1 <?php |
1 <?php |
2 |
2 |
3 /* |
3 /* |
4 * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between |
4 * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between |
5 * Version 1.1.5 (Caoineag alpha 5) |
5 * Version 1.1.6 (Caoineag beta 1) |
6 * Copyright (C) 2006-2008 Dan Fuhry |
6 * Copyright (C) 2006-2008 Dan Fuhry |
7 * Installation package |
7 * Installation package |
8 * payload.php - Installer payload (the installation logic) |
8 * payload.php - Installer payload (the installation logic) |
9 * |
9 * |
10 * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License |
10 * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License |
94 |
94 |
95 if ( is_object($sql_parser) ) |
95 if ( is_object($sql_parser) ) |
96 return $sql_parser->parse(); |
96 return $sql_parser->parse(); |
97 |
97 |
98 $aes = AESCrypt::singleton(AES_BITS, AES_BLOCKSIZE); |
98 $aes = AESCrypt::singleton(AES_BITS, AES_BLOCKSIZE); |
|
99 $hmac_secret = hexencode(AESCrypt::randkey(20), '', ''); |
99 |
100 |
100 $site_key = stg_make_private_key(); |
101 $site_key = stg_make_private_key(); |
101 $site_key = hexdecode($site_key); |
102 $site_key = hexdecode($site_key); |
102 $admin_pass_clean = stg_password_decode(); |
103 $admin_pass_clean = stg_password_decode(); |
103 $admin_pass = $aes->encrypt($admin_pass_clean, $site_key, ENC_HEX); |
104 $admin_pass = hmac_sha1($admin_pass_clean, $hmac_secret); |
104 |
105 |
105 unset($admin_pass_clean); // Security |
106 unset($admin_pass_clean); // Security |
106 |
107 |
107 try |
108 try |
108 { |
109 { |
135 'WIKI_MODE' => ( isset($_POST['wiki_mode']) ? '1' : '0' ), |
136 'WIKI_MODE' => ( isset($_POST['wiki_mode']) ? '1' : '0' ), |
136 'ENABLE_CACHE' => ( is_writable( ENANO_ROOT . '/cache/' ) ? '1' : '0' ), |
137 'ENABLE_CACHE' => ( is_writable( ENANO_ROOT . '/cache/' ) ? '1' : '0' ), |
137 'VERSION' => $installer_version['version'], |
138 'VERSION' => $installer_version['version'], |
138 'ADMIN_USER' => $db->escape($_POST['username']), |
139 'ADMIN_USER' => $db->escape($_POST['username']), |
139 'ADMIN_PASS' => $admin_pass, |
140 'ADMIN_PASS' => $admin_pass, |
|
141 'ADMIN_PASS_SALT' => $hmac_secret, |
140 'ADMIN_EMAIL' => $db->escape($_POST['email']), |
142 'ADMIN_EMAIL' => $db->escape($_POST['email']), |
141 'REAL_NAME' => '', // This has always been stubbed. |
143 'REAL_NAME' => '', // This has always been stubbed. |
142 'ADMIN_EMBED_PHP' => strval(AUTH_DISALLOW), |
144 'ADMIN_EMBED_PHP' => strval(AUTH_DISALLOW), |
143 'UNIX_TIME' => strval(time()), |
145 'UNIX_TIME' => strval(time()), |
144 'MAIN_PAGE_CONTENT' => $wkt, |
146 'MAIN_PAGE_CONTENT' => $wkt, |