2013-08-07 20:32:44 +02:00
< ? php
2013-08-24 23:53:52 +02:00
require_once ( 'inc/CSRF.inc.php' );
2013-08-26 09:52:04 +02:00
if ( file_exists ( 'data/config.php' )) exit ( '<p>Your Bouffe@Ulm instance is already configured. You should either delete data/config.php to access this page or delete the install.php for security reasons if you are ok with the configuration.<br/><a href="index.php">Go to your instance</a>.</p>' );
2013-08-07 20:32:44 +02:00
if ( ! function_exists ( " file_get_contents " ) && ! function_exists ( " file_put_contents " )) {
$error = " Functions <em>file_get_contents</em> and <em>file_put_contents</em> seems to not be available on your PHP installation. You should enable them first. " ;
$block_form = true ;
}
2013-08-12 09:52:50 +02:00
if ( ! is_writable ( 'data/' )) {
2013-09-23 23:18:21 +02:00
$error = " The script seems to be unable to write to <em>data/</em> folder (to write the <em>data/config.php</em> configuration file). You should give write access during install and disable them after (chmod 777 -R data/ to install and chmod 755 -R data/ after installation for example). You'll need right access on this folder each time you will want to edit settings. " ;
$block_form = true ;
}
2014-01-05 14:36:50 +01:00
if ( ! is_writable ( 'tmp/' )) {
$error = " The script seems to be unable to write to <em>tmp/</em> folder (to store the cached files for templates). You should give write (chmod 777 -R tmp/. " ;
$block_form = true ;
}
2013-09-23 23:18:21 +02:00
if ( ! is_writable ( 'db_backups/' )) {
$error = " The script seems to be unable to write to <em>db_backups/</em> folder (to write the database backups). You should give write access. " ;
2013-08-08 22:55:12 +02:00
$block_form = true ;
}
2013-09-05 23:46:51 +02:00
if ( ! empty ( $_POST [ 'mysql_host' ]) && ! empty ( $_POST [ 'mysql_login' ]) && ! empty ( $_POST [ 'mysql_db' ]) && ! empty ( $_POST [ 'admin_login' ]) && ! empty ( $_POST [ 'admin_password' ]) && ! empty ( $_POST [ 'currency' ]) && ! empty ( $_POST [ 'instance_title' ]) && ! empty ( $_POST [ 'base_url' ]) && ! empty ( $_POST [ 'timezone' ]) && ! empty ( $_POST [ 'email_webmaster' ]) && check_token ( 600 , 'install' ) && ! empty ( $_POST [ 'lang' ])) {
2013-08-07 20:32:44 +02:00
$mysql_host = $_POST [ 'mysql_host' ];
$mysql_login = $_POST [ 'mysql_login' ];
2013-08-08 22:55:12 +02:00
$mysql_db = $_POST [ 'mysql_db' ];
2013-08-07 20:32:44 +02:00
$mysql_password = $_POST [ 'mysql_password' ];
2013-08-08 22:55:12 +02:00
$mysql_prefix = ( ! empty ( $_POST [ 'mysql_prefix' ])) ? $_POST [ 'mysql_prefix' ] : '' ;
2013-08-07 20:32:44 +02:00
$instance_title = ( ! empty ( $_POST [ 'instance_title' ])) ? $_POST [ 'instance_title' ] : 'Bouffe@Ulm' ;
try {
2013-08-08 22:55:12 +02:00
$db = new PDO ( 'mysql:host=' . $mysql_host . ';dbname=' . $mysql_db , $mysql_login , $mysql_password );
//Create table "Users"
2013-12-26 00:13:54 +01:00
$db -> query ( 'CREATE TABLE IF NOT EXISTS ' . $mysql_prefix . 'Users (id INT(11) NOT NULL AUTO_INCREMENT PRIMARY KEY, login VARCHAR(255), email VARCHAR(255), display_name VARCHAR(255), password VARCHAR(130), admin TINYINT(1), json_token VARCHAR(32), notifications TINYINT(1), stay_signed_in_token VARCHAR(32)) DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci' );
2013-08-26 09:29:30 +02:00
2013-08-13 19:37:11 +02:00
//Create table "Invoices"
2013-09-14 23:21:49 +02:00
$db -> query ( 'CREATE TABLE IF NOT EXISTS ' . $mysql_prefix . 'Invoices (id INT(11) NOT NULL AUTO_INCREMENT PRIMARY KEY, date DATETIME, buyer INT(11), amount INT(11), what TEXT) DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci' );
2013-08-22 23:14:14 +02:00
2013-08-26 09:29:30 +02:00
//Create table "Users_in_invoices"
2013-08-22 23:14:14 +02:00
$db -> query ( 'CREATE TABLE IF NOT EXISTS ' . $mysql_prefix . 'Users_in_invoices (invoice_id INT(11) NOT NULL, KEY invoice_id (invoice_id), user_id INT(11), KEY user_id (user_id), guests INT(11)) DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci' );
2013-08-26 09:29:30 +02:00
2013-09-10 23:07:39 +02:00
//Create table "Paybacks"
2013-09-14 23:21:49 +02:00
$db -> query ( 'CREATE TABLE IF NOT EXISTS ' . $mysql_prefix . 'Paybacks (id INT(11) NOT NULL AUTO_INCREMENT PRIMARY KEY, date DATETIME, invoice_id INT(11), KEY invoice_id (invoice_id), amount INT(11), from_user INT(11), to_user INT(11)) DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci' );
2013-09-23 23:43:53 +02:00
// Create table "GlobalPaybacks"
2013-09-29 19:38:39 +02:00
$db -> query ( 'CREATE TABLE IF NOT EXISTS ' . $mysql_prefix . 'GlobalPaybacks (id INT(11) NOT NULL AUTO_INCREMENT PRIMARY KEY, date DATETIME, closed TINYINT(1)) DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci' );
2013-09-23 23:43:53 +02:00
// Create table "Users_in_GlobalPaybacks"
$db -> query ( 'CREATE TABLE IF NOT EXISTS ' . $mysql_prefix . 'Users_in_GlobalPaybacks (global_payback_id INT(11) NOT NULL, KEY global_payback_id (global_payback_id), user1_id INT(11), user2_id INT(11), amount INT(11)) DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci' );
2013-08-07 23:29:57 +02:00
} catch ( PDOException $e ) {
2013-08-26 09:29:30 +02:00
$error = 'Unable to connect to database and create database, check your credentials and config.<br/>Error message : ' . $e -> getMessage () . '.' ;
2013-08-07 20:32:44 +02:00
}
2013-08-24 23:28:56 +02:00
if ( ! filter_var ( $_POST [ 'email_webmaster' ], FILTER_VALIDATE_EMAIL )) {
$email = 'Webmaster\'s e-mail address is invalid.' ;
}
2014-01-05 14:36:50 +01:00
2013-08-07 20:32:44 +02:00
if ( empty ( $error )) {
2013-08-07 23:53:46 +02:00
if ( function_exists ( 'mcrypt_create_iv' )) {
2013-08-08 22:55:12 +02:00
$salt = strtr ( base64_encode ( mcrypt_create_iv ( 16 , MCRYPT_DEV_URANDOM )), '+' , '.' );
2013-08-07 23:53:46 +02:00
}
else {
mt_srand ( microtime ( true ) * 100000 + memory_get_usage ( true ));
$salt = md5 ( uniqid ( mt_rand (), true ));
}
2013-08-08 22:55:12 +02:00
$salt = sprintf ( " $ 2a $ %02d $ " , 10 ) . $salt ; //prefix for blowfish
2013-08-07 20:32:44 +02:00
2013-08-08 22:55:12 +02:00
$config = " <?php
2013-08-26 09:29:30 +02:00
define ( 'VERSION_NUMBER' , '0.1beta' );
2013-08-08 22:55:12 +02:00
define ( 'MYSQL_HOST' , '".$mysql_host."' );
define ( 'MYSQL_LOGIN' , '".$mysql_login."' );
define ( 'MYSQL_PASSWORD' , '".$mysql_password."' );
define ( 'MYSQL_DB' , '".$mysql_db."' );
define ( 'MYSQL_PREFIX' , '".$mysql_prefix."' );
define ( 'INSTANCE_TITLE' , '".$instance_title."' );
define ( 'BASE_URL' , '".$_POST[' base_url ']."' );
2013-08-11 22:25:25 +02:00
define ( 'SALT' , '".$salt."' );
2013-08-13 19:37:11 +02:00
define ( 'CURRENCY' , '".$_POST[' currency ']."' );
2013-08-24 23:28:56 +02:00
define ( 'EMAIL_WEBMASTER' , '".$_POST[' email_webmaster ']."' );
2013-09-05 23:46:51 +02:00
define ( 'TEMPLATE_DIR' , 'tpl/default_".$_POST[' lang ']."/' );
define ( 'LANG' , '".$_POST[' lang ']."' );
2014-01-05 14:36:50 +01:00
2013-08-13 19:37:11 +02:00
date_default_timezone_set ( '".$_POST[' timezone ']."' );
" ;
2013-08-07 20:32:44 +02:00
2013-08-23 00:22:30 +02:00
if ( file_put_contents ( " data/config.php " , $config ) !== false && file_put_contents ( " data/notice " , '' ) !== false ) {
2013-08-07 23:53:46 +02:00
try {
2013-08-08 22:55:12 +02:00
require_once ( 'inc/User.class.php' );
2013-08-07 23:53:46 +02:00
$admin = new User ();
$admin -> setLogin ( $_POST [ 'admin_login' ]);
2013-08-13 17:58:14 +02:00
$admin -> setDisplayName ( $_POST [ 'admin_display_name' ]);
2013-08-09 00:44:43 +02:00
$admin -> setPassword ( $admin -> encrypt ( $_POST [ 'admin_password' ]));
2013-08-07 23:53:46 +02:00
$admin -> setAdmin ( true );
2013-10-03 16:57:56 +02:00
$admin -> setEmail ( $_POST [ 'email_webmaster' ]);
2013-12-29 18:41:55 +01:00
$admin -> setStaySignedInToken ( " " );
2013-10-03 16:57:56 +02:00
$admin -> setNotifications ( 3 );
2013-09-13 19:51:09 +02:00
$admin -> newJsonToken ();
2013-08-07 23:53:46 +02:00
$admin -> save ();
2013-08-26 09:29:30 +02:00
2013-09-13 19:33:40 +02:00
header ( 'location: index.php' );
exit ();
2013-08-07 23:53:46 +02:00
} catch ( Exception $e ) {
2013-10-03 16:57:56 +02:00
$error = 'An error occurred when inserting user in the database.<br/> Error message : ' . $e -> getMessage () . '.' ;
2013-08-07 23:29:57 +02:00
}
}
2013-08-07 23:53:46 +02:00
else
2013-08-12 09:52:50 +02:00
$error = 'Unable to write configuration to config file data/config.php.' ;
2013-08-07 20:32:44 +02:00
}
}
2014-01-05 14:36:50 +01:00
$token = generate_token ( 'install' );
2013-08-07 20:32:44 +02:00
?>
<! DOCTYPE html >
< html lang = " fr " >
< head >
< meta charset = " utf-8 " >
< title > Bouffe @ Ulm - Installation </ title >
2013-09-13 19:33:40 +02:00
< link rel = " stylesheet " media = " screen " type = " text/css " href = " tpl/default_en/css/style.css " />
< script type = " text/javascript " src = " tpl/default_en/js/main.js " ></ script >
2013-08-07 20:32:44 +02:00
</ head >
2013-08-07 23:53:46 +02:00
< body id = " install " >
< h1 class = " center " > Bouffe @ Ulm - Installation </ h1 >
2013-08-07 20:32:44 +02:00
< ? php
if ( ! empty ( $error )) {
echo '<p class="error">' . $error . '</p>' ;
}
?>
2013-08-08 22:55:12 +02:00
< p class = " center " > This small form will guide you through the installation of Bouffe @ Ulm . You must fill in all the fields .</ p >
2013-08-07 20:32:44 +02:00
< form action = " install.php " method = " post " >
< fieldset >
< legend > Database </ legend >
< p >< label for = " mysql_host " > MySQL host : </ label >< input type = " text " name = " mysql_host " id = " mysql_host " value = " <?php echo (!empty( $_POST['mysql_host'] )) ? htmlspecialchars( $_POST['mysql_host'] ) : 'localhost';?> " /></ p >
< p >< label for = " mysql_login " > MySQL login : </ label >< input type = " text " name = " mysql_login " id = " mysql_login " value = " <?php echo (!empty( $_POST['mysql_login'] )) ? htmlspecialchars( $_POST['mysql_login'] ) : '';?> " /></ p >
2013-09-13 19:33:40 +02:00
< p >< label for = " mysql_password " > MySQL password : </ label >< input type = " password " name = " mysql_password " id = " mysql_password " /> < a href = " " onclick = " toggle_password('mysql_password'); return false; " >< img src = " tpl/default_en/img/toggleVisible.png " alt = " Toggle visible " /></ a ></ p >
2013-08-07 20:32:44 +02:00
< p >
2014-01-05 14:36:50 +01:00
< label for = " mysql_db " > Name of the MySQL database to use : </ label >< input type = " text " name = " mysql_db " id = " mysql_db " value = " <?php echo (!empty( $_POST['mysql_db'] )) ? htmlspecialchars( $_POST['mysql_db'] ) : 'BouffeATUlm';?> " />< br />
2013-08-07 20:32:44 +02:00
< em > Note :</ em > You < em > must </ em > create this database first .
</ p >
2013-08-08 22:55:12 +02:00
< p >< label for = " mysql_prefix " > Prefix for the created tables : </ label >< input type = " text " name = " mysql_prefix " id = " mysql_prefix " value = " <?php echo (!empty( $_POST['mysql_prefix'] )) ? htmlspecialchars( $_POST['mysql_prefix'] ) : 'bouffeatulm_';?> " />< br />
< em > Note :</ em > Leave the field blank to not use any .</ p >
2013-08-07 20:32:44 +02:00
</ fieldset >
< fieldset >
< legend > General options </ legend >
2013-08-08 22:55:12 +02:00
< p >< label for = " instance_title " > Title to display in pages : </ label >< input type = " text " name = " instance_title " id = " instance_title " value = " <?php echo (!empty( $_POST['instance_title'] )) ? htmlspecialchars( $_POST['instance_title'] ) : 'Bouffe@Ulm';?> " /></ p >
2013-08-07 23:29:57 +02:00
< p >
2013-08-08 22:55:12 +02:00
< label for = " base_url " > Base URL : </ label >< input type = " text " size = " 30 " name = " base_url " id = " base_url " value = " <?php echo (!empty( $_POST['base_url'] )) ? htmlspecialchars( $_POST['base_url'] ) : 'http'.(empty( $_SERVER['HTTPS'] )?'':'s').'://'. $_SERVER['SERVER_NAME'] .str_replace( " install . php " , " " , $_SERVER['REQUEST_URI'] ); ?> " />< br />
< em > Note :</ em > This is the base URL from which you access this page . You must keep the trailing " / " in the above address .
2013-08-07 23:29:57 +02:00
</ p >
2013-08-11 22:25:25 +02:00
< p >< label for = " currency " > Currency : </ label >< input type = " text " name = " currency " id = " currency " size = " 3 " /></ p >
2013-08-13 19:37:11 +02:00
< p >
< label for = " timezone " > Timezone : </ label >< input type = " text " name = " timezone " id = " timezone " value = " <?php echo @date_default_timezone_get();?> " />< br />
< em > For example :</ em > Europe / Paris . See the doc for more info .
</ p >
2013-08-24 23:28:56 +02:00
< p >< label for = " email_webmaster " > Webmaster ' s email : </ label >< input type = " text " name = " email_webmaster " id = " email_webmaster " /></ p >
2013-09-05 23:46:51 +02:00
< p >< label for = " lang " > Lang : </ label >< select name = " lang " id = " lang " >< option value = " en " > English </ option >< option value = " fr " > French </ option ></ select ></ p >
2013-08-07 23:29:57 +02:00
</ fieldset >
< fieldset >
< legend > Administrator </ legend >
2013-08-08 22:55:12 +02:00
< p >< label for = " admin_login " > Username of the admin : </ label >< input type = " text " name = " admin_login " id = " admin_login " < ? php echo ( ! empty ( $_POST [ 'admin_login' ])) ? 'value="' . htmlspecialchars ( $_POST [ 'admin_login' ]) . '"' : '' ; ?> /></p>
2013-08-13 17:58:14 +02:00
< p >< label for = " admin_display_name " > Displayed name for admin user : </ label >< input type = " text " name = " admin_display_name " id = " admin_display_name " < ? php echo ( ! empty ( $_POST [ 'admin_display_name' ]) ? 'value="' . htmlspecialchars ( $_POST [ 'admin_display_name' ]) . '"' : '' ); ?> /></p>
2013-09-13 19:33:40 +02:00
< p >< label for = " admin_password " > Password for the admin : </ label >< input type = " password " name = " admin_password " id = " admin_password " /> < a href = " " onclick = " toggle_password('admin_password'); return false; " >< img src = " tpl/default_en/img/toggleVisible.png " alt = " Toggle visible " /></ a ></ p >
2013-08-07 20:32:44 +02:00
</ fieldset >
2014-01-05 14:36:50 +01:00
< p class = " center " >< input < ? php echo ( ! empty ( $block_form )) ? 'disabled ' : '' ; ?> type="submit" value="Install"><input type="hidden" name="token" value="<?php echo $token;?>"/></p>
2013-08-07 20:32:44 +02:00
</ form >
</ body >
</ html >