<?php
/* compile.php
Copyright (C) 2008 James Crickmere
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
session_start();
include('../config.php');
// See if OpenGB is already installed:
if($gb_installed == true) {
echo "<h1>OpenGB is already installed</h1>\n";
echo "<p>This page cannot be accessed for security reasons. If you are the website administrator, and you intend to re-install OpenGB, please set the \$gb_installed variable in config.php to false.</p>\n";
echo "<p>For more information, please see the <a href=\"http://opengb.sourceforge.net/\">OpenGB website</a>.";
exit;
}
// Check if page was accessed by install.php
if(isset($_POST['submitted']) == false) {
header('Location: install.php');
die('No post data found. Please install from <a href="install.php">install.php</a>.');
}
// Form validation checking
$err = false;
if($_POST['title'] == null && $_POST['upgrade'] != 'yes') {
$err = true;
$_SESSION['err_1'] = true;
} else {
unset($_SESSION['err_1']);
}
if($_POST['mysql_dbname'] == null) {
$err = true;
$_SESSION['err_2'] = true;
} else {
unset($_SESSION['err_2']);
}
if($_POST['mysql_username'] == null) {
$err = true;
$_SESSION['err_3'] = true;
} else {
unset($_SESSION['err_3']);
}
if($_POST['mysql_password'] == null) {
$err = true;
$_SESSION['err_4'] = true;
} else {
unset($_SESSION['err_4']);
}
if($_POST['password'] == null && $_POST['upgrade'] != 'yes') {
$err = true;
$_SESSION['err_5'] = true;
} else {
unset($_SESSION['err_5']);
}
if($err == true) {
$_SESSION['err'] = true;
$_SESSION['title'] = $_POST['title'];
$_SESSION['mysql_dbname'] = $_POST['mysql_dbname'];
$_SESSION['mysql_prefix'] = $_POST['mysql_prefix'];
$_SESSION['mysql_host'] = $_POST['mysql_host'];
$_SESSION['mysql_username'] = $_POST['mysql_username'];
$_SESSION['mysql_password'] = $_POST['mysql_password'];
$_SESSION['password'] = $_POST['password'];
header('Location: install.php');
die('Form validation failed, please <a href="install.php">go back</a> and fill in all the required fields correctly');
}
if($_POST['mysql_host'] == null)
$mysql_host = "localhost";
else
$mysql_host = $_POST['mysql_host'];
if($link = @mysql_connect($mysql_host,$_POST['mysql_username'],$_POST['mysql_password']) == false) {
$_SESSION['err_6'] = true;
$err = true;
} else {
if(@mysql_select_db($_POST['mysql_dbname']) == false) {
if(@mysql_query("CREATE DATABASE " . $_POST['mysql_dbname']) == false) {
$_SESSION['err_7'] = true;
$err = true;
} else {
unset($_SESSION['err_7']);
mysql_close();
}
} else {
unset($_SESSION['err_6']);
mysql_close();
}
}
if($err == true) {
$_SESSION['err'] = true;
$_SESSION['err'] = true;
$_SESSION['title'] = $_POST['title'];
$_SESSION['mysql_dbname'] = $_POST['mysql_dbname'];
$_SESSION['mysql_prefix'] = $_POST['mysql_prefix'];
$_SESSION['mysql_host'] = $_POST['mysql_host'];
$_SESSION['mysql_username'] = $_POST['mysql_username'];
$_SESSION['mysql_password'] = $_POST['mysql_password'];
$_SESSION['password'] = $_POST['password'];
header('Location: install.php');
die('Form validation failed, please <a href="install.php">go back</a> and fill in all the required fields correctly</a>');
}
unset($_SESSION['err']);
unset($err);
// Build config file
$config = "<?php\n";
$config .= "/* -- OPENGB CONFIGURATION FILE --\n";
$config .= " This file was automatically created during installation. It contains information such as mysql database details and passwords.\n";
$config .= " OpenGB is an open source guestbook available from http://opengb.googlecode.com.\n";
$config .= " Copyright 2008 James Crickmere. An up to date copy of the license for this software is at http://www.gnu.org/licenses/gpl.txt\n";
$config .= "*/\n\n";
$config .= "// MySQL database name:\n";
$config .= "$" . "gb_mysql_dbname = '" . $_POST['mysql_dbname'] . "';\n\n";
$config .= "// MySQL guestbook table name:\n";
$config .= "$" . "gb_mysql_guestbook = '" . $_POST['mysql_prefix'] . "guestbook';\n\n";
$config .= "// MySQL blocked ip table name:\n";
$config .= "$" . "gb_mysql_blocked = '" . $_POST['mysql_prefix'] . "blocked';\n\n";
$config .= "// MySQL setting table name:\n";
$config .= "$" . "gb_mysql_settings = '" . $_POST['mysql_prefix'] . "settings';\n\n";
$config .= "// MySQL hostname (usually 'localhost'):\n";
$config .= "$" . "gb_mysql_host = '" . $mysql_host . "';\n\n";
$config .= "// MySQL username:\n";
$config .= "$" . "gb_mysql_username = '" . $_POST['mysql_username'] . "';\n\n";
$config .= "// MySQL password:\n";
$config .= "$" . "gb_mysql_password = '" . $_POST['mysql_password'] . "';\n\n";
$config .= "// OpenGB root directory (include trailing '/'):\n";
$config .= "$" . "gb_root = 'http://" . $_SERVER['HTTP_HOST'] . substr($_SERVER['REQUEST_URI'],0,-22) . "';\n\n";
$config .= "// The following line tells OpenGB it has been installed. Set it to false to re-install:\n";
$config .= "$" . "gb_installed = true;\n\n";
$config .= "// The OpenGB version number:\n";
$config .= "$" ."gb_version = '" . $gb_version . "';\n\n";
$config .= "?>";
// Attempt to write to config.php...
if(@file_put_contents('../config.php',$config) == false) {
// ...fails, so print error message and option to manullly create file
echo "<h1>Error</h1>\n";
echo "<p>OpenGB installer was unable to write to the file <pre>config.php</pre>, please make sure this file has the appropriate permissions to write using the unix command <pre>chmod 777 config.php</pre>.</p>\n";
echo "<p>You can also manully replace the file, 'config.php', in the gb folder, with the following code:</p>\n";
echo "<textarea rows=\"20\" cols=\"50\">\n";
echo $config;
echo "</textarea>";
exit;
}
include('../config.php');
$link = mysql_connect($gb_mysql_host,$gb_mysql_username,$gb_mysql_password);
mysql_select_db($gb_mysql_dbname);
$query = "CREATE TABLE IF NOT EXISTS `" . $gb_mysql_guestbook . "` (
`id` INT NOT NULL AUTO_INCREMENT ,
`comment` TEXT NOT NULL ,
`name` VARCHAR( 100 ) NULL ,
`email` VARCHAR( 100 ) NULL ,
`show_email` BOOL NULL DEFAULT '0',
`website` VARCHAR( 100 ) NULL ,
`ip` VARCHAR( 15 ) NOT NULL ,
`date` VARCHAR( 20 ) NULL,
PRIMARY KEY ( `id` )
)";
mysql_query($query);
$query = "INSERT INTO `" . $gb_mysql_guestbook . "` (
`id` ,
`comment` ,
`name` ,
`email` ,
`show_email` ,
`website` ,
`ip` ,
`date`
)
VALUES (
NULL , 'Welcome to OpenGB! Your new guestbook is up and running.', 'OpenGB', NULL , '0', 'http://opengb.googlecode.com', '', NULL
);
";
mysql_query($query);
$query = "CREATE TABLE IF NOT EXISTS `" . $gb_mysql_blocked . "` (
`ip` VARCHAR( 15 ) NOT NULL ,
PRIMARY KEY ( `ip` )
)";
mysql_query($query);
//Create and populate 'settings' table:
$settings_query = "
CREATE TABLE IF NOT EXISTS `$gb_mysql_settings` (
`id` VARCHAR( 100 ) NOT NULL ,
`value` VARCHAR( 500 ) NOT NULL ,
`comments` VARCHAR( 1000 ) NULL,
PRIMARY KEY ( `id` )
)"; //Creates the table to store guestbook settings, some of which have been passed from the form on install.php
if(!@mysql_query($settings_query))
die('Error executing MySQL query. Please <a href="install.php">go back</a> and try again. <!-- Error details: mysql_query function returned a false value on line 202. MySQL said: '.mysql_error().'-->');
// Grab any settings user may already have, and put into an array in $tmp_settings:
$setting_query = "SELECT * FROM `$gb_mysql_settings`";
$setting_query_result = @mysql_query($setting_query);
while($setting_query_data = @mysql_fetch_array($setting_query_result,MYSQL_ASSOC)) {
$tmp_settings[$setting_query_data['id']] = $setting_query_data['value'];
}
// Build query to populate settings table with existing values
// or default values if no exisiting value exists for each one
$settings_query = "INSERT INTO `$gb_mysql_settings` VALUES ";
if(isset($tmp_settings['title']))
$settings_query .= "('title','" . $tmp_settings['title'] . "','Appears in title bar'), ";
else
$settings_query .= "('title','" . $_POST['title'] . "','Appears in title bar'), ";
if(isset($tmp_settings['password']))
$settings_query .= "('password','" . $tmp_settings['password'] . "','md5 hash of password'), ";
else
$settings_query .= "('password','" . md5($_POST['password']) . "','md5 hash of password'), ";
if(isset($tmp_settings['scan_words']))
$settings_query .= "('scan_words','" . $tmp_settings['scan_words'] . "','set to true to block comments containing words in words'), ";
else
$settings_query .= "('scan_words','true','set to true to block comments containing words in words'), ";
if(isset($tmp_settings['words']))
$settings_query .= "('words','" . $tmp_settings['words'] . "','if scan_words is set to true, block comments with these words separated by commas'), ";
else
$settings_query .= "('words','fuck, fuk, fucking, cunt, bastard, dick, ass, viagra, sex, porn','if scan_words is set to true, block comments with these words separated by commas'), ";
if(!isset($tmp_settings['analytics_code']))
$settings_query .= "('analytics_code','','leave empty to not install tracking code on each page'), ";
if(!isset($tmp_settings['posting_bbcode']))
$settings_query .= "('posting_bbcode','true','Set to true to allow BBCode in posts, set to false to disable'), ";
if(!isset($tmp_settings['posting_smilies']))
$settings_query .= "('posting_smilies','true','Set to true to allow smilies in posts, set to false to disable'), ";
if(!isset($tmp_settings['require_name']))
$settings_query .= "('require_name','true','Set to true to force posters to provide a name, set to false to make it optional'), ";
if(!isset($tmp_settings['require_email']))
$settings_query .= "('require_email','false','Set to true to force posters to provide an email address, set to false to make it optional'), ";
if(!isset($tmp_settings['captcha']))
$settings_query .= "('captcha','true','set to true to use captcha security image in posts'), ";
$settings_query .= "('skin','default','stored in gb/skins');";
@mysql_query($settings_query); // or die("Error populating settings table: " . mysql_error());
mysql_close($link);
/*if($_POST['upgrade'] == 'yes') {
header('Location: ../index.php');
exit;
}*/
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Install OpenGB</title>
<link href="../default_style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="gb_container">
<img src="../images/logo.gif" width="253" height="53" alt="OpenGB Guestbook" />
<h1>Installation complete</h1>
<p>OpenGB <?php echo $gb_version; ?> has installed successfully. Although not nessecary, you may delete the gb-install directory for extra security.</p>
<p>Please consult <a href="../documentation.html">documentation.html</a> and our <a href="http://opengb.sourceforge.net/">online documentation</a> for help on skinning the guestbook.</p>
<p><a href="../index.php"><img src="../images/icons/arrow_right_green_48.png" alt="click here to proceed to the guestbook" title="Proceed to guestbook" width="48" height="48" border="0" /></a></p>
</div>
</body>
</html>