install/includes/payload.php
changeset 801 eb8b23f11744
parent 685 17ebe24cdf85
child 819 7ef806a90d44
equal deleted inserted replaced
800:9cdfe82c56cd 801:eb8b23f11744
     1 <?php
     1 <?php
     2 
     2 
     3 /*
     3 /*
     4  * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
     4  * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
     5  * Version 1.1.5 (Caoineag alpha 5)
     5  * Version 1.1.6 (Caoineag beta 1)
     6  * Copyright (C) 2006-2008 Dan Fuhry
     6  * Copyright (C) 2006-2008 Dan Fuhry
     7  * Installation package
     7  * Installation package
     8  * payload.php - Installer payload (the installation logic)
     8  * payload.php - Installer payload (the installation logic)
     9  *
     9  *
    10  * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
    10  * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
    94   
    94   
    95   if ( is_object($sql_parser) )
    95   if ( is_object($sql_parser) )
    96     return $sql_parser->parse();
    96     return $sql_parser->parse();
    97   
    97   
    98   $aes = AESCrypt::singleton(AES_BITS, AES_BLOCKSIZE);
    98   $aes = AESCrypt::singleton(AES_BITS, AES_BLOCKSIZE);
       
    99   $hmac_secret = hexencode(AESCrypt::randkey(20), '', '');
    99   
   100   
   100   $site_key = stg_make_private_key();
   101   $site_key = stg_make_private_key();
   101   $site_key = hexdecode($site_key);
   102   $site_key = hexdecode($site_key);
   102   $admin_pass_clean = stg_password_decode();
   103   $admin_pass_clean = stg_password_decode();
   103   $admin_pass = $aes->encrypt($admin_pass_clean, $site_key, ENC_HEX);
   104   $admin_pass = hmac_sha1($admin_pass_clean, $hmac_secret);
   104   
   105   
   105   unset($admin_pass_clean); // Security
   106   unset($admin_pass_clean); // Security
   106   
   107   
   107   try
   108   try
   108   {
   109   {
   135       'WIKI_MODE'            => ( isset($_POST['wiki_mode']) ? '1' : '0' ),
   136       'WIKI_MODE'            => ( isset($_POST['wiki_mode']) ? '1' : '0' ),
   136       'ENABLE_CACHE'         => ( is_writable( ENANO_ROOT . '/cache/' ) ? '1' : '0' ),
   137       'ENABLE_CACHE'         => ( is_writable( ENANO_ROOT . '/cache/' ) ? '1' : '0' ),
   137       'VERSION'              => $installer_version['version'],
   138       'VERSION'              => $installer_version['version'],
   138       'ADMIN_USER'           => $db->escape($_POST['username']),
   139       'ADMIN_USER'           => $db->escape($_POST['username']),
   139       'ADMIN_PASS'           => $admin_pass,
   140       'ADMIN_PASS'           => $admin_pass,
       
   141       'ADMIN_PASS_SALT'      => $hmac_secret,
   140       'ADMIN_EMAIL'          => $db->escape($_POST['email']),
   142       'ADMIN_EMAIL'          => $db->escape($_POST['email']),
   141       'REAL_NAME'            => '', // This has always been stubbed.
   143       'REAL_NAME'            => '', // This has always been stubbed.
   142       'ADMIN_EMBED_PHP'      => strval(AUTH_DISALLOW),
   144       'ADMIN_EMBED_PHP'      => strval(AUTH_DISALLOW),
   143       'UNIX_TIME'            => strval(time()),
   145       'UNIX_TIME'            => strval(time()),
   144       'MAIN_PAGE_CONTENT'    => $wkt,
   146       'MAIN_PAGE_CONTENT'    => $wkt,