Location: PHPKode > projects > ProjectPress > projectpress/installer/assets/helper.sessions.php
<?php if(!defined('INST_BASEDIR')) die('Direct access is not allowed!');

    /* ====================================================================
    *
    *                            PHP Setup Wizard
    *
    *                        -= SESSION VALIDATION =-
    *
    *  Do not change anything in this file unless you are certain what
    *  you are doing. Any modifycations here might break the installer!
    *
    *  ================================================================= */
    


	//========================================[ VARIABLES ]========================================//
    
    // Setup the session variables used in this process
	$ID = $config['session_prefix'];
    $connect = 'connection'; 
	$admin   = 'admin';
	$serial  = 'serial';
    $special = 'special';
    $stepkey = 'step';
    $agreemt = 'agreement';	
	
	// The 'doneaction' post is set in the last step of the
	// installer and affects this variable to reset all sessions
	$forceResetAll = false;


	//========================================[ REMOVE OLD CONFIG ]========================================//

	if(isset($_REQUEST['doneaction']))
	{
		// If the user requested that current config should be removed
		if($_REQUEST['doneaction'] == 'removeold')
		{
			/*
			*   This is done here so all the sessions can be reset after
			*   the config has been removed. Othervice the user would have 
			*   to enter a button twice - once for removing the config and
			*   again to reset the sessions and continue
			*/

			$forceResetAll = DeleteFinalOutputConfig();
		}
	}
    

	//========================================[ RESET SESSIONS ]========================================//

    // If reset is requested - sessions are reset and $keywords
    // will be back to defaults
    if($forceResetAll || isset($_REQUEST['reset']))
    {
		if($forceResetAll || $_REQUEST['reset'] == 'all')
		{
			unset($_SESSION[$ID]);
			session_destroy();
		}

		else if($_REQUEST['reset'] == $connect)
			unset($_SESSION[$ID][$connect]);

		else if($_REQUEST['reset'] == $special)
			unset($_SESSION[$ID][$special]);

		else if($_REQUEST['reset'] == $serial)
			unset($_SESSION[$ID][$serial]);

		else if($_REQUEST['reset'] == 'additional')
			unset($_SESSION[$ID][STEP_ADDEDINFO]);

		else if($_REQUEST['reset'] == $admin)
		{
			unset($_SESSION[$ID][$admin]); # Admin data
			SetAdminAccountStatus(); # Admin creation status
		}

		else if($_REQUEST['reset'] == 'install')
			ResetDatabaseInstallStatus();
    }


	//========================================[ SET DEFAULT VALUES ]========================================//
    
	// Set the default keyword values from config to session if not set        
    if(!isset($_SESSION[$ID][$special])) 
        $_SESSION[$ID][$special] = $keywords[$special]; 

	if(!isset($_SESSION[$ID][$serial])) 
        $_SESSION[$ID][$serial] = $keywords[$serial]; 

	if(!isset($_SESSION[$ID][$connect])) 
	{
        $_SESSION[$ID][$connect] = $keywords[$connect];    
		if($steps[STEP_DBCONNECT]['encryptlogin']) 
		{
			$_SESSION[$ID][$connect]['hostname'] = Encrypt($keywords[$connect]['hostname']);
			$_SESSION[$ID][$connect]['username'] = Encrypt($keywords[$connect]['username']);
			$_SESSION[$ID][$connect]['password'] = Encrypt($keywords[$connect]['password']);
			$_SESSION[$ID][$connect]['database'] = Encrypt($keywords[$connect]['database']);
		}
	}

	if(!isset($_SESSION[$ID][$admin])) 
	{
        $_SESSION[$ID][$admin] = $keywords[$admin];    
		if($steps[STEP_ROOTUSER]['encryptdata'])
		{
			foreach($keywords[$admin] as $adminKey=>$defaultValue)
				$_SESSION[$ID][$admin][$adminKey] = Encrypt($defaultValue);
		}
	}

	if(!isset($_SESSION[$ID][STEP_ADDEDINFO])) 
		$_SESSION[$ID][STEP_ADDEDINFO] = false;
	
	//========================================[ SYNCRONIZE SESSIONS and $KEYWORDS ]========================================//

	/* 
	*   If new keywords where added AFTER the installer was launched (sessions are set) then someone is probably
	*   modifying the installer to fit some system - then it would be very anoying to constantly have to reset
	*   sessions in order to get the new keywords in the session. Same goes if some keyword is removed or renamed
	*   it will not change in the sessions. This piece of code is to syncronize the sessions with the keywords array
	*/

	$parts = array($special, $serial, $connect, $admin);
	foreach($parts as $part)
	{
		// New keywords have been added to $keywords array - add new
		foreach($keywords[$part] as $key=>$value)
		{
			if(!isset($_SESSION[$ID][$part][$key]))
			{
				// Admin part might be encrypted
				if($part == $admin && $steps[STEP_ROOTUSER]['encryptdata'])
					 $_SESSION[$ID][$part][$key] = Encrypt($value);
				else $_SESSION[$ID][$part][$key] = $value;			
			}
		}

		// Keyword has been removed or renamed - delete unknown keys
		$removeKeys = array();
		foreach($_SESSION[$ID][$part] as $key=>$value)
		{
			if(!isset($keywords[$part][$key]))
				$removeKeys[] = $key;
		}
		// Remove keys are stored until all session array has been 
		// checked - then if some keys where added, remove them
		foreach($removeKeys as $remove)
		{
			unset($_SESSION[$ID][$part][$remove]);
		}
	}


	//========================================[ PROCESS POSTED KEYWORDS ]========================================//
    
    // If there are some posted values, compare them against connection/special 
	// keywords session and override any values that match. The changes will be 
	// updated to $keywords below
    if(isset($_POST) && count($_POST) > 0)
    {
		// If the additional step is enabled, and the "update to sessions" flag 
		// is set - then reset the sessions to remember every posted value
		if($steps[STEP_ADDEDINFO]['enabled'] && isset($_POST[STEP_ADDEDINFO]) && $_POST[STEP_ADDEDINFO] == 'save_to_sessions')
		{
			$_SESSION[$ID][STEP_ADDEDINFO] = array();

			// Set default values first, all keywords will be part of this array
			foreach($steps[STEP_ADDEDINFO]['form'] as $control)
			{
				if(is_array($control) && isset($control['keyword']))
				{
					if(isset($control['value_off']))
						 $_SESSION[$ID][STEP_ADDEDINFO][$control['keyword']] = $control['value_off'];
					else $_SESSION[$ID][STEP_ADDEDINFO][$control['keyword']] = '';
				}
			}

			// Update all values that were posted - but those that were not remain empty
			foreach($_POST as $key=>$value)
			{
				if($key == STEP_ADDEDINFO || $key == 'step' || $key == 'submit')
					continue;

				// to be sure it will be "string" type
				$value = trim(strval($value));
				$_SESSION[$ID][STEP_ADDEDINFO][$key] = $value; 
			}
		}

		// For the reset of the installer
		else
		{
			foreach($_POST as $key=>$value)
			{
				$value = trim($value);

				// Special keywords are just stored
				if(array_key_exists($key, $_SESSION[$ID][$special]))
					$_SESSION[$ID][$special][$key] = $value;

				// Serial keywords have flags as well
				if(array_key_exists($key, $_SESSION[$ID][$serial]))
				{
					// If "keyvalue" was posted, check if it matches configured serial
					if($key == 'keyvalue')
					{
						$_SESSION[$ID][$serial]['keyvalue'] = $value;
						$_SESSION[$ID][$serial]['isTrial'] = false;
						$_SESSION[$ID][$serial]['isMatch'] = IsSerialKeyMatch($value);
					}

					// If trial was clicked, clear the serial entered as it does not matter
					// when serial is selected
					else if($key == 'isTrial')
					{
						$_SESSION[$ID][$serial]['keyvalue'] = '';
						$_SESSION[$ID][$serial]['isTrial'] = true;
						$_SESSION[$ID][$serial]['isMatch'] = false;
					}
				}

				// Connection keywords need proper caring :)
				else if(array_key_exists($key, $_SESSION[$ID][$connect]))
				{
					// If encryption is enabled, encrypt the login to session
					if ($steps[STEP_DBCONNECT]['encryptlogin'] && in_array($key, array('password','username','hostname','database')) )
						$_SESSION[$ID][$connect][$key] = Encrypt($value);

					// prefix is set using a function to enable the installer to 
					// update the value directly if needed
					else if($key == 'dbprefix')
						SetSessionPrefix($value);

					// The other keywords are treated normally
					else 
						$_SESSION[$ID][$connect][$key] = $value;
				}

				// The data posted when root user is being created
				else if(array_key_exists($key, $_SESSION[$ID][$admin]))
				{
					if($steps[STEP_ROOTUSER]['encryptdata'])
						 $_SESSION[$ID][$admin][$key] = Encrypt($value);
					else $_SESSION[$ID][$admin][$key] = $value;
				}
			}
		}
    }


	//========================================[ DETERMINE THE CURRENT STEP ]========================================//
   
    // If the step session is not set, set it to the first 
	// steps depending on the configuration
	if(!isset($_SESSION[$ID][$stepkey]))
	{
		/**
		*     NOTE: IF YOU WANT THE TWO FIRST STEPS TO BE "SKIPPED" BUT STILL MAKE IT AVAILABLE
		*           AS IN - THE INSTALLER WILL START ON WELCOME MESSAGE BUT THE USER CAN CLICK
		*           [BACK] TO SEE THE TESTS HIM SELF = THEN CHANGE THE STEP_MODULECHECK to STEP_WELCOME
		*
		*/

		// Get the first step-key and ishidden in $steps
		reset($steps);
		$firstStep = key($steps);
		$firstIsHidden = (isset($steps[$firstStep]['ishidden'])) ? $steps[$firstStep]['ishidden'] : false;

		// Set the session to the first step, or the next available step
		if($steps[$firstStep]['enabled'] && !$firstIsHidden)
			 $_SESSION[$ID][$stepkey] = $firstStep;
		else $_SESSION[$ID][$stepkey] = GetNextStep($firstStep);
	}

	// If the step has been changed by POST or GET, update
	// the step session if the key exists in $steps	
	if(isset($_REQUEST[$stepkey]) && isset($steps[trim($_REQUEST[$stepkey])]))
	{
		$requested = trim($_REQUEST[$stepkey]);
		
		// If the requested step key is either disabled or set to ishidden, select the
		// next available step that is enabled or does not have an ishidden
		if( (isset($steps[$requested]['enabled']) && !$steps[$requested]['enabled'])  || 
	        (isset($steps[$requested]['ishidden']) && $steps[$requested]['ishidden'])  )
		{
			$step = GetNextStep($requested);
		}
		else
			$step = $requested;

		// Update the session with requested step key
		$_SESSION[$ID][$stepkey] = $step;
	}

	// The page was just reloaded, no step was set so keep the installer stationary
	else
		$step = $_SESSION[$ID][$stepkey];


	//========================================[ LICENSE AGREEMENT ]========================================//
        
    // License or Terms-Of-Use agreement must be approved if enabled in config
    if(!isset($_SESSION[$ID][$agreemt])) 
		$_SESSION[$ID][$agreemt] = false;
    if(isset($_REQUEST[$agreemt]))
    {
        if($_REQUEST[$agreemt] == 'approved')
             $_SESSION[$ID][$agreemt] = true;
        else $_SESSION[$ID][$agreemt] = false;
    }
    if($steps[STEP_TERMSOFUSE]['enabled'])
         $LICENSE_APPROVED = $_SESSION[$ID][$agreemt];
    else $LICENSE_APPROVED = true;
         
	
	//========================================[ SAVE CHANGES ]========================================//

	// Set the keywords with the updated session arrays and 
    // update the masks class with the changed values
    $keywords[$connect] = $_SESSION[$ID][$connect];
	$keywords[$serial] = $_SESSION[$ID][$serial];
    $keywords[$special] = $_SESSION[$ID][$special];
	$keywords[$admin] = $_SESSION[$ID][$admin];
	$keywords[STEP_ADDEDINFO] = $_SESSION[$ID][STEP_ADDEDINFO];

	// If the login is encrypted, it must be decrypted
	// before the values are to be used in the installer
	if($steps[STEP_DBCONNECT]['encryptlogin'])
	{
		// Trim is added here because when Blowfish is decrypted it adds four
		// unprintable characters at the end of the string, which trim removes
		$keywords[$connect]['hostname'] = trim(Decrypt($_SESSION[$ID][$connect]['hostname']));
		$keywords[$connect]['username'] = trim(Decrypt($_SESSION[$ID][$connect]['username']));
		$keywords[$connect]['password'] = trim(Decrypt($_SESSION[$ID][$connect]['password'])); 
		$keywords[$connect]['database'] = trim(Decrypt($_SESSION[$ID][$connect]['database'])); 
	}

	// If admin data is encrypted, decrypt the data before continue
	if($steps[STEP_ROOTUSER]['encryptdata'])
	{
		foreach($_SESSION[$ID][$admin] as $adminKey=>$defaultValue)
			$keywords[$admin][$adminKey] = trim(Decrypt($defaultValue));
	}


	//========================================[ CLEAN-UP ]========================================//

	// Remove the variables not used again
	unset($ID);
    unset($connect);
	unset($admin);
    unset($special);
    unset($stepkey);
    unset($agreemt);
	unset($requested);
Return current item: ProjectPress