--- a/includes/common.php Thu Jan 17 09:39:56 2008 -0500
+++ b/includes/common.php Thu Jan 17 23:31:35 2008 -0500
@@ -259,35 +259,6 @@
setConfig('default_language', $row['lang_id']);
}
-// Our list of tables included in Enano
-$system_table_list = Array(
- table_prefix.'categories',
- table_prefix.'comments',
- table_prefix.'config',
- table_prefix.'logs',
- table_prefix.'page_text',
- table_prefix.'session_keys',
- table_prefix.'pages',
- table_prefix.'users',
- table_prefix.'users_extra',
- table_prefix.'themes',
- table_prefix.'buddies',
- table_prefix.'banlist',
- table_prefix.'files',
- table_prefix.'privmsgs',
- table_prefix.'sidebar',
- table_prefix.'hits',
- table_prefix.'groups',
- table_prefix.'group_members',
- table_prefix.'acl',
- table_prefix.'page_groups',
- table_prefix.'page_group_members',
- table_prefix.'tags',
- table_prefix.'language',
- table_prefix.'language_strings',
- table_prefix.'lockout'
- );
-
// Load plugin manager
$plugins = new pluginLoader();
--- a/includes/constants.php Thu Jan 17 09:39:56 2008 -0500
+++ b/includes/constants.php Thu Jan 17 23:31:35 2008 -0500
@@ -141,6 +141,44 @@
// significantly increase encryption strength either.
define('AES_BLOCKSIZE', 128);
+// Our list of tables included in Enano
+$system_table_list = Array(
+ 'categories',
+ 'comments',
+ 'config',
+ 'logs',
+ 'page_text',
+ 'session_keys',
+ 'pages',
+ 'users',
+ 'users_extra',
+ 'themes',
+ 'buddies',
+ 'banlist',
+ 'files',
+ 'privmsgs',
+ 'sidebar',
+ 'hits',
+ 'groups',
+ 'group_members',
+ 'acl',
+ 'page_groups',
+ 'page_group_members',
+ 'tags',
+ 'language',
+ 'language_strings',
+ 'lockout',
+ 'search_index'
+ );
+
+if ( defined('table_prefix') )
+{
+ foreach ( $system_table_list as $i => $_ )
+ {
+ $system_table_list[$i] = table_prefix . $system_table_list[$i];
+ }
+}
+
/*
* MIMETYPES
*
--- a/includes/dbal.php Thu Jan 17 09:39:56 2008 -0500
+++ b/includes/dbal.php Thu Jan 17 23:31:35 2008 -0500
@@ -199,7 +199,11 @@
$q = $this->sql_query('USE `'.$dbname.'`;');
if ( !$q )
+ {
+ if ( $manual_credentials )
+ return false;
$this->_die('The database could not be selected.');
+ }
// We're in!
$this->disable_errorhandler();
--- a/includes/pageutils.php Thu Jan 17 09:39:56 2008 -0500
+++ b/includes/pageutils.php Thu Jan 17 23:31:35 2008 -0500
@@ -211,7 +211,7 @@
if ($db->numrows() > 0 )
{
$r = $db->fetchrow();
- echo '<p>This page also appears to have some log entries in the database - it seems that it was deleted on ' . $r['date_string'] . '. You can probably <a href="'.makeUrl($paths->page, 'do=rollback&id=' . $r['time_id']) . '" onclick="ajaxRollback(\'' . $r['time_id'] . '\'); return false;">roll back</a> the deletion.</p>';
+ echo '<p>This page also appears to have some log entries in the database - it seems that it was deleted on ' . enano_date('d M Y h:i a', intval($r['time_id'])) . '. You can probably <a href="'.makeUrl($paths->page, 'do=rollback&id=' . $r['time_id']) . '" onclick="ajaxRollback(\'' . $r['time_id'] . '\'); return false;">roll back</a> the deletion.</p>';
}
$db->free_result();
}
@@ -258,7 +258,7 @@
}
$r = $db->fetchrow();
$db->free_result();
- $message = '<div class="info-box" style="margin-left: 0; margin-top: 5px;"><b>Notice:</b><br />The page you are viewing was archived on ' . $r['date_string'] . '.<br /><a href="'.makeUrl($page).'" onclick="ajaxReset(); return false;">View current version</a> | <a href="'.makeUrl($page, 'do=rollback&id=' . $hist_id) . '" onclick="ajaxRollback(\'' . $hist_id . '\')">Restore this version</a></div><br />'.RenderMan::render($r['page_text']);
+ $message = '<div class="info-box" style="margin-left: 0; margin-top: 5px;"><b>Notice:</b><br />The page you are viewing was archived on ' . enano_date('d M Y h:i a', intval($r['time_id'])) . '.<br /><a href="'.makeUrl($page).'" onclick="ajaxReset(); return false;">View current version</a> | <a href="'.makeUrl($page, 'do=rollback&id=' . $hist_id) . '" onclick="ajaxRollback(\'' . $hist_id . '\')">Restore this version</a></div><br />'.RenderMan::render($r['page_text']);
if( !$paths->pages[$page]['special'] )
{
@@ -618,7 +618,7 @@
if($ticker < $numrows) echo '<td class="' . $cls . '" style="padding: 0;"><input ' . $s2 . 'name="diff2" type="radio" value="' . $r['time_id'] . '" id="diff2_' . $r['time_id'] . '" class="clsDiff2Radio" onclick="selectDiff2Button(this);" /></td>'."\n"; else echo '<td class="' . $cls . '"></td>';
// Date and time
- echo '<td class="' . $cls . '">' . $r['date_string'] . '</td class="' . $cls . '">'."\n";
+ echo '<td class="' . $cls . '">' . enano_date('d M Y h:i a', intval($r['time_id'])) . '</td class="' . $cls . '">'."\n";
// User
if ( $session->get_permissions('mod_misc') && is_valid_ip($r['author']) )
@@ -694,7 +694,7 @@
echo '<tr>';
// Date and time
- echo '<td class="' . $cls . '">' . $r['date_string'] . '</td class="' . $cls . '">';
+ echo '<td class="' . $cls . '">' . enano_date('d M Y h:i a', intval($r['time_id'])) . '</td class="' . $cls . '">';
// User
echo '<td class="' . $cls . '"><a href="'.makeUrlNS('User', sanitize_page_id($r['author'])).'" ';
@@ -811,7 +811,7 @@
}
else
{
- return 'The page "' . $paths->pages[$paths->nslist[$rb['namespace']].$rb['page_id']]['name'].'" has been rolled back to the state it was in on ' . $rb['date_string'] . '.';
+ return 'The page "' . $paths->pages[$paths->nslist[$rb['namespace']].$rb['page_id']]['name'].'" has been rolled back to the state it was in on ' . enano_date('d M Y h:i a', intval($rb['time_id'])) . '.';
}
break;
case "rename":
@@ -825,7 +825,7 @@
}
else
{
- return 'The page "' . $paths->pages[$paths->nslist[$rb['namespace']].$rb['page_id']]['name'].'" has been rolled back to the name it had ("' . $rb['edit_summary'] . '") before ' . $rb['date_string'] . '.';
+ return 'The page "' . $paths->pages[$paths->nslist[$rb['namespace']].$rb['page_id']]['name'].'" has been rolled back to the name it had ("' . $rb['edit_summary'] . '") before ' . enano_date('d M Y h:i a', intval($rb['time_id'])) . '.';
}
break;
case "prot":
@@ -835,7 +835,7 @@
if ( !$e )
return "An error occurred during the rollback operation.\nMySQL said: ".$db->get_error()."\n\nSQL backtrace:\n".$db->sql_backtrace();
else
- return 'The page "' . $paths->pages[$paths->nslist[$rb['namespace']].$rb['page_id']]['name'].'" has been unprotected according to the log created at ' . $rb['date_string'] . '.';
+ return 'The page "' . $paths->pages[$paths->nslist[$rb['namespace']].$rb['page_id']]['name'].'" has been unprotected according to the log created at ' . enano_date('d M Y h:i a', intval($rb['time_id'])) . '.';
break;
case "semiprot":
if ( !$perms->get_permissions('protect') )
@@ -844,7 +844,7 @@
if ( !$e )
return "An error occurred during the rollback operation.\nMySQL said: ".$db->get_error()."\n\nSQL backtrace:\n".$db->sql_backtrace();
else
- return 'The page "' . $paths->pages[$paths->nslist[$rb['namespace']].$rb['page_id']]['name'].'" has been unprotected according to the log created at ' . $rb['date_string'] . '.';
+ return 'The page "' . $paths->pages[$paths->nslist[$rb['namespace']].$rb['page_id']]['name'].'" has been unprotected according to the log created at ' . enano_date('d M Y h:i a', intval($rb['time_id'])) . '.';
break;
case "unprot":
if ( !$perms->get_permissions('protect') )
@@ -853,7 +853,7 @@
if ( !$e )
return "An error occurred during the rollback operation.\nMySQL said: ".$db->get_error()."\n\nSQL backtrace:\n".$db->sql_backtrace();
else
- return 'The page "' . $paths->pages[$paths->nslist[$rb['namespace']].$rb['page_id']]['name'].'" has been protected according to the log created at ' . $rb['date_string'] . '.';
+ return 'The page "' . $paths->pages[$paths->nslist[$rb['namespace']].$rb['page_id']]['name'].'" has been protected according to the log created at ' . enano_date('d M Y h:i a', intval($rb['time_id'])) . '.';
break;
case "delete":
if ( !$perms->get_permissions('history_rollback_extra') )
@@ -865,7 +865,7 @@
$e = $db->sql_query('SELECT page_text,char_tag FROM ' . table_prefix.'logs WHERE page_id=\'' . $rb['page_id'] . '\' AND namespace=\'' . $rb['namespace'] . '\' AND log_type=\'page\' AND action=\'edit\' ORDER BY time_id DESC;'); if(!$e) return("An error occurred during the rollback operation.\nMySQL said: ".$db->get_error()."\n\nSQL backtrace:\n".$db->sql_backtrace());
$r = $db->fetchrow();
$e = $db->sql_query('INSERT INTO ' . table_prefix.'page_text(page_id,namespace,page_text,char_tag) VALUES(\'' . $rb['page_id'] . '\',\'' . $rb['namespace'] . '\',\'' . $db->escape($r['page_text']) . '\',\'' . $r['char_tag'] . '\')'); if(!$e) return("An error occurred during the rollback operation.\nMySQL said: ".$db->get_error()."\n\nSQL backtrace:\n".$db->sql_backtrace());
- return 'The page "' . $name . '" has been undeleted according to the log created at ' . $rb['date_string'] . '.';
+ return 'The page "' . $name . '" has been undeleted according to the log created at ' . enano_date('d M Y h:i a', intval($rb['time_id'])) . '.';
break;
case "reupload":
if ( !$session->get_permissions('history_rollback_extra') )
@@ -1453,7 +1453,7 @@
// This is a special exception for the Enano installer, which doesn't init languages yet.
$lang = new Language('eng');
}
- if(!$session->get_permissions('clear_logs'))
+ if(!$session->get_permissions('clear_logs') && !defined('IN_ENANO_INSTALL'))
{
return $lang->get('etc_access_denied');
}
--- a/includes/paths.php Thu Jan 17 09:39:56 2008 -0500
+++ b/includes/paths.php Thu Jan 17 23:31:35 2008 -0500
@@ -145,7 +145,7 @@
}
$db->free_result();
- if ( defined('ENANO_INTERFACE_INDEX') || defined('ENANO_INTERFACE_AJAX') || defined('IN_ENANO_INSTALL') || defined('IN_ENANO_UPGRADE') )
+ if ( defined('ENANO_INTERFACE_INDEX') || defined('ENANO_INTERFACE_AJAX') || defined('IN_ENANO_UPGRADE') )
{
if( isset($_GET['title']) )
{
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/includes/payload.php Thu Jan 17 23:31:35 2008 -0500
@@ -0,0 +1,312 @@
+<?php
+
+/*
+ * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
+ * Version 1.1.1
+ * Copyright (C) 2006-2007 Dan Fuhry
+ * Installation package
+ * payload.php - Installer payload (the installation logic)
+ *
+ * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
+ */
+
+if ( !defined('IN_ENANO_INSTALL') )
+ die();
+
+return true;
+
+function stg_sim_good()
+{
+ return true;
+}
+
+function stg_sim_bad()
+{
+ return true;
+}
+
+function stg_password_decode()
+{
+ global $db;
+ static $pass = false;
+
+ if ( $pass )
+ return $pass;
+
+ if ( !isset($_POST['crypt_data']) && !empty($_POST['password']) && $_POST['password'] === $_POST['password_confirm'] )
+ $pass = $_POST['password'];
+
+ $aes = AESCrypt::singleton(AES_BITS, AES_BLOCKSIZE);
+ // retrieve encryption key
+ $q = $db->sql_query('SELECT config_value FROM ' . table_prefix . 'config WHERE config_name=\'install_aes_key\';');
+ if ( !$q )
+ $db->_die();
+ if ( $db->numrows() < 1 )
+ return false;
+ list($aes_key) = $db->fetchrow_num();
+ $aes_key = $aes->hextostring($aes_key);
+
+ $pass = $aes->decrypt($_POST['crypt_data'], $aes_key, ENC_HEX);
+ if ( !$pass )
+ return false;
+
+ return $pass; // Will be true if the password isn't crapped
+}
+
+function stg_make_private_key()
+{
+ global $db;
+ static $site_key = false;
+
+ if ( $site_key )
+ return $site_key;
+
+ // Is there already a key cached in the database?
+ $q = $db->sql_query('SELECT config_value FROM ' . table_prefix . 'config WHERE config_name=\'site_aes_key\';');
+ if ( !$q )
+ $db->_die();
+
+ if ( $db->numrows() > 0 )
+ {
+ list($site_key) = $db->fetchrow_num();
+ $db->free_result();
+ return $site_key;
+ }
+
+ $aes = AESCrypt::singleton(AES_BITS, AES_BLOCKSIZE);
+ // This will use /dev/urandom if possible
+ $site_key = $aes->gen_readymade_key();
+
+ // Stash it in the database, don't check for errors though because we can always regenerate it
+ $db->sql_query('INSERT INTO ' . table_prefix . 'config ( config_name, config_value ) VALUES ( \'site_aes_key\', \'' . $site_key . '\' );');
+
+ return $site_key;
+}
+
+function stg_load_schema()
+{
+ global $db, $dbdriver, $installer_version;
+ static $sql_parser = false;
+
+ if ( is_object($sql_parser) )
+ return $sql_parser->parse();
+
+ $aes = AESCrypt::singleton(AES_BITS, AES_BLOCKSIZE);
+
+ $site_key = stg_make_private_key();
+ $site_key = $aes->hextostring($site_key);
+ $admin_pass_clean = stg_password_decode();
+ $admin_pass = $aes->encrypt($admin_pass_clean, $site_key, ENC_HEX);
+
+ unset($admin_pass_clean); // Security
+
+ try
+ {
+ $sql_parser = new SQL_Parser( ENANO_ROOT . "/install/schemas/{$dbdriver}_stage2.sql" );
+ }
+ catch ( Exception $e )
+ {
+ echo "<pre>$e</pre>";
+ return false;
+ }
+
+ $vars = array(
+ 'TABLE_PREFIX' => $_POST['table_prefix'],
+ 'SITE_NAME' => $db->escape($_POST['site_name']),
+ 'SITE_DESC' => $db->escape($_POST['site_desc']),
+ 'COPYRIGHT' => $db->escape($_POST['copyright']),
+ // FIXME: update form
+ 'WIKI_MODE' => ( isset($_POST['wiki_mode']) ? '1' : '0' ),
+ 'ENABLE_CACHE' => ( is_writable( ENANO_ROOT . '/cache/' ) ? '1' : '0' ),
+ 'VERSION' => $installer_version['version'],
+ 'ADMIN_USER' => $db->escape($_POST['username']),
+ 'ADMIN_PASS' => $admin_pass,
+ 'ADMIN_EMAIL' => $db->escape($_POST['email']),
+ 'REAL_NAME' => '', // This has always been stubbed.
+ 'ADMIN_EMBED_PHP' => strval(AUTH_DISALLOW),
+ 'UNIX_TIME' => strval(time())
+ );
+
+ $sql_parser->assign_vars($vars);
+ return $sql_parser->parse();
+}
+
+function stg_deliver_payload()
+{
+ global $db;
+ $schema = stg_load_schema();
+ foreach ( $schema as $sql )
+ {
+ if ( !$db->sql_query($sql) )
+ {
+ echo $db->get_error();
+ return false;
+ }
+ }
+ return true;
+}
+
+function stg_write_config()
+{
+ global $dbhost, $dbuser, $dbpasswd, $dbname, $dbdriver;
+ $db_data = array(
+ 'host' => str_replace("'", "\\'", $dbhost),
+ 'user' => str_replace("'", "\\'", $dbuser),
+ 'pass' => str_replace("'", "\\'", $dbpasswd),
+ 'name' => str_replace("'", "\\'", $dbname),
+ 'tp' => table_prefix,
+ 'drv' => $dbdriver
+ );
+
+ // Retrieves the existing key
+ $site_key = stg_make_private_key();
+
+ // Determine contentPath
+ switch ( @$_POST['url_scheme'] )
+ {
+ case 'standard':
+ default:
+ $sp_append = 'index.php?title=';
+ break;
+ case 'shortened':
+ $sp_append = 'index.php/';
+ break;
+ case 'rewrite':
+ $sp_append = '/';
+ break;
+ }
+
+ $scriptpath = scriptPath;
+ $contentpath = $scriptpath . $sp_append;
+
+ $config_file = <<<EOF
+<?php
+
+/**
+ * Enano site configuration
+ * NOTE ON EDITING: You should almost never need to change anything in this
+ * file. The only exceptions are when your DB password/other info is changed
+ * or if you are moving your Enano installation to another directory.
+ */
+
+//
+// DATABASE INFO
+//
+
+// Database type to use, currently mysql and postgresql are supported
+\$dbdriver = '{$db_data['drv']}';
+
+// Hostname of your database server, probably localhost
+\$dbhost = '{$db_data['host']}';
+
+// Username used to connect to the database
+\$dbuser = '{$db_data['user']}';
+// Database password
+\$dbpasswd = '{$db_data['pass']}';
+
+// Name of the database
+\$dbname = '{$db_data['name']}';
+
+//
+// CONSTANTS
+//
+
+// if they're already defined, no use re-defining them
+if ( !defined('ENANO_CONSTANTS') )
+{
+ // The prefix for the tables in the database. Useful for holding more than
+ // one Enano installation in the same database.
+ define('table_prefix', '{$db_data['tp']}');
+
+ // The path to Enano's files on your server, from the document root. If
+ // Enano is installed in your document root this will be blank; installing
+ // Enano in /enano/ will result in "/enano" here, etc.
+ define('scriptPath', '$scriptpath');
+
+ // The authoritative prefix for pages. This should be very literal: to
+ // generate a URL on the site, the format is basically
+ // contentPath . \$page_name. This is based off of scriptPath and the URL
+ // scheme selected during installation. Pattern:
+ //
+ // * Standard URLs: scriptPath . '/index.php?title='
+ // * Shortened URLs: scriptPath . '/index.php/'
+ // * mod_rewrite: scriptPath . '/'
+
+ define('contentPath', '$contentpath');
+
+ // Tell the Enano API that we're installed and that this file is complete
+ define('ENANO_INSTALLED', 'You bet!');
+
+ define('ENANO_CONSTANTS', '');
+}
+
+// The AES encryption key used to store passwords. We have a very specific
+// reason for doing this; see the rationale at:
+// http://docs.enanocms.org/Help:Appendix_B
+\$crypto_key = '$site_key';
+
+EOF;
+
+ // Write config file
+
+ $ch = @fopen ( ENANO_ROOT . '/config.new.php', 'w' );
+ if ( !$ch )
+ return false;
+
+ fwrite($ch, $config_file);
+ fclose($ch);
+
+ // If we are using mod_rewrite, also append any existing .htaccess
+ if ( @$_POST['url_scheme'] === 'rewrite' )
+ {
+ $hh = @fopen ( ENANO_ROOT . '/.htaccess.new', 'w' );
+ if ( !$hh )
+ return false;
+ $hhc = <<<EOF
+#
+# START ENANO RULES
+#
+
+# Enable mod_rewrite
+RewriteEngine on
+
+# Don't rewrite if the user requested a real directory or file
+RewriteCond %{REQUEST_FILENAME} !-f
+RewriteCond %{REQUEST_FILENAME} !-d
+
+# Main rule - short and sweet
+RewriteRule (.*) index.php?title=\$1 [L,QSA]
+
+EOF;
+ fwrite($hh, $hhc);
+ fclose($hh);
+ }
+
+ return true;
+}
+
+function stg_language_setup()
+{
+ global $languages, $db;
+ global $lang_id;
+ $lang_info =& $languages[$lang_id];
+ if ( !is_array($lang_info) )
+ return false;
+
+ // Install the language
+ // ($lang_code, $lang_name_neutral, $lang_name_local, $lang_file = false)
+ $result = install_language($lang_id, $lang_info['name_eng'], $lang_info['name'], ENANO_ROOT . "/language/{$lang_info['dir']}/core.json");
+ if ( !$result )
+ return false;
+
+ $lang_local = new Language($lang_id);
+ $lang_local->import( ENANO_ROOT . "/language/{$lang_info['dir']}/user.json" );
+ $lang_local->import( ENANO_ROOT . "/language/{$lang_info['dir']}/tools.json" );
+ $lang_local->import( ENANO_ROOT . "/language/{$lang_info['dir']}/admin.json" );
+
+ return true;
+}
--- a/install/includes/libenanoinstall.php Thu Jan 17 09:39:56 2008 -0500
+++ b/install/includes/libenanoinstall.php Thu Jan 17 23:31:35 2008 -0500
@@ -99,15 +99,18 @@
$key = htmlspecialchars($key);
$post_data .= " <input type=\"hidden\" name=\"$key\" value=\"$value\" />\n";
}
- echo '<form action="install.php?stage=install&sub=' . $stage_id . '" method="post">
- ' . $post_data . '
- <input type="hidden" name="resume_stack" value="' . htmlspecialchars(implode('|', $resume_stack)) . '" />
- <h3>' . $lang->get('meta_msg_err_stagefailed_title') . '</h3>
- <p>' . $failure_explanation . '</p>
- ' . ( !empty($mysql_error) ? "<p>" . $lang->get('meta_msg_err_stagefailed_mysqlerror') . " $mysql_error</p>" : '' ) . '
- <p>' . $lang->get('meta_msg_err_stagefailed_body') . '</p>
- <p style="text-align: center;"><input type="submit" value="' . $lang->get('meta_btn_retry_installation') . '" /></p>
- </form>';
+ if ( $stage_id == 'renameconfig' )
+ echo '<p>' . $failure_explanation . '</p>';
+ else
+ echo '<form action="install.php?stage=install&sub=' . $stage_id . '" method="post">
+ ' . $post_data . '
+ <input type="hidden" name="resume_stack" value="' . htmlspecialchars(implode('|', $resume_stack)) . '" />
+ <h3>' . $lang->get('meta_msg_err_stagefailed_title') . '</h3>
+ <p>' . $failure_explanation . '</p>
+ ' . ( !empty($mysql_error) ? "<p>" . $lang->get('meta_msg_err_stagefailed_mysqlerror') . " $mysql_error</p>" : '' ) . '
+ <p>' . $lang->get('meta_msg_err_stagefailed_body') . '</p>
+ <p style="text-align: center;"><input type="submit" value="' . $lang->get('meta_btn_retry_installation') . '" /></p>
+ </form>';
global $ui;
$ui->show_footer();
exit;
--- a/install/includes/payload.php Thu Jan 17 09:39:56 2008 -0500
+++ b/install/includes/payload.php Thu Jan 17 23:31:35 2008 -0500
@@ -89,7 +89,7 @@
function stg_load_schema()
{
- global $db, $dbdriver, $installer_version;
+ global $db, $dbdriver, $installer_version, $lang_id, $languages;
static $sql_parser = false;
if ( is_object($sql_parser) )
@@ -114,6 +114,18 @@
return false;
}
+ $wkt = ENANO_ROOT . "/language/{$languages[$lang_id]['dir']}/install/mainpage-default.wkt";
+ if ( !file_exists( $wkt ) )
+ {
+ echo '<div class="error-box">Error: could not locate wikitext for main page (' . $wkt . ')</div>';
+ return false;
+ }
+ $wkt = @file_get_contents($wkt);
+ if ( empty($wkt) )
+ return false;
+
+ $wkt = $db->escape($wkt);
+
$vars = array(
'TABLE_PREFIX' => $_POST['table_prefix'],
'SITE_NAME' => $db->escape($_POST['site_name']),
@@ -128,7 +140,8 @@
'ADMIN_EMAIL' => $db->escape($_POST['email']),
'REAL_NAME' => '', // This has always been stubbed.
'ADMIN_EMBED_PHP' => strval(AUTH_DISALLOW),
- 'UNIX_TIME' => strval(time())
+ 'UNIX_TIME' => strval(time()),
+ 'MAIN_PAGE_CONTENT' => $wkt
);
$sql_parser->assign_vars($vars);
@@ -310,3 +323,92 @@
return true;
}
+
+function stg_init_logs()
+{
+ global $db, $session, $paths, $template, $plugins; // Common objects
+ global $installer_version;
+
+ $q = $db->sql_query('INSERT INTO ' . table_prefix . 'logs(log_type,action,time_id,date_string,author,page_text,edit_summary) VALUES(\'security\', \'install_enano\', ' . time() . ', \'' . enano_date('d M Y h:i a') . '\', \'' . $db->escape($_POST['admin_user']) . '\', \'' . $db->escape(enano_version()) . '\', \'' . $db->escape($_SERVER['REMOTE_ADDR']) . '\');');
+ if ( !$q )
+ {
+ echo '<p><tt>MySQL return: ' . $db->sql_error() . '</tt></p>';
+ return false;
+ }
+
+ return true;
+}
+
+function stg_aes_cleanup()
+{
+ global $db, $session, $paths, $template, $plugins; // Common objects
+ $q = $db->sql_query('DELETE FROM ' . table_prefix . 'config WHERE config_name = \'install_aes_key\' OR config_name = \'site_aes_key\';');
+ if ( !$q )
+ $db->_die();
+ return true;
+}
+
+function _stg_rename_config_revert()
+{
+ if ( file_exists('./config.php') )
+ {
+ @rename('./config.php', './config.new.php');
+ }
+
+ $handle = @fopen('./config.php.new', 'w');
+ if ( !$handle )
+ return false;
+ $contents = '<?php $cryptkey = \'' . _INSTRESUME_AES_KEYBACKUP . '\'; ?>';
+ fwrite($handle, $contents);
+ fclose($handle);
+ return true;
+}
+
+function stg_build_index()
+{
+ global $db, $session, $paths, $template, $plugins; // Common objects
+ if ( $paths->rebuild_search_index() )
+ return true;
+ return false;
+}
+
+function stg_rename_config()
+{
+ if ( !@rename(ENANO_ROOT . '/config.new.php', ENANO_ROOT . '/config.php') )
+ {
+ echo '<p>Can\'t rename config.php</p>';
+ _stg_rename_config_revert();
+ return false;
+ }
+
+ if ( filesize(ENANO_ROOT . '/.htaccess.new') > 1 )
+ {
+ // rename/possibly concatenate .htaccess.new
+ $htaccess_base = '';
+ if ( file_exists(ENANO_ROOT . '/.htaccess') )
+ $htaccess_base .= @file_get_contents(ENANO_ROOT . '/.htaccess');
+ if ( strlen($htaccess_base) > 0 && !preg_match("/\n$/", $htaccess_base) )
+ $htaccess_base .= "\n\n";
+ $htaccess_base .= @file_get_contents(ENANO_ROOT . '/.htaccess.new');
+ if ( file_exists(ENANO_ROOT . '/.htaccess') )
+ {
+ $hh = @fopen(ENANO_ROOT . '/.htaccess', 'w');
+ if ( !$hh )
+ return false;
+ fwrite($hh, $htaccess_base);
+ fclose($hh);
+ @unlink(ENANO_ROOT . '/.htaccess.new');
+ return true;
+ }
+ else
+ {
+ return @rename(ENANO_ROOT . '/.htaccess.new', ENANO_ROOT . '/.htaccess');
+ }
+ }
+ else
+ {
+ @unlink(ENANO_ROOT . '/.htaccess.new');
+ }
+ return true;
+}
+
--- a/install/includes/stages/database_post.php Thu Jan 17 09:39:56 2008 -0500
+++ b/install/includes/stages/database_post.php Thu Jan 17 23:31:35 2008 -0500
@@ -26,14 +26,68 @@
$db_pass =& $_POST['db_pass'];
$db_name =& $_POST['db_name'];
$db_prefix =& $_POST['table_prefix'];
+$db_root_user =& $_POST['db_root_user'];
+$db_root_pass =& $_POST['db_root_pass'];
+
+if ( !preg_match('/^[a-z0-9_]*$/', $db_prefix) )
+{
+ $ui->show_header();
+ echo '<p>That table prefix isn\'t going to work.</p>';
+ return true;
+}
$result = $dbal->connect(true, $db_host, $db_user, $db_pass, $db_name);
+// If connection failed, we have the root login, AND we're on MySQL, try to force our way in
+if ( !$result && !empty($_POST['db_root_user']) && !empty($_POST['db_root_pass']) && $driver == 'mysql' )
+{
+ // Allow a jump / breakout
+ switch ( 'foo' ) { case 'foo':
+
+ // Try to connect to the DB as root
+ $result_root = $dbal->connect(true, $db_host, $db_root_user, $db_root_pass, 'mysql');
+ if ( !$result_root )
+ break;
+
+ $q = $dbal->sql_query('CREATE DATABASE IF NOT EXISTS `' . $dbal->escape($db_name) . '`;');
+ if ( !$q )
+ break;
+
+ if ( $db_host == 'localhost' || $db_host == '127.0.0.1' )
+ {
+ $q = $dbal->sql_query('GRANT ALL PRIVILEGES ON `' . $dbal->escape($db_name) . '`.* TO \'' . $dbal->escape($db_user) . '\'@\'localhost\'' . "\n" .
+ ' IDENTIFIED BY \'' . $dbal->escape($db_pass) . '\' WITH GRANT OPTION');
+ }
+ else
+ {
+ $q = $dbal->sql_query('GRANT ALL PRIVILEGES ON `' . $dbal->escape($db_name) . '`.* TO \'' . $dbal->escape($db_user) . '\'@\'%\'' . "\n" .
+ ' IDENTIFIED BY \'' . $dbal->escape($db_pass) . '\' WITH GRANT OPTION');
+ }
+
+ if ( !$q )
+ break;
+
+ $dbal->close();
+ $result = $dbal->connect(true, $db_host, $db_user, $db_pass, $db_name);
+
+ break;
+ }
+}
+
$ui->show_header();
if ( $result )
{
- // We're good, write out a config file
+ // We're good, do table drop if requested
+ if ( isset($_POST['drop_tables']) )
+ {
+ global $system_table_list;
+ foreach ( $system_table_list as $table )
+ {
+ $dbal->sql_query("DROP TABLE {$db_prefix}$table");
+ }
+ }
+ // Write out a config file
$ch = @fopen( ENANO_ROOT . '/config.new.php', 'w' );
if ( !$ch )
{
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/install/includes/stages/finish.php Thu Jan 17 23:31:35 2008 -0500
@@ -0,0 +1,76 @@
+<?php
+
+/*
+ * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
+ * Version 1.1.1
+ * Copyright (C) 2006-2007 Dan Fuhry
+ * Installation package
+ * finish.php - Installer finalization stage
+ *
+ * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
+ */
+
+if ( !defined('IN_ENANO_INSTALL') )
+ die();
+
+require ( ENANO_ROOT . '/install/includes/libenanoinstall.php' );
+require ( ENANO_ROOT . '/install/includes/sql_parse.php' );
+require ( ENANO_ROOT . '/includes/common.php' );
+
+if ( !in_array($dbdriver, $supported_drivers) )
+{
+ $ui->show_header();
+ echo '<h3>Installation error</h3>
+ <p>ERROR: That database driver is not supported.</p>';
+ return true;
+}
+
+$db = new $dbdriver();
+$db->connect();
+
+$ui->show_header();
+flush();
+
+?>
+<h3>Performing final installation steps</h3>
+<p>Enano is cleaning up and performing some final installation tasks. Please wait...</p>
+
+<?php
+
+@set_time_limit(0);
+
+function stg_load_files()
+{
+ global $dbdriver;
+ if ( !@include( ENANO_ROOT . "/install/includes/payload.php" ) )
+ return false;
+
+ return true;
+}
+
+// FIXME: l10n
+start_install_table();
+
+run_installer_stage('load', 'Load installer files', 'stg_load_files', 'One of the files needed for installation couldn\'t be loaded. Please check your Enano directory.', false);
+run_installer_stage('cleanup', 'Clean up encryption keys', 'stg_aes_cleanup', 'There was a database error while removing the temporary encryption keys from the database. For maximum site security you should delete the config entries install_aes_key and site_aes_key manually.', false);
+run_installer_stage('buildindex', $lang->get('install_stg_buildindex_title'), 'stg_build_index', $lang->get('install_stg_buildindex_body'));
+run_installer_stage('renameconfig', $lang->get('install_stg_rename_title'), 'stg_rename_config', $lang->get('install_stg_rename_body', array('mainpage_link' => scriptPath . '/index.php')));
+
+close_install_table();
+
+?>
+<h3>Congratulations! You've finished installing Enano.</h3>
+<p>Enano has finished setting up on your server. Now you can go to your <a href="<?php echo makeUrlNS('Article', 'Main_Page');?>">new
+ website</a> and start creating content!</p>
+<?php
+ echo $lang->get('finish_body');
+ echo '<p>' . $lang->get('finish_link_mainpage', array('mainpage_link' => scriptPath . '/index.php')) . '</p>';
+?>
+<?php
+
+$db->close();
+
--- a/install/includes/stages/install.php Thu Jan 17 09:39:56 2008 -0500
+++ b/install/includes/stages/install.php Thu Jan 17 23:31:35 2008 -0500
@@ -107,7 +107,19 @@
// Import languages
run_installer_stage('importlang', $lang->get('install_stg_importlang_title'), 'stg_language_setup', $lang->get('install_stg_importlang_body'));
+// Init logs
+run_installer_stage('initlogs', $lang->get('install_stg_initlogs_title'), 'stg_init_logs', $lang->get('install_stg_initlogs_body'));
+
close_install_table();
+?>
+<form action="install.php?stage=finish" method="post">
+ <input type="hidden" name="language" value="<?php echo $lang_id; ?>" />
+ <div style="text-align: center;">
+ <input type="submit" name="_cont" value="<?php echo $lang->get('meta_btn_continue'); ?>" tabindex="1" />
+ </div>
+</form>
+<?php
+
$db->close();
--- a/install/install.php Thu Jan 17 09:39:56 2008 -0500
+++ b/install/install.php Thu Jan 17 23:31:35 2008 -0500
@@ -19,6 +19,7 @@
define('ENANO_DANGEROUS', 1);
require_once('includes/common.php');
+@ini_set('display_errors', 'on');
$stages = array('language', 'license', 'sysreqs', 'database', 'website', 'login', 'confirm', 'install', 'finish');
$stage_ids = array();
@@ -268,6 +269,9 @@
case 'install':
require( ENANO_ROOT . '/install/includes/stages/install.php' );
break;
+ case 'finish':
+ require( ENANO_ROOT . '/install/includes/stages/finish.php' );
+ break;
}
$ui->show_footer();
--- a/install/schemas/mysql_stage2.sql Thu Jan 17 09:39:56 2008 -0500
+++ b/install/schemas/mysql_stage2.sql Thu Jan 17 23:31:35 2008 -0500
@@ -181,6 +181,12 @@
PRIMARY KEY ( hit_id )
) CHARACTER SET `utf8` COLLATE `utf8_bin`;
+CREATE TABLE {{TABLE_PREFIX}}search_index(
+ word varchar(64) NOT NULL,
+ page_names text,
+ PRIMARY KEY ( word )
+) CHARACTER SET `utf8` COLLATE `utf8_bin`;
+
CREATE TABLE {{TABLE_PREFIX}}groups(
group_id mediumint(5) UNSIGNED NOT NULL auto_increment,
group_name varchar(64),
@@ -300,7 +306,10 @@
('powered_btn', '1');
INSERT INTO {{TABLE_PREFIX}}page_text(page_id, namespace, page_text, char_tag) VALUES
- ('Main_Page', 'Article', '=== Enano has been successfully installed and is working. ===\n\nIf you can see this message, it means that you\'ve finished the Enano setup process and are ready to start building your website. Congratulations!\n\nTo edit this front page, click the Log In button to the left, enter the credentials you provided during the installation, and click the Edit This Page button that appears on the blue toolbar just above this text. You can also [http://docs.enanocms.org/Help:2.4 learn more] about editing pages.\n\nTo create more pages, use the Create a Page button to the left. If you enabled wiki mode, you don\'t have to log in first, however your IP address will be shown in the page history.\n\nVisit the [http://docs.enanocms.org/Help:Contents Enano documentation project website] to learn more about administering your site effectively and keeping things secure.\n\n\'\'\'NOTE:\'\'\' You have just installed an unstable version of Enano. This release is completely unsupported and may contain security issues or serious usability bugs. You should not use this release on a production website. The Enano team will not provide any type of support at all for this experimental release.', '');
+ ('Main_Page', 'Article', '{{MAIN_PAGE_CONTENT}}', '');
+
+INSERT INTO {{TABLE_PREFIX}}logs(time_id, date_string, log_type, action, page_id, namespace, author, page_text) VALUES
+ ({{UNIX_TIME}}, 'DEPRECATED', 'page', 'edit', 'Main_Page', 'Article', '{{ADMIN_USER}}', '{{MAIN_PAGE_CONTENT}}');
INSERT INTO {{TABLE_PREFIX}}pages(page_order, name, urlname, namespace, special, visible, comments_on, protected, delvotes, delvote_ips) VALUES
(NULL, 'Main Page', 'Main_Page', 'Article', 0, 1, 1, 1, 0, '');
--- a/install/schemas/postgresql_stage2.sql Thu Jan 17 09:39:56 2008 -0500
+++ b/install/schemas/postgresql_stage2.sql Thu Jan 17 23:31:35 2008 -0500
@@ -177,6 +177,12 @@
PRIMARY KEY ( hit_id )
);
+CREATE TABLE {{TABLE_PREFIX}}search_index(
+ word varchar(64) NOT NULL,
+ page_names text,
+ PRIMARY KEY ( word )
+);
+
CREATE TABLE {{TABLE_PREFIX}}groups(
group_id SERIAL,
group_name varchar(64),
--- a/language/english/install.json Thu Jan 17 09:39:56 2008 -0500
+++ b/language/english/install.json Thu Jan 17 23:31:35 2008 -0500
@@ -273,7 +273,13 @@
stg_writeconfig_title: 'Write configuration files',
stg_writeconfig_body: 'Enano was unable to write the configuration file with your site\'s database credentials. This is almost always because your configuration file does not have the correct permissions. On Windows servers, you may see this message even if the check on the System Requirements page passed. Temporarily running IIS as the Administrator user may help.',
stg_rename_title: 'Rename configuration files',
- stg_rename_body: 'Enano couldn\'t rename the configuration files to their correct production names. Please CHMOD the folder where your Enano files are to 777 and click the retry button below, <b><u>or</u></b> perform the following rename operations and then <a href="install.php?mode=finish">finish the installation</a>.<ul><li>Rename config.new.php to config.php</li><li>Rename .htaccess.new to .htaccess (only if you selected Tiny URLs)</li></ul>',
+ stg_rename_body: 'Enano couldn\'t rename the configuration files to their correct production names. <span style="font-weight: bold; color: red;">Please perform the following rename operations and then follow the instructions to finish the installation below.</span>
+ <ul>
+ <li>Rename config.new.php to config.php</li>
+ <li>Rename .htaccess.new to .htaccess (only if you selected the Rewrite URL scheme)</li>
+ </ul>
+ %this.finish_body%
+ %this.finish_link_mainpage%',
stg_startapi_title: 'Start the Enano API',
stg_startapi_body: 'The Enano API could not be started. This is an error that should never occur; please contact the Enano team for support.',
stg_importlang_title: 'Import default language',
@@ -292,8 +298,7 @@
modetitle: 'Finish',
modetitle_long: 'Complete installation',
msg_congratulations: 'Congratulations!',
- body: '<p>You have finished installing Enano on this server.</p>
- <h3>Now what?</h3>
+ body: '<h3>Wait... Now what?</h3>
<p>Click the link below to see the main page for your website. Where to go from here:</p>
<ul>
<li>The first thing you should do is log into your site using the Log in link on the sidebar.</li>
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/language/english/install/mainpage-default.wkt Thu Jan 17 23:31:35 2008 -0500
@@ -0,0 +1,11 @@
+=== Enano has been successfully installed and is working. ===
+
+If you can see this message, it means that you've finished the Enano setup process and are ready to start building your website. Congratulations!
+
+To edit this front page, click the Log In button to the left, enter the credentials you provided during the installation, and click the Edit This Page button that appears on the blue toolbar just above this text. You can also [http://docs.enanocms.org/Help:2.4 learn more] about editing pages.
+
+To create more pages, use the Create a Page button to the left. If you enabled wiki mode, you don't have to log in first, however your IP address will be shown in the page history.
+
+Visit the [http://docs.enanocms.org/Help:Contents Enano documentation project website] to learn more about administering your site effectively and keeping things secure.
+
+'''NOTE:''' You have just installed an unstable version of Enano. This release is completely unsupported and may contain security issues or serious usability bugs. You should not use this release on a production website. The Enano team will not provide any type of support at all for this experimental release.