Location: PHPKode > projects > Gnew > Gnew-2013.1/install/index.php
<?php
// -----------------------------------------------------------------------------
// $Id: index.php 646 2013-03-22 13:09:49Z raoul $
//
// Copyright (C) 2013 Raoul Proença
// License: GNU GPL version 3 (see copying.txt file)
// Website: http://www.gnew.fr/
// -----------------------------------------------------------------------------
// This program is free software: you can redistribute it and/or modify it under
// the terms of the GNU General Public License as published by the Free Software
// Foundation, either version 3 of the License, or (at your option) any later
// version.
//
// This program is distributed in the hope that it will be useful, but WITHOUT
// ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
// FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
// details.
//
// You should have received a copy of the GNU General Public License along with
// this program. If not, see <http://www.gnu.org/licenses/>.
// -----------------------------------------------------------------------------

$invalid = preg_match('`(ftp|http|www)`i', $_SERVER['QUERY_STRING']);
if ($invalid != false)
{
    exit('Invalid query string. Exiting...');
}

error_reporting(E_ALL);

include('./../includes/config.php');
if (defined('SQL_DATABASE') && defined('SQL_HOST') && defined('SQL_PASSWORD') && defined('SQL_PORT') && defined('SQL_TYPE') && defined('SQL_USER'))
{
    switch (SQL_TYPE)
    {
        case 'mysql':
            include('./../includes/mysql.php');
            $sql = new mysql;
            break;
        case 'pgsql':
            include('./../includes/pgsql.php');
            $sql = new pgsql;
            break;
        case 'sqlite':
            include('./../includes/sqlite.php');
            $sql = new sqlite;
            break;
    }
}

include('./../includes/functions.php');

if (isset($_GET['language']) && $_GET['language'] == 'french')
{
    include('./../languages/' . $_GET['language'] . '.php');
}
elseif (isset($_POST['language']) && $_POST['language'] == 'french')
{
    include('./../languages/' . $_POST['language'] . '.php');
}
else
{
    include('./../languages/english.php');
    $_GET['language'] = $_POST['language'] = 'english';
}

if (strcmp(get_phpversion(), '5.4.0') < 0)
{
    ini_set('magic_quotes_runtime', 0);
    if (get_magic_quotes_gpc())
    {
        $_GET = remove_slashes($_GET);
        $_POST = remove_slashes($_POST);
        $_COOKIE = remove_slashes($_COOKIE);
    }
}
$_GET = add_slashes($_GET);
$_COOKIE = add_slashes($_COOKIE);

$error = '';

echo '<!DOCTYPE HTML>
<html lang="en">
  <head>
    <title>Gnew - Installation</title>
    <meta http-equiv="content-type" content="text/html; charset=UTF-8" />
    <meta name="application-name" content="Gnew" />
    <meta name="author" content="Raoul Proença" />
    <meta name="description" content="Gnew is a simple Content Management System written with PHP language and using a database server (MySQL, PostgreSQL or SQLite) for storage" />
    <meta name="generator" content="Notepad++" />
    <meta name="keywords" content="cms,gpl,mysql,open source,php,portal,postgresql,script,sqlite" />
  </head>
  <body>
    <section>';

if (isset($_GET['step']) && $_GET['step'] == 1)
{
    echo '
      <p>' . $lang['INSTALL_STEP_1'] . '</p>
      <ul>
        <li>' . $lang['INSTALL_REQUIRED_1'] . '</li>
        <li>' . $lang['INSTALL_REQUIRED_2'] . '</li>
        <li>' . $lang['INSTALL_REQUIRED_3'] . '</li>
      </ul>
      <p>' . $lang['INSTALL_README'] . '</p>
      <p><a href="./index.php?step=2&amp;language=' . $_GET['language'] . '" title="' . $lang['NEXT_STEP'] . '">' . $lang['NEXT_STEP'] . ' &gt;</a></p>';
}
elseif (isset($_GET['step']) && $_GET['step'] == 2)
{
    echo '
      <p>' . $lang['INSTALL_STEP_2'] . '</p>
      <form method="post" action="./index.php">
        <p><label>' . $lang['FORM_TYPE'] . ' <select name="sql_type"><option value="mysql">MySQL</option><option value="pgsql">PostgreSQL</option><option value="sqlite">SQLite</option></select></label></p>
        <p><input type="hidden" name="language" value="' . $_GET['language'] . '" /><input type="submit" name="select_database" value="' . $lang['SEND'] . '" /></p>
      </form>';
}
elseif (isset($_POST['select_database']))
{
    $data = "<?php\n";
    $data .= "// Database config file\n";
    $data .= "define('SQL_TYPE', '" . $_POST['sql_type'] . "');\n";
    if ($_POST['sql_type'] == 'sqlite')
    {
        $data .= "define('SQL_HOST', '');\n";
        $data .= "define('SQL_PORT', '');\n";
        $data .= "define('SQL_DATABASE', './../db/gnew.db');\n";
        $data .= "define('SQL_USER', '');\n";
        $data .= "define('SQL_PASSWORD', '');\n";
    }
    $data .= "?>";

    $handle = './../includes/config.php';
    if ($fp = @fopen($handle, 'wb'))
    {
        flock($fp, LOCK_EX);
        fwrite($fp, $data, strlen($data));
        flock($fp, LOCK_UN);
        fclose($fp);
    }
    else
    {
        $error = sprintf($lang['ERROR_OPEN_FILE'], $handle);
    }
    if ($error)
    {
        echo '
      <p>' . $error . '</p>';
    }
    else
    {
        if ($_POST['sql_type'] == 'sqlite')
        {
            echo '
      <p>' . $lang['DATABASE_SELECTED'] . '</p>
      <p><a href="./index.php?step=3&amp;language=' . $_POST['language'] . '" title="' . $lang['NEXT_STEP'] . '">' . $lang['NEXT_STEP'] . ' &gt;</a></p>';
        }
        else
        {
            $default_port = '';
            if ($_POST['sql_type'] == 'mysql')
            {
                $default_port = '3306';
            }
            if ($_POST['sql_type'] == 'pgsql')
            {
                $default_port = '5432';
            }
            echo '
      <p>' . $lang['INSTALL_STEP_3'] . '</p>
      <form method="post" action="./index.php">
        <p><label>' . $lang['FORM_HOST'] . ' <input type="text" name="sql_host" value="' . $_SERVER['SERVER_NAME'] . '" size="25" maxlength="256" /></label></p>
        <p><label>' . $lang['FORM_PORT'] . ' <input type="text" name="sql_port" value="' . $default_port . '" size="25" maxlength="5" /></label></p>
        <p><label>' . $lang['FORM_DATABASE'] . ' <input type="text" name="sql_database" size="25" maxlength="64" /></label></p>
        <p><label>' . $lang['FORM_USERNAME'] . ' <input type="text" name="sql_user" size="25" maxlength="64" /></label></p>
        <p><label>' . $lang['FORM_PASSWORD'] . ' <input type="password" name="sql_password" size="25" maxlength="32" /></label></p>
        <p><input type="hidden" name="language" value="' . $_POST['language'] . '" /><input type="submit" name="add_database" value="' . $lang['SEND'] . '" /></p>
      </form>';
        }
    }
}
elseif (isset($_POST['add_database']))
{
    $data = "<?php\n";
    $data .= "// Database config file\n";
    $data .= "define('SQL_TYPE', '" . SQL_TYPE . "');\n";
    $data .= "define('SQL_HOST', '" . $_POST['sql_host'] . "');\n";
    $data .= "define('SQL_PORT', '" . $_POST['sql_port'] . "');\n";
    $data .= "define('SQL_DATABASE', '" . $_POST['sql_database'] . "');\n";
    $data .= "define('SQL_USER', '" . $_POST['sql_user'] . "');\n";
    $data .= "define('SQL_PASSWORD', '" . $_POST['sql_password'] . "');\n";
    $data .= "?>";

    $handle = './../includes/config.php';
    if ($fp = @fopen($handle, 'wb'))
    {
        flock($fp, LOCK_EX);
        fwrite($fp, $data, strlen($data));
        flock($fp, LOCK_UN);
        fclose($fp);
    }
    else
    {
        $error = sprintf($lang['ERROR_OPEN_FILE'], $handle);
    }
    if ($error)
    {
        echo '
      <p>' . $error . '</p>';
    }
    else
    {
        echo '
      <p>' . $lang['DATABASE_ADDED'] . '</p>
      <p><a href="./index.php?step=3&amp;language=' . $_POST['language'] . '" title="' . $lang['NEXT_STEP'] . '">' . $lang['NEXT_STEP'] . ' &gt;</a></p>';
    }
}
elseif (isset($_GET['step']) && $_GET['step'] == 3)
{
    $handle = './sql/' . SQL_TYPE . '.sql';
    if ($fp = @fopen($handle, 'rb'))
    {
        $content = fread($fp, filesize($handle));
        fclose($fp);
        preg_match_all('`CREATE[^;]+;`', $content, $matches);
        $queries = $matches[0];
        $num_queries = count($queries);
        for ($i = 0; $i < $num_queries; $i++)
        {
            $sql->query($queries[$i]);
        }
    }
    else
    {
        $error = sprintf($lang['ERROR_OPEN_FILE'], $handle);
    }
    if ($error)
    {
        echo '
      <p>' . $error . '</p>';
    }
    else
    {
        echo '
      <p>' . $lang['TABLES_CREATED'] . '</p>
      <p><a href="./index.php?step=4&amp;language=' . $_GET['language'] . '" title="' . $lang['NEXT_STEP'] . '">' . $lang['NEXT_STEP'] . ' &gt;</a></p>';
    }
}
elseif (isset($_GET['step']) && $_GET['step'] == 4)
{
    echo '
      <p>' . $lang['INSTALL_STEP_4'] . '</p>
      <form method="post" action="./index.php">
        <p><label>' . $lang['FORM_USERNAME'] . ' <input type="text" name="user_name" size="25" maxlength="64" /></label></p>
        <p><label>' . $lang['FORM_PASSWORD'] . ' <input type="password" name="user_password" size="25" maxlength="32" /></label></p>
        <p><label>' . $lang['FORM_PASSWORD2'] . ' <input type="password" name="user_password2" size="25" maxlength="32" /></label></p>
        <p><label>' . $lang['FORM_EMAIL'] . ' <input type="text" name="user_email" size="25" maxlength="256" /></label></p>
        <p><input type="hidden" name="language" value="' . $_GET['language'] . '" /><input type="submit" name="create_user" value="' . $lang['SEND'] . '" /></p>
      </form>';
}
elseif (isset($_POST['create_user']))
{
    if (!trim($_POST['user_name']))
    {
        $error .= $lang['ERROR_NO_USERNAME'];
    }
    else
    {
        if (utf8_strlen(trim($_POST['user_name'])) < 3)
        {
            $error .= sprintf($lang['ERROR_NAME_LENGTH'], 3);
        }
    }
    if (!trim($_POST['user_password']))
    {
        $error .= $lang['ERROR_NO_PASSWORD'];
    }
    else
    {
        if (utf8_strlen(trim($_POST['user_password'])) < 6)
        {
            $error .= sprintf($lang['ERROR_PASSWORD_LENGTH'], 6);
        }
        if (trim($_POST['user_password2']) != trim($_POST['user_password']))
        {
            $error .= $lang['ERROR_PASSWORD_MATCH'];
        }
    }
    if (!trim($_POST['user_email']))
    {
        $error .= $lang['ERROR_NO_EMAIL'];
    }
    else
    {
        if (check_email($_POST['user_email']))
        {
            $user_email = $_POST['user_email'];
        }
        else
        {
            $error .= $lang['ERROR_INVALID_USER_EMAIL'];
        }
    }
    if ($error)
    {
        echo '
      <p>' . $error . '</p>';
    }
    else
    {
        $sql->query('INSERT INTO gnew_users (user_email, user_ip, user_key, user_language, user_level, user_name, user_password, user_creation)
                     VALUES (\'' . $user_email . '\', \'' . $_SERVER['REMOTE_ADDR'] . '\', \'0\', \'' . $_POST['language'] . '\', \'4\', \'' . utf8_entities($_POST['user_name']) . '\', \'' . sha1(utf8_entities($_POST['user_password'])) . '\', \'' . time() . '\')');
        $sql->query('INSERT INTO gnew_settings (sender_email, sender_name)
                     VALUES (\'' . $user_email . '\', \'' . utf8_entities($_POST['user_name']) . '\')');
        echo '
      <p>' . $lang['USER_CREATED'] . '</p>
      <p><a href="./index.php?step=5&amp;language=' . $_POST['language'] . '" title="' . $lang['NEXT_STEP'] . '">' . $lang['NEXT_STEP'] . ' &gt;</a></p>';
    }
}
elseif (isset($_GET['step']) && $_GET['step'] == 5)
{
    $site_url = !empty($_SERVER['HTTP_HOST']) ? 'http://' . $_SERVER['HTTP_HOST'] . dirname(dirname($_SERVER['PHP_SELF'])) : 'http://';
    echo '
      <p>' . $lang['INSTALL_STEP_5'] . '</p>
      <form method="post" action="./index.php">
        <p><label>' . $lang['FORM_SITE_NAME'] . ' <input type="text" name="site_name" size="25" maxlength="64" /></label></p>
        <p><label>' . $lang['FORM_SITE_URL'] . ' <input type="text" name="site_url" value="' . $site_url . '" size="25" maxlength="256" /></label></p>
        <p><label>' . $lang['INSTALL_EMOTICONS'] . ' <select name="add_emoticons"><option value="0">' . $lang['NO'] . '</option><option value="1" selected="selected">' . $lang['YES'] . '</option></select></label></p>
        <p><input type="hidden" name="language" value="' . $_GET['language'] . '" /><input type="submit" name="update_settings" value="' . $lang['SEND'] . '" /></p>
      </form>';
}
elseif (isset($_POST['update_settings']))
{
    if (!trim($_POST['site_name']))
    {
        $error .= $lang['ERROR_NO_SITE_NAME'];
    }
    if (!trim($_POST['site_url']))
    {
        $error .= $lang['ERROR_NO_SITE_URL'];
    }
    if ($_POST['add_emoticons'])
    {
        $handle = './sql/emoticons.sql';
        if ($fp = @fopen($handle, 'rb'))
        {
            $content = fread($fp, filesize($handle));
            fclose($fp);
            preg_match_all('`INSERT[^\n]+\n`', $content, $matches);
            $queries = $matches[0];
            $num_queries = count($queries);
            for ($i = 0; $i < $num_queries; $i++)
            {
                $sql->query($queries[$i]);
            }
            $sql->query('UPDATE gnew_emoticons
                         SET emoticon_creation = \'' . time() . '\'');
        }
        else
        {
            $error = sprintf($lang['ERROR_OPEN_FILE'], $handle);
        }
    }
    else
    {
        $dir = './../images/emoticons';
        if ($handle = opendir($dir))
        {
            while (($file = readdir($handle)) !== false)
            {
                if (preg_match('`\.png$`', $file))
                {
                    unlink($dir . '/' . $file);
                }
            }
            closedir($handle);
        }
    }
    if ($error)
    {
        echo '
      <p>' . $error . '</p>';
    }
    else
    {
        $sql->query('UPDATE gnew_settings
                     SET language = \'' . $_POST['language'] . '\', site_name = \'' . utf8_entities($_POST['site_name']) . '\', site_url = \'' . rtrim(utf8_entities($_POST['site_url']), ' /') . '\'');
        echo '
      <p>' . $lang['SETTINGS_UPDATED'] . '</p>
      <p>' . $lang['INSTALL_FINISHED'] . '</p>';
    }
}
else
{
    echo '
      <p><a href="./index.php?step=1" title="English">English</a> | <a href="./index.php?step=1&amp;language=french" title="Fran&ccedil;ais">Fran&ccedil;ais</a></p>';
}

echo '
    </section>
  </body>
</html>';

?>
Return current item: Gnew