Location: PHPKode > projects > MembersGear > membersgear/installation/default_admin_setup.php
<?php
  require_once "config/config.php";
  require_once PHYSICAL_DIR_INSTALLATION."config/db.php";
  require_once "functions.php";
   
  
  if($_POST)
   {
        
     $db_name=MEMBERSGEAR_DB_NAME;
     $db_username=MEMBERSGEAR_DB_USER;
     $db_password=MEMBERSGEAR_DB_PASSWORD;
     $db_hostaddress=MEMBERSGEAR_DB_HOST;
        
     $file = PHYSICAL_DIR_INSTALLATION."/config/db.php";
      if(is_writable($file))
       {
            
            if(!($db = mysql_connect($db_hostaddress, $db_username, $db_password))) 
            
              {
                   $smarty_installation->assign('msg','Could not connect to the database');
                   $smarty_installation->display('installation_admin_setup.tpl');                   
              
              }
            else
             {
                  $linkid = mysql_connect($db_hostaddress,$db_username,$db_password);
                  if(!@mysql_select_db($db_name, $linkid)) 
                    {
                         $smarty_installation->assign('msg','database does not exist');
                         $smarty_installation->display('installation_admin_setup.tpl');           
                    }   
                  else
                  {
      
                        $query="select username from ".TABLE_PREFIX ."users where username='administrator'";   
                        $lsusern=mysql_query($query,$linkid);
                        if($lsusern!=false)
                         {
                            $adminEmailId=$_SESSION['OPTIONS']['ADMINISTRATOR_EMAIL_ADDRESS'];
                            if(mysql_num_rows($lsusern)==0)
                             {
                                     $lstokenKey=createToken(); 
                                     $username='admin';
                                     $password=encrypt('admin',$lstokenKey);
                                     $secretsalt=$lstokenKey;
                                     $firstname='admin';
                                     $lastname='admin' ;
                                     $Email=$adminEmailId;
                                     $country='1';
                                     $state='239';
                                     $city='C.A';
                                     $address1='U.S.A';
                                     $address2='U.S.A';
                                     $zipcode='111111';
                                     $phone_main='1235451';
                                     $createdon=mktime();
                                     $createdby=0;
                                     $createdipaddress=$_SERVER['REMOTE_ADDR'];
                                     $isapproved=1;
                                     $islockedout=0;
                                     $ins_query="INSERT INTO ".TABLE_PREFIX ."users (`username`,`password`,`secretsalt`,`firstname`,`lastname`, `Email`,`country`,`state`,`city`,`address1`,`address2`, `zipcode`,`phone_main`,`createdon`, `createdby`,`createdipaddress`,`isapproved`,`islockedout`)
                                      VALUES ('$username','$password','$secretsalt','$firstname','$lastname','$Email',$country,$state,'$city','$address1','$address2','$zipcode','$phone_main',$createdon,$createdby,'$createdipaddress',$isapproved,$islockedout)";        
                                        
                                      $gSql = mysql_query($ins_query) or die(mysql_error());
                                      if($gSql)
                                      {
               
                                            $lauserinfo = "SELECT id FROM ".TABLE_PREFIX ."users where username='admin'";
                                            $lsusern=mysql_query($lauserinfo,$linkid);
                                            if($lsusern!=false)
                                             {
                                                if(mysql_num_rows($lsusern)>0)
                                                 {
                                                            $row = mysql_fetch_row($lsusern);
                                                            $admin_id=$row[0];
                                                            
                                                             $lsValuesrole='admin';              
                                                             
                                                             $getadmin_role="select * from ".TABLE_PREFIX."roles where name='$lsValuesrole'";
                                                             $adminroleResult=mysql_query($getadmin_role,$linkid);
                                                             if($adminroleResult!=false)
                                                             {
                                                                    if(mysql_num_rows($adminroleResult)>0)
                                                                     {  
                                                                         $row = mysql_fetch_row($adminroleResult); 
                                                                         $admin_role=$row[0];
                                                                         $createdon=mktime();
                                                                         $createdby=0;
                                                                         $createdipaddress=$_SERVER['REMOTE_ADDR'];
                                                                        
                                                                         $ins_query_rol="INSERT INTO ".TABLE_PREFIX ."users_in_roles (`userid`,`roleid`,`createdon`,`createdby`,`createdipaddress`)
                                                                          VALUES ($admin_id,$admin_role,$createdon,$createdby,'$createdipaddress')";
                                                                          
                                                                          $gSqlroleRes = mysql_query($ins_query_rol) or die(mysql_error());   
                                                                     } 
                                                             }  
                                                         

                                 
                                 
                                                                $queyMaterPermission="select id from ".TABLE_PREFIX."master where `name`='permissions'";         
                                                                $masterClassRes=mysql_query($queyMaterPermission,$linkid); 
                                                                 if($masterClassRes!=false)
                                                                     {
                                                                            if(mysql_num_rows($masterClassRes)>0)
                                                                             {
                                                                                    $row = mysql_fetch_row($masterClassRes);
                                                                                    $masterPer=$row[0];
                                                                               
                                                                                 
                                                                                    $queyMaterPermissionval="select id from ".TABLE_PREFIX."master_values where value='Super Admin' and masterid=$masterPer";
                                                                                    $masterClassResVal=mysql_query($queyMaterPermissionval,$linkid); 
                                                                                    if(mysql_num_rows($masterClassResVal)>0)
                                                                                     {
                                                                                        $row = mysql_fetch_row($masterClassResVal);
                                                                                        $masterPerValid=$row[0];
                                                                                         
                                                                                     }
                                                                                     
                                                                                       $createdon=mktime();
                                                                                       $createdby=0;
                                                                                       $createdipaddress=$_SERVER['REMOTE_ADDR'];
                                                                                
                                                                                       $query_permission= "INSERT INTO ".TABLE_PREFIX."users_permissions (`userid`, `permission`, `createdon`, 
                                                                                      `createdby`, `createdipaddress`)VALUES($admin_id,$masterPerValid,$createdon,$createdby,'$createdipaddress')";                
                                                                                     
                                                                                      
                                                                                       $gSqlPemission_ins = mysql_query($query_permission) or die(mysql_error());   
                                                                                       $ipAddress=$_SERVER['REMOTE_ADDR'];
                                                                                       if($gSqlPemission_ins)
                                                                                       {
                                                                                           
                                                                                           /*update query*/ 
                                                                                           
                                                                                           $currentTimeStemp=mktime();
                                                                                           $updateThemePages="update ".TABLE_PREFIX."theme_pages set createdon=$currentTimeStemp,createdby=$admin_id,createdipaddress='$ipAddress',modifiedon=$currentTimeStemp,modifiedby=$admin_id,modifiedipaddress='$ipAddress'";
                                                                                           $updateThemePagesRes=mysql_query($updateThemePages) or die(mysql_error());   
                                                                                           
                                                                                          
                                                                                           $updateTheme="update ".TABLE_PREFIX."theme set createdon=$currentTimeStemp,createdby=$admin_id,createdipaddress='$ipAddress',modifiedon=$currentTimeStemp,modifiedby=$admin_id,modifiedipaddress='$ipAddress'";
                                                                                           $updateThemeResult=mysql_query($updateTheme) or die(mysql_error());   
                                                                                            
                                                                                           
                                                                                           
                                                                                           $updateRole="update ".TABLE_PREFIX."roles set createdon=$currentTimeStemp,createdBy=$admin_id,createdipaddress='$ipAddress',modifiedon=$currentTimeStemp,modifiedby=$admin_id,modifiedipaddress='$ipAddress'";
                                                                                           $updateRoleResult=mysql_query($updateRole) or die(mysql_error());   
                                                                                           
                                                                                           
                                                                                           
                                                                                           $updateMaster="update ".TABLE_PREFIX."master set createdon=$currentTimeStemp,createdby=$admin_id,createdipaddress='$ipAddress',modifiedon=$currentTimeStemp,modifiedby=$admin_id,modifiedipaddress='$ipAddress'";
                                                                                           $updateMasterResult=mysql_query($updateMaster) or die(mysql_error());   
                                                                                           
                                                                                           
                                                                                           
                                                                                           $updateLocation="update ".TABLE_PREFIX."location set createdon=$currentTimeStemp,createdby=$admin_id,createdipaddress='$ipAddress',modifiedon=$currentTimeStemp,modifiedby=$admin_id,modifiedipaddress='$ipAddress'";
                                                                                           $updateLocationResult=mysql_query($updateLocation) or die(mysql_error());   
                                                                                           
     

                                                                                           $emailFrom=$_SESSION['OPTIONS']['PHPMAILER_EMAIL_FROM'];
                                                                                           $sendername=$_SESSION['OPTIONS']['PHPMAILER_EMAIL_FROM_NAME'];
                                                                                           
                                                                                           $updateEmailTemplate="update ".TABLE_PREFIX."email_templates set  sender_name='$sendername',sender_email='$emailFrom',createdon=$currentTimeStemp,createdby=$admin_id,createdipaddress='$ipAddress',modifiedon=$currentTimeStemp,modifiedby=$admin_id,modifiedipaddress='$ipAddress'";
                                                                                           $updateEmailTemplateResult=mysql_query($updateEmailTemplate) or die(mysql_error());   
                                                                                           
                                                                                           /***************************/
                                                                                           
                                                                                           
                                                                                           //insert all options //
                                                                                           
                                                                                          
                                                                                          /*set messages to session */
                                                                                          
                                                                                          
                                                                                          $_SESSION['OPTIONS']['MESSAGE_USER_NOT_LOGEDIN']=addslashes('If you are a registered member, please <a href=\"user_login.php\">login</a>. If you are not registered yet, please <a href=\"user_signup.php\"> signup</a>.');
                                                                                          $_SESSION['OPTIONS']['MESSAGE_CLOSED_ACCOUNT']=addslashes('Your account has been closed by the administrator: !reason!');
                                                                                          $_SESSION['OPTIONS']['MESSAGE_LOCKED_ACCOUNT']=addslashes('Your account has been locked by the due to invalid password attempts.');
                                                                                          $_SESSION['OPTIONS']['MESSAGE_BANED_SYSTEM']=addslashes('You are banned from view this site');
                                                                                          $_SESSION['OPTIONS']['MESSAGE_ACCOUNT_NOT_VARIFIED']=addslashes('Your account has not yet been verified by admin');
                                                                                          $_SESSION['OPTIONS']['MESSAGE_ADMIN_NO_PERMISSION']=addslashes('<h1>You do not have permission to use this functionality. To use this functionality, Please logout and login back as different \"Admin\" having permission to this functionality.</h1>');
                                                                                          $_SESSION['OPTIONS']['MESSAGE_SYSTEM_ERROR']=addslashes('There was some error occured while processing your request.Please try again later');
                                                                                          $_SESSION['OPTIONS']['MESSAGE_EXPIRED_ACCOUNT']=addslashes('Your membership has expired. <br> Please <a href=\"!profile!\" style=\"color:red;text-decoration:underline\">log in to profile</a> and renew your subscription.');
                                                                                          $_SESSION['OPTIONS']['MESSAGE_INVALID_PRODUCT']=addslashes('You are not authorized to view this product.');
                                                                                          $_SESSION['OPTIONS']['MESSAGE_NO_SUCH_USER']=addslashes('This user does not exist.');
                                                                                          $_SESSION['OPTIONS']['MESSAGE_USERNAME_PASSWORD_DOES_NOT_MATCH']=addslashes('Invalid username or password');
                                                                                          $_SESSION['OPTIONS']['MESSAGE_WRONG_PASSWORD']=addslashes('Invalid Password.');
                                                                                          $_SESSION['OPTIONS']['MESSAGE_EMAIL_NOT_VARIFIED']=addslashes('Your email address must be verified first.');
                                                                                          $_SESSION['OPTIONS']['MESSAGE_ACCOUNT_NOT_VARIFIED_APPOVERED']=addslashes('Your account is either locked or you have not validated your email address');
                                                                                          $_SESSION['OPTIONS']['MESSAGE_NO_USERNAME_NORMAL']=addslashes('Please enter your Username.');
                                                                                          $_SESSION['OPTIONS']['MESSAGE_USER_EXIST']=addslashes('user already exist');
                                                                                          $_SESSION['OPTIONS']['MESSAGE_NO_PASSWORD_NORMAL']=addslashes('Please enter your Password.');
                                                                                          $_SESSION['OPTIONS']['MESSAGE_PASSWORD_NOT_MATCH']=addslashes('Your two passwords didn\'t match.');
                                                                                          $_SESSION['OPTIONS']['MESSAGE_DUPLICATE_EMAIL']=addslashes('e-mail already exist');
                                                                                          $_SESSION['OPTIONS']['MESSAGE_INVALID_SECURITY_CODE']=addslashes('Security Code is wrong');
                                                                                          $_SESSION['OPTIONS']['MESSAGE_PRODUCT_SIGNUP_THANK_YOU']=addslashes('<center>Thank you for signing up, we appreciate your business. Please wait while we redirect you to our product page.</center>');
                                                                                          
                                                                                          
                                                                                          //set emails content
                                                                                          
                                                                                          $_SESSION['OPTIONS']['EMAIL_ACCOUNT_LOCKED']='true';
                                                                                          $_SESSION['OPTIONS']['EMAIL_ACCOUNT_LOCKED_TEMPLATE_ID ']='1';
                                                                                          $_SESSION['OPTIONS']['EMAIL_ACCOUNT_LOCKED_TEMPLATE_NAME ']='Account Locked';
                                                                                          
                                                                                          $_SESSION['OPTIONS']['EMAIL_PAYMENT_COMPLETED ']='false';
                                                                                          $_SESSION['OPTIONS']['EMAIL_PAYMENT_COMPLETED_TEMPLATE_ID ']='2';
                                                                                          $_SESSION['OPTIONS']['EMAIL_PAYMENT_COMPLETED_TEMPLATE_NAME ']='Payment received';
                                                                                          
                                                                                          $_SESSION['OPTIONS']['EMAIL_PRODUCT_SIGNUP']='true';
                                                                                          $_SESSION['OPTIONS']['EMAIL_PRODUCT_SIGNUP_DAYS']='0';
                                                                                          $_SESSION['OPTIONS']['EMAIL_PRODUCT_SIGNUP_TEMPLATE_ID']='3';
                                                                                          $_SESSION['OPTIONS']['EMAIL_PRODUCT_SIGNUP_TEMPLATE_NAME']='Product signup completed';
                                                                                          
                                                                                          $_SESSION['OPTIONS']['EMAIL_CHANGE_PROFILE']='true';
                                                                                          $_SESSION['OPTIONS']['EMAIL_CHANGE_PROFILE_TEMPLATE_ID']='4';
                                                                                          $_SESSION['OPTIONS']['EMAIL_CHANGE_PROFILE_TEMPLATE_NAME']='Profile updated';
                                                                                          
                                                                                          $_SESSION['OPTIONS']['EMAIL_SUBSCRIPTION_ABOUT_TO_EXPIRED']='true';
                                                                                          $_SESSION['OPTIONS']['EMAIL_SUBSCRIPTION_ABOUT_TO_EXPIRED_DAYS']='-5';
                                                                                          $_SESSION['OPTIONS']['EMAIL_SUBSCRIPTION_ABOUT_TO_EXPIRED_TEMPLATE_NAME']='Subscription about to expire';
                                                                                          $_SESSION['OPTIONS']['EMAIL_SUBSCRIPTION_ABOUT_TO_EXPIRED_TEMPLATE_ID']='5';
                                                                                          
                                                                                          $_SESSION['OPTIONS']['EMAIL_FORGOT_PASSWORD']='true';
                                                                                          $_SESSION['OPTIONS']['EMAIL_FORGOT_PASSWORD_TEMPLATE_ID']='6';
                                                                                          $_SESSION['OPTIONS']['EMAIL_FORGOT_PASSWORD_TEMPLATE_NAME']='User Forgot Password';
                                                                                          
                                                                                          
                                                                                          $_SESSION['OPTIONS']['EMAIL_SUBSCRIPTION_IS_EXPIRED']='true';
                                                                                          $_SESSION['OPTIONS']['EMAIL_SUBSCRIPTION_IS_EXPIRED_DAYS']='1';
                                                                                          $_SESSION['OPTIONS']['EMAIL_SUBSCRIPTION_IS_EXPIRED_TEMPLATE_ID']='7';
                                                                                          $_SESSION['OPTIONS']['EMAIL_SUBSCRIPTION_IS_EXPIRED_TEMPLATE_NAME']='Subscription expired';
                                                                                          
                                                                                          $_SESSION['OPTIONS']['EMAIL_PRODUCT_PAYMENT_PENDING']='true';
                                                                                          $_SESSION['OPTIONS']['EMAIL_PRODUCT_PAYMENT_PENDING_DAYS']='0';
                                                                                          $_SESSION['OPTIONS']['EMAIL_PRODUCT_PAYMENT_PENDING_TEMPLATE_ID']='8';
                                                                                          $_SESSION['OPTIONS']['EMAIL_PRODUCT_PAYMENT_PENDING_TEMPLATE_NAME']='Product payment pending';
                                                                                          
                                                                                          $_SESSION['OPTIONS']['EMAIL_PRODUCT_PAYMENT_FAILED']='true';
                                                                                          $_SESSION['OPTIONS']['EMAIL_PRODUCT_PAYMENT_FAILED_DAYS']='0';
                                                                                          $_SESSION['OPTIONS']['EMAIL_PRODUCT_PAYMENT_FAILED_TEMPLATE_ID']='9';
                                                                                          $_SESSION['OPTIONS']['EMAIL_PRODUCT_PAYMENT_FAILED_TEMPLATE_NAME']='Product payment failed';
                                                                                           
                                                                                           
                                                                                      
                                                                                           
                                                                                           $web_url_salt=encrypt($_SESSION['OPTIONS']['WEB_URL']."SUCCESSFUL");
                                                                                           $_SESSION['OPTIONS']['MEMBERSGEAR_INSTALLATION_SALT']=$web_url_salt;
                                                                                           $_SESSION['OPTIONS']['CRON_LAST_EXECUTED_ON']='';
                                                                                           
                                                                                           foreach($_SESSION['OPTIONS'] as $inkey => $inval)
                                                                                           {
                                                                                                $optionQuery= "INSERT INTO ".TABLE_PREFIX."options (`blog_id`, `option_name`, `option_value`, 
                                                                                                `autoload`)VALUES(0,'$inkey','$inval','yes')";                
                                                                                                $res= mysql_query($optionQuery) or die(mysql_error()); 
                                                                                               
                                                                                           }
                                                                                           
                                                                                           $ifHavingIndexingPermission=@IsPrivileged($db_hostaddress, $db_username, $db_password,$db_name);
                                                                                          
                                                                         
                                                                                           if($ifHavingIndexingPermission){
                                                                                           
                                                                                                 $result1=@mysql_query('CREATE INDEX userIdIndx ON '.TABLE_PREFIX.'users (id)');
                                                                                                 $result2=@mysql_query('CREATE INDEX IdIndex ON '.TABLE_PREFIX.'product_users (id)');
                                                                                                 $result3=@mysql_query('CREATE INDEX UserIdIndx ON  '.TABLE_PREFIX.'product_users (userid)');
                                                                                                 $result4=@mysql_query('CREATE INDEX ProductIdIndx ON '.TABLE_PREFIX.'product_users (productid)');
                                                                                    
                                                                                           }
                                                                                           $_SESSION['DEFAULT_ADMIN_INSTALLATION']='done';
                                                                                           redirect("next_step.php");
                            
                                                                                       }
                                                                                       
                                                                                          
                                                                             }      
                                                                                    
                                                
                                                                  }
                                                                 else
                                                                 {
                                                                 
                                                                      $smarty_installation->assign('msg','Error occure while creating administrator');
                                                                      $smarty_installation->display('installation_admin_setup.tpl');    
                                                                     
                                                                 } 

                                                      }
                                                        else
                                                        {
                                                           $smarty_installation->assign('msg','Error occure while creating administrator');
                                                           $smarty_installation->display('installation_admin_setup.tpl');    
                                                                     
                                                        }
                                            
                                             }
                                             else
                                               {
                                                   $smarty_installation->assign('msg','Error occure while creating administrator');
                                                   $smarty_installation->display('installation_admin_setup.tpl');    
                                                                     
                                               } 
            
                                      }
                                      else
                                       {
                                          $smarty_installation->assign('msg','Error occure while creating administrator');
                                          $smarty_installation->display('installation_admin_setup.tpl');    
                                                                     
                                       }
                                       
                             }
                             else
                             {
                                   $smarty_installation->assign('msg','Administrator already created in system');
                                   $smarty_installation->display('installation_admin_setup.tpl');    
                                                                     
                              }
                         }   
                         else
                          {
                          
                            $smarty_installation->assign('msg','Error occure while creating administrator');
                            $smarty_installation->display('installation_admin_setup.tpl');    
                                                                     
                          
                          }            
                  
                  
                    }
             
             
             }
                             
         
         }           
       else
         {
            
             $smarty_installation->assign('msg','change root of web site/config/db.php file permission to read write');
             $smarty_installation->display('installation_admin_setup.tpl');    
          
             
         }
         
         
   }
   else
    {
       $smarty_installation->display('installation_admin_setup.tpl');
    }      
  
   function IsPrivileged($server,$username,$password,$dbname) {

      try {
          
             $connect=mysql_connect($server,$username,$password) ;

             if($connect){

              $linkSelect=mysql_selectdb($dbname);
     
              if($linkSelect){
               
                 $result1=@mysql_query('SHOW GRANTS FOR CURRENT_USER');
                 
                 
                 while ($row = mysql_fetch_row(($result1))) {
          
                     $result[] = stripslashes( $row[0] ) ;
          
                 }
                    
                    
                  if(!is_array($result) || count($result)<=0 ) { 
                     
                     
                 } else {
                     
                     foreach($result as $value) {
                         
                         if(strpos($value, 'GRANT USAGE ON') !== false) {
                             
                             
                         } else {
                             
                                /* if(strpos($value , 'GRANT ALL PRIVILEGES ON *.*') !== false) {
                                     
                                     return true;
                                     
                                 }*/             
                                 
                                 if(strpos($value , "GRANT ALL PRIVILEGES ON `$dbname`.*") !== false) {
                                     
                                     return true;
                                     
                                 }  
                                 
                                 if(strpos($value , 'INDEX') !== false) {
                                     
                                     return true;
                                     
                                 } 
                                 
                                 // GRANT ALL PRIVILEGES ON *.*                     
                                 
                                 // GRANT ALL PRIVILEGES ON `dbmembersgear`
                                                  
                                 //GRANT SELECT, INSERT, DELETE, CREATE, DROP, REFERENCES, INDEX, ALTER, CREATE TEMPORARY TABLES, 
                                 //LOCK TABLES,  EXECUTE, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE ON 
                                 //`dbmembersgear`.* TO 'root3'@'%' WITH GRANT OPTION
                                 
                                 
                                 
                             
                         }
                         
                     }

                     
                 }
              
              }
          }
      
      } catch(Exception $e) {
          
          echo $e->message;
      }
  
  
      return false;

  }       
         
  ?>
Return current item: MembersGear