2013-08-07 20:32:44 +02:00
< ? php
2013-08-24 23:53:52 +02:00
require_once ( 'inc/CSRF.inc.php' );
2013-08-12 09:52:50 +02:00
if ( file_exists ( 'data/config.php' )) exit ( " Your Bouffe@Ulm instance is already configured. You should either delete data/config.php to access this page or delete the install.php for security reasons if you are ok with the configuration. " );
2013-08-07 20:32:44 +02:00
if ( ! function_exists ( " file_get_contents " ) && ! function_exists ( " file_put_contents " )) {
$error = " Functions <em>file_get_contents</em> and <em>file_put_contents</em> seems to not be available on your PHP installation. You should enable them first. " ;
$block_form = true ;
}
2013-08-12 09:52:50 +02:00
if ( ! is_writable ( 'data/' )) {
$error = " The script seems to be unable to write to <em>data/</em> folder (to write the <em>data/config.php</em> configuration file). You should give write access during install and disable them after (chmod 777 -R data/ to install and chmod 755 -R data/ after installation for example). " ;
2013-08-08 22:55:12 +02:00
$block_form = true ;
}
2013-08-24 23:53:52 +02:00
if ( ! empty ( $_POST [ 'mysql_host' ]) && ! empty ( $_POST [ 'mysql_login' ]) && ! empty ( $_POST [ 'mysql_db' ]) && ! empty ( $_POST [ 'admin_login' ]) && ! empty ( $_POST [ 'admin_password' ]) && ! empty ( $_POST [ 'currency' ]) && ! empty ( $_POST [ 'instance_title' ]) && ! empty ( $_POST [ 'base_url' ]) && ! empty ( $_POST [ 'timezone' ]) && ! empty ( $_POST [ 'email_webmaster' ]) && check_token ( 600 , 'install' )) {
2013-08-07 20:32:44 +02:00
$mysql_host = $_POST [ 'mysql_host' ];
$mysql_login = $_POST [ 'mysql_login' ];
2013-08-08 22:55:12 +02:00
$mysql_db = $_POST [ 'mysql_db' ];
2013-08-07 20:32:44 +02:00
$mysql_password = $_POST [ 'mysql_password' ];
2013-08-08 22:55:12 +02:00
$mysql_prefix = ( ! empty ( $_POST [ 'mysql_prefix' ])) ? $_POST [ 'mysql_prefix' ] : '' ;
2013-08-07 20:32:44 +02:00
$instance_title = ( ! empty ( $_POST [ 'instance_title' ])) ? $_POST [ 'instance_title' ] : 'Bouffe@Ulm' ;
try {
2013-08-08 22:55:12 +02:00
$db = new PDO ( 'mysql:host=' . $mysql_host . ';dbname=' . $mysql_db , $mysql_login , $mysql_password );
//Create table "Users"
2013-08-13 19:37:11 +02:00
$db -> query ( 'CREATE TABLE IF NOT EXISTS ' . $mysql_prefix . 'Users (id INT(11) NOT NULL AUTO_INCREMENT PRIMARY KEY, login VARCHAR(255), display_name VARCHAR(255), password VARCHAR(130), admin TINYINT(1)) DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci' );
2013-08-08 22:55:12 +02:00
2013-08-13 19:37:11 +02:00
//Create table "Invoices"
$db -> query ( 'CREATE TABLE IF NOT EXISTS ' . $mysql_prefix . 'Invoices (id INT(11) NOT NULL AUTO_INCREMENT PRIMARY KEY, date INT(11), users_in VARCHAR(255), buyer INT(11), amount FLOAT, what TEXT) DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci' );
2013-08-22 23:14:14 +02:00
//Create table "Users_in_invoice"
$db -> query ( 'CREATE TABLE IF NOT EXISTS ' . $mysql_prefix . 'Users_in_invoices (invoice_id INT(11) NOT NULL, KEY invoice_id (invoice_id), user_id INT(11), KEY user_id (user_id), guests INT(11)) DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci' );
2013-08-08 22:55:12 +02:00
//Create table "Payback" - TODO
2013-08-07 23:29:57 +02:00
} catch ( PDOException $e ) {
2013-08-08 22:55:12 +02:00
$error = 'Unable to connect to database, check your credentials and config.<br/>Error message : ' . $e -> getMessage () . '.' ;
2013-08-07 20:32:44 +02:00
}
2013-08-24 23:28:56 +02:00
if ( ! filter_var ( $_POST [ 'email_webmaster' ], FILTER_VALIDATE_EMAIL )) {
$email = 'Webmaster\'s e-mail address is invalid.' ;
}
2013-08-08 22:55:12 +02:00
2013-08-07 20:32:44 +02:00
if ( empty ( $error )) {
2013-08-07 23:53:46 +02:00
if ( function_exists ( 'mcrypt_create_iv' )) {
2013-08-08 22:55:12 +02:00
$salt = strtr ( base64_encode ( mcrypt_create_iv ( 16 , MCRYPT_DEV_URANDOM )), '+' , '.' );
2013-08-07 23:53:46 +02:00
}
else {
mt_srand ( microtime ( true ) * 100000 + memory_get_usage ( true ));
$salt = md5 ( uniqid ( mt_rand (), true ));
}
2013-08-08 22:55:12 +02:00
$salt = sprintf ( " $ 2a $ %02d $ " , 10 ) . $salt ; //prefix for blowfish
2013-08-07 20:32:44 +02:00
2013-08-08 22:55:12 +02:00
$config = " <?php
define ( 'VERSION_NUMBER' , '2.0' );
define ( 'MYSQL_HOST' , '".$mysql_host."' );
define ( 'MYSQL_LOGIN' , '".$mysql_login."' );
define ( 'MYSQL_PASSWORD' , '".$mysql_password."' );
define ( 'MYSQL_DB' , '".$mysql_db."' );
define ( 'MYSQL_PREFIX' , '".$mysql_prefix."' );
define ( 'INSTANCE_TITLE' , '".$instance_title."' );
define ( 'BASE_URL' , '".$_POST[' base_url ']."' );
2013-08-11 22:25:25 +02:00
define ( 'SALT' , '".$salt."' );
2013-08-13 19:37:11 +02:00
define ( 'CURRENCY' , '".$_POST[' currency ']."' );
2013-08-24 23:28:56 +02:00
define ( 'EMAIL_WEBMASTER' , '".$_POST[' email_webmaster ']."' );
2013-08-13 19:37:11 +02:00
date_default_timezone_set ( '".$_POST[' timezone ']."' );
" ;
2013-08-07 20:32:44 +02:00
2013-08-23 00:22:30 +02:00
if ( file_put_contents ( " data/config.php " , $config ) !== false && file_put_contents ( " data/notice " , '' ) !== false ) {
2013-08-07 23:53:46 +02:00
try {
2013-08-08 22:55:12 +02:00
require_once ( 'inc/User.class.php' );
2013-08-07 23:53:46 +02:00
$admin = new User ();
$admin -> setLogin ( $_POST [ 'admin_login' ]);
2013-08-13 17:58:14 +02:00
$admin -> setDisplayName ( $_POST [ 'admin_display_name' ]);
2013-08-09 00:44:43 +02:00
$admin -> setPassword ( $admin -> encrypt ( $_POST [ 'admin_password' ]));
2013-08-07 23:53:46 +02:00
$admin -> setAdmin ( true );
$admin -> save ();
header ( 'location: index.php' );
exit ();
} catch ( Exception $e ) {
2013-08-08 22:55:12 +02:00
$erreur = 'An error occurred when inserting user in the database.<br/> Error message : ' . $e -> getMessage () . '.' ;
2013-08-07 23:29:57 +02:00
}
}
2013-08-07 23:53:46 +02:00
else
2013-08-12 09:52:50 +02:00
$error = 'Unable to write configuration to config file data/config.php.' ;
2013-08-07 20:32:44 +02:00
}
}
?>
<! DOCTYPE html >
< html lang = " fr " >
< head >
< meta charset = " utf-8 " >
< title > Bouffe @ Ulm - Installation </ title >
< link rel = " stylesheet " media = " screen " type = " text/css " href = " tpl/css/style.css " />
2013-08-17 19:28:42 +02:00
< script type = " text/javascript " src = " tpl/js/main.js " ></ script >
2013-08-07 20:32:44 +02:00
</ head >
2013-08-07 23:53:46 +02:00
< body id = " install " >
< h1 class = " center " > Bouffe @ Ulm - Installation </ h1 >
2013-08-07 20:32:44 +02:00
< ? php
if ( ! empty ( $error )) {
echo '<p class="error">' . $error . '</p>' ;
}
?>
2013-08-08 22:55:12 +02:00
< p class = " center " > This small form will guide you through the installation of Bouffe @ Ulm . You must fill in all the fields .</ p >
2013-08-07 20:32:44 +02:00
< form action = " install.php " method = " post " >
< fieldset >
< legend > Database </ legend >
< p >< label for = " mysql_host " > MySQL host : </ label >< input type = " text " name = " mysql_host " id = " mysql_host " value = " <?php echo (!empty( $_POST['mysql_host'] )) ? htmlspecialchars( $_POST['mysql_host'] ) : 'localhost';?> " /></ p >
< p >< label for = " mysql_login " > MySQL login : </ label >< input type = " text " name = " mysql_login " id = " mysql_login " value = " <?php echo (!empty( $_POST['mysql_login'] )) ? htmlspecialchars( $_POST['mysql_login'] ) : '';?> " /></ p >
2013-08-17 19:28:42 +02:00
< p >< label for = " mysql_password " > MySQL password : </ label >< input type = " password " name = " mysql_password " id = " mysql_password " /> < a href = " " onclick = " toggle_password('mysql_password'); return false; " >< img src = " img/toggle_password.jpg " alt = " Toggle visible " /></ a ></ p >
2013-08-07 20:32:44 +02:00
< p >
< label for = " mysql_db " > Name of the MySQL database to use : </ label >< input type = " text " name = " mysql_db " id = " mysql_db " value = " <?php echo (!empty( $_POST['mysql_db'] )) ? htmlspecialchars( $_POST['mysql_db'] ) : 'Bouffe@Ulm';?> " />< br />
< em > Note :</ em > You < em > must </ em > create this database first .
</ p >
2013-08-08 22:55:12 +02:00
< p >< label for = " mysql_prefix " > Prefix for the created tables : </ label >< input type = " text " name = " mysql_prefix " id = " mysql_prefix " value = " <?php echo (!empty( $_POST['mysql_prefix'] )) ? htmlspecialchars( $_POST['mysql_prefix'] ) : 'bouffeatulm_';?> " />< br />
< em > Note :</ em > Leave the field blank to not use any .</ p >
2013-08-07 20:32:44 +02:00
</ fieldset >
< fieldset >
< legend > General options </ legend >
2013-08-08 22:55:12 +02:00
< p >< label for = " instance_title " > Title to display in pages : </ label >< input type = " text " name = " instance_title " id = " instance_title " value = " <?php echo (!empty( $_POST['instance_title'] )) ? htmlspecialchars( $_POST['instance_title'] ) : 'Bouffe@Ulm';?> " /></ p >
2013-08-07 23:29:57 +02:00
< p >
2013-08-08 22:55:12 +02:00
< label for = " base_url " > Base URL : </ label >< input type = " text " size = " 30 " name = " base_url " id = " base_url " value = " <?php echo (!empty( $_POST['base_url'] )) ? htmlspecialchars( $_POST['base_url'] ) : 'http'.(empty( $_SERVER['HTTPS'] )?'':'s').'://'. $_SERVER['SERVER_NAME'] .str_replace( " install . php " , " " , $_SERVER['REQUEST_URI'] ); ?> " />< br />
< em > Note :</ em > This is the base URL from which you access this page . You must keep the trailing " / " in the above address .
2013-08-07 23:29:57 +02:00
</ p >
2013-08-11 22:25:25 +02:00
< p >< label for = " currency " > Currency : </ label >< input type = " text " name = " currency " id = " currency " size = " 3 " /></ p >
2013-08-13 19:37:11 +02:00
< p >
< label for = " timezone " > Timezone : </ label >< input type = " text " name = " timezone " id = " timezone " value = " <?php echo @date_default_timezone_get();?> " />< br />
< em > For example :</ em > Europe / Paris . See the doc for more info .
</ p >
2013-08-24 23:28:56 +02:00
< p >< label for = " email_webmaster " > Webmaster ' s email : </ label >< input type = " text " name = " email_webmaster " id = " email_webmaster " /></ p >
2013-08-07 23:29:57 +02:00
</ fieldset >
< fieldset >
< legend > Administrator </ legend >
2013-08-08 22:55:12 +02:00
< p >< label for = " admin_login " > Username of the admin : </ label >< input type = " text " name = " admin_login " id = " admin_login " < ? php echo ( ! empty ( $_POST [ 'admin_login' ])) ? 'value="' . htmlspecialchars ( $_POST [ 'admin_login' ]) . '"' : '' ; ?> /></p>
2013-08-13 17:58:14 +02:00
< p >< label for = " admin_display_name " > Displayed name for admin user : </ label >< input type = " text " name = " admin_display_name " id = " admin_display_name " < ? php echo ( ! empty ( $_POST [ 'admin_display_name' ]) ? 'value="' . htmlspecialchars ( $_POST [ 'admin_display_name' ]) . '"' : '' ); ?> /></p>
2013-08-17 19:28:42 +02:00
< p >< label for = " admin_password " > Password for the admin : </ label >< input type = " password " name = " admin_password " id = " admin_password " /> < a href = " " onclick = " toggle_password('admin_password'); return false; " >< img src = " img/toggle_password.jpg " alt = " Toggle visible " /></ a ></ p >
2013-08-07 20:32:44 +02:00
</ fieldset >
2013-08-24 23:53:52 +02:00
< p class = " center " >< input < ? php echo ( ! empty ( $block_form )) ? 'disabled ' : '' ; ?> type="submit" value="Install"><input type="hidden" name="token" value="<?php echo generate_token('install');?>"/></p>
2013-08-07 20:32:44 +02:00
</ form >
</ body >
</ html >