="0">
  1541         <tr>
  1340         <tr><td><b>Administration username</b><br /><small>The administration username you will use to log into your site.<br />This cannot be "anonymous" or in the form of an IP address.</small></td><td><input onkeyup="verify();" name="admin_user" type="text" size="30" /></td><td><img id="s_user" alt="Good/bad icon" src="images/bad.gif" /></td></tr>
  1542           <td><b>Administration username</b><br /><small>The administration username you will use to log into your site.<br />This cannot be "anonymous" or in the form of an IP address.</small></td><td><input onkeyup="verify();" name="admin_user" type="text" size="30" /></td><td><img id="s_user" alt="Good/bad icon" src="images/bad.gif" /></td>
  1341         <tr><td>Administration password:</td><td><input onkeyup="verify();" name="admin_pass" type="password" size="30" /></td><td rowspan="2"><img id="s_password" alt="Good/bad icon" src="images/bad.gif" /></td></tr>
  1543         </tr>
  1342         <tr><td>Enter it again to confirm:</td><td><input onkeyup="verify();" name="admin_pass_confirm" type="password" size="30" /></td></tr>
  1544         <tr>
  1343         <tr><td>Your e-mail address:</td><td><input onkeyup="verify();" name="admin_email" type="text" size="30" /></td><td><img id="s_email" alt="Good/bad icon" src="images/bad.gif" /></td></tr>
  1545           <td>Administration password:</td>
       
  1546           <td><input onkeyup="verify();" name="admin_pass" type="password" size="30" /></td>
       
  1547           <td rowspan="2"><img id="s_password" alt="Good/bad icon" src="images/bad.gif" /></td>
       
  1548         </tr>
       
  1549         <tr>
       
  1550           <td>Enter it again to confirm:</td>
       
  1551           <td><input onkeyup="verify();" name="admin_pass_confirm" type="password" size="30" /></td>
       
  1552         </tr>
       
  1553         <tr>
       
  1554           <td>Your e-mail address:</td>
       
  1555           <td><input onkeyup="verify();" name="admin_email" type="text" size="30" /></td>
       
  1556           <td><img id="s_email" alt="Good/bad icon" src="images/bad.gif" /></td>
       
  1557         </tr>
       
  1558         <tr>
  1344         <tr>
  1559           <td>
  1345           <td>
  1560             Allow administrators to embed PHP code into pages:<br />
  1346             Allow administrators to embed PHP code into pages:<br />
  1561             <small><span style="color: #D84308">Do not under any circumstances enable this option without reading these
  1347             <small><span style="color: #D84308">Do not under any circumstances enable this option without reading these
  1562                    <a href="install.php?mode=pophelp&amp;topic=admin_embed_php"
  1348                    <a href="install.php?mode=pophelp&amp;topic=admin_embed_php"
  1572         </tr>
  1358         </tr>
  1573         <tr><td colspan="3">If your browser supports Javascript, the password you enter here will be encrypted with AES before it is sent to the server.</td></tr>
  1359         <tr><td colspan="3">If your browser supports Javascript, the password you enter here will be encrypted with AES before it is sent to the server.</td></tr>
  1574       </table>
  1360       </table>
  1575       <div class="pagenav">
  1361       <div class="pagenav">
  1576        <table border="0">
  1362        <table border="0">
  1577          <tr>
  1363        <tr>
  1578            <td>
  1364        <td><input type="submit" value="Continue" onclick="return cryptdata();" name="_cont" /></td><td><p><span style="font-weight: bold;">Before clicking continue:</span><br />&bull; Remember the username and password you enter here! You will not be able to administer your site without the information you enter on this page.</p></td>
  1579              <input type="submit" value="Continue" onclick="return cryptdata();" name="_cont" />
  1365        </tr>
  1580            </td>
       
  1581            <td>
       
  1582              <p>
       
  1583                <span style="font-weight: bold;">Before clicking continue:</span><br />
       
  1584                &bull; Remember the username and password you enter here! You will not be able to administer your site without the
       
  1585                information you enter on this page.
       
  1586              </p>
       
  1587            </td>
       
  1588          </tr>
       
  1589        </table>
  1366        </table>
  1590       </div>
  1367       </div>
  1591       <div id="cryptdebug"></div>
  1368       <div id="cryptdebug"></div>
  1592       <input type="hidden" name="use_crypt" value="no" />
  1369      <input type="hidden" name="use_crypt" value="no" />
  1593       <input type="hidden" name="crypt_key" value="<?php echo $cryptkey; ?>" />
  1370      <input type="hidden" name="crypt_key" value="<?php echo $cryptkey; ?>" />
  1594       <input type="hidden" name="crypt_data" value="" />
  1371      <input type="hidden" name="crypt_data" value="" />
  1595     </form>
  1372     </form>
  1596     <script type="text/javascript">
  1373     <script type="text/javascript">
  1597     // <![CDATA[
  1374     // <![CDATA[
  1598       var frm = document.forms.login;
  1375       var frm = document.forms.login;
  1599       frm.admin_user.focus();
  1376       frm.admin_user.focus();