Location: PHPKode > projects > SkyBlueCanvas Lightweight CMS > setup/index.php
<?php

/**
* @version		1.1 RC1 2008-11-20 21:18:00 $
* @package		SkyBlueCanvas
* @copyright	Copyright (C) 2005 - 2008 Scott Edwin Lewis. All rights reserved.
* @license		GNU/GPL, see COPYING.txt
* SkyBlueCanvas is free software. This version may have been modified pursuant
* to the GNU General Public License, and as distributed it includes or
* is derivative of works licensed under the GNU General Public License or
* other free or open source software licenses.
* See COPYING.txt for copyright notices and details.
*/

ini_set('error_reporting', E_ALL);
ini_set('display_errors', 'On');

define('SKYBLUE', 1);
define('BASE_PAGE', 'index.php');
define('SETUP_PATH_TO_ROOT', '../');

define('SETUP_USERNAME_LENGTH', 4);
define('SETUP_PASSWORD_LENGTH', 4);

define('SETUP_PASSWORD_NOT_SAVED', 
    'You username and password could not be saved.');

define('SETUP_USERNAME_NULL',      
    'You did not provide a username.');

define('SETUP_USERNAME_TOO_SHORT',      
    'Your username must be at least ' . SETUP_USERNAME_LENGTH . ' characters long.');

define('SETUP_PASSWORD_NULL',      
    'You did not provide a password.');

define('SETUP_PASSWORD_TOO_SHORT',      
    'Your password must be at least ' . SETUP_PASSWORD_LENGTH . ' characters long.');

define('SETUP_PASSWORD_MISMATCH',  
    'Your password confirmation did not match the password you entered.');

define('SETUP_URL_LOGIN',       '../admin.php');
define('SETUP_HTML_SKIN',       '../ui/admin/html/skin.index.html');
define('SETUP_HTML_NO_INSTALL', "html/no.install.html");
define('SETUP_HTML_CONFIG_TABLE', "html/config.table.html");
define('SETUP_HTML_URL',        'html/address.html');
define('SETUP_HTML_PASSWORD',   'html/password.html');
define('SETUP_HTML_FINISH',     'html/finish.html');
define('SETUP_TOKEN_ERROR',     '{error}');
define('SETUP_KEY_USERNAME',    'username');
define('SETUP_KEY_PASSWORD',    'password');
define('SETUP_KEY_SAVEPASS',    'savepassword');
define('SETUP_KEY_SAVEURL',     'saveurl');
define('SETUP_KEY_SHOWURL',     'urlpage');
define('SETUP_KEY_FINISH',      'finish');
define('SETUP_KEY_ERROR',       'error');
define('SETUP_KEY_MSG',         'message');
define('SETUP_KEY_EVENT',       'event');
define('SETUP_KEY_START',       'start');
define('SETUP_STR_LOGIN',       'login');
define('SETUP_TYPE_PASSWORD',   'login');
define('SETUP_KEY_CONFIRM_PASSWORD', 'confirmpassword');

define('SETUP_URL_START', 
    BASE_PAGE
);


define('SETUP_URL_PASSWORD', 
    BASE_PAGE . '?' . SETUP_KEY_EVENT . '=' . SETUP_KEY_PASSWORD
);

define('SETUP_URL_FINISH',   
    BASE_PAGE . '?' . SETUP_KEY_EVENT . '=' . SETUP_KEY_FINISH
);
    
define('SETUP_URL_URL', 
    BASE_PAGE . '?' . SETUP_KEY_EVENT . '=' . SETUP_KEY_SHOWURL
);

require_once(SETUP_PATH_TO_ROOT . 'includes/object.class.php');
require_once(SETUP_PATH_TO_ROOT . 'includes/observer.class.php');
require_once(SETUP_PATH_TO_ROOT . 'includes/error.class.php');
require_once(SETUP_PATH_TO_ROOT . 'includes/conf.functions.php');
require_once(SETUP_PATH_TO_ROOT . 'includes/filter.php');
require_once(SETUP_PATH_TO_ROOT . 'includes/filesystem.php');
require_once(SETUP_PATH_TO_ROOT . 'includes/core.php');
require_once(SETUP_PATH_TO_ROOT . 'includes/skin.class.php');
require_once(SETUP_PATH_TO_ROOT . 'includes/factory.bundle.php');
require_once(SETUP_PATH_TO_ROOT.'includes/request.php');

$Core   = new Core(array('path'=>SETUP_PATH_TO_ROOT));
$config = $Core->LoadConfig();

new SetupWizard();

class SetupWizard {
    var $event;
    var $html;
    var $error;
    var $config;
    var $IsError;
    var $configTable;
    var $safeMode;
    var $hasPosix;
    
    function __construct() {
        global $Core;
        
            $this->hasPosix = $this->hasPosixEnabled();
        
			$this->event = $Core->GetVar($_REQUEST, SETUP_KEY_EVENT, null);
	
			if ($this->event !== SETUP_KEY_FINISH && $this->CheckExistingInstall()) {
				$this->ShowNoInstall(); 
				exit(0);
			}

			$this->GetLastError();
			
			switch ($this->event) {
				case SETUP_KEY_SAVEPASS:
					$this->SavePassword();
					break;
				case SETUP_KEY_FINISH:
					$this->Finish();
					break;
			    case SETUP_KEY_SAVEURL:
			        $this->SaveUrl();
			        break;
			    case SETUP_KEY_SHOWURL:
					if (!$this->DoConfigCheck()) {
						$Core->SBRedirect(SETUP_URL_START);
					}
			        $this->UrlPage();
			        $this->ShowPage();
			        break;
				case SETUP_KEY_PASSWORD:
				case SETUP_KEY_START:
					if (!$this->DoConfigCheck()) {
						$Core->SBRedirect(SETUP_URL_START);
					}
					$this->StartPage();
					$this->ShowPage();
					break;
			    case 'login':
			        $Core->SBRedirect(SETUP_URL_LOGIN);
			        break;
			    default:
					$this->ShowConfigTable();
			        break;
			}
    }
    
    function SetupWizard() {
        $this->__construct();
    }
    
    function hasPosixEnabled() {
        return (function_exists('posix_geteuid') && is_callable('posix_geteuid'));
    }
    
    function makeRequiredDirs() {
        $required = array(
            SETUP_PATH_TO_ROOT . 'data/ads',
			SETUP_PATH_TO_ROOT . 'data/gadgets',
			SETUP_PATH_TO_ROOT . 'cache'
        );
        for ($i=0; $i<count($required); $i++) {
            if (!is_dir($required[$i])) {
				FileSystem::make_dir($required[$i]);
			}
        }
    }
    
    function DoConfigCheck() {
        global $Core;
        
        $this->makeRequiredDirs();
        
        $file_flag = 1;
        $dir_flag  = 1;
    
        $safemode = ini_get('safe_mode');
        $this->safeMode = $safemode;
                
        $files = $Core->ListFiles(SETUP_PATH_TO_ROOT . 'data/xml/', array());
		$dirs  = array(
		    SETUP_PATH_TO_ROOT . 'data/',
			SETUP_PATH_TO_ROOT . 'data/ads/',
			SETUP_PATH_TO_ROOT . 'data/gadgets/',
			SETUP_PATH_TO_ROOT . 'data/media/',
			SETUP_PATH_TO_ROOT . 'data/plugins/',
			SETUP_PATH_TO_ROOT . 'data/skins/',
			SETUP_PATH_TO_ROOT . 'data/xml/'
		);
		
		$dir_list = array();
		for ($i=0; $i<count($dirs); $i++) {
		    $writable = FileSystem::writable($dirs[$i]);
			if ($writable) {
				$dir_flag = 0;
			}
			array_push($dir_list, array($dirs[$i], $writable));
		}
		
		$file_list = array();
		for ($i=0; $i<count($files); $i++) {
		    $writable = FileSystem::writable($files[$i]);
			if ($writable) {
				$file_flag = 0;
			}
			array_push($file_list, array($files[$i], $writable));
		}
		
		$this->configTable = array(
		    'safe_mode' => $safemode,
		    'dir_list'  => $dir_list,
		    'file_list' => $file_list
		);
		
		if ($dir_flag == 1 || $file_flag == 1) {
		    return false;
		}
		return true;
    }
    
    function getExpectedPerms($file) {
    
        if (!$this->hasPosix) {
            return "775";
        }
    
		$pgid = FileSystem::process_gid();
		$puid = FileSystem::process_uid();
		$sgid = FileSystem::file_group($file);
		$suid = FileSystem::file_uid($file);
		$snam = FileSystem::file_owner($file);
		$pmem = FileSystem::process_members();
		
		if ($puid == $suid) {
			return "644";
		}
		else if ($pgid == $sgid) {
			return "775";
		}
		else if (in_array($suid, $pmem) || in_array($snam, $pmem)) {
			return "775";
		}
		return "777";
    }
    
    function ShowConfigTable() {
    
        $flag = $this->DoConfigCheck() == 0;
    
        $safemode = $this->configTable['safe_mode'];
        $dir_list = $this->configTable['dir_list'];
        $file_list = $this->configTable['file_list'];
        
        $caution_flag = 0;
        
        global $Core;
        $this->html = str_replace(
            '{page:content}',
            FileSystem::read_file(SETUP_HTML_CONFIG_TABLE),
            FileSystem::read_file(SETUP_HTML_SKIN)
        );
        $this->html = str_replace('"ui/', '"../ui/', $this->html);
        
        $dontShow = array(
            '{page:dashboard}',
            '{analytics}',
            '{inc:wysiwygeditor}',
            '{inc:scripts}'
        );
        
        $class = 'pass';
        $value = 'Off';
        if ($safemode == 1) {
			$class = 'fail';
			$value = 'On';
        }
        
        $server_settings = 
        	"<tr><td class=\"$class\">Safe Mode</td>" 
            . "<td class=\"$class\" align=\"center\">{$value}</td>" 
            . "<td class=\"expected\" align=\"center\">Off</td></tr>";
        
        $class = 'pass';
        if (!$this->hasPosix) {
            $class = 'fail';
        }
        
        $posix = "Enabled";
        if (!$this->hasPosix) {
            $posix = "Disabled";
        }
		$server_settings .= 
			"<tr><td class=\"$class\">Posix Library</td>" 
			. "<td class=\"$class\" align=\"center\">{$posix}</td>" 
			. "<td class=\"expected\" align=\"center\">Enabled</td></tr>";

        $this->html = str_replace(
            '{config_test:settings}',
            $server_settings,
            $this->html
        );
        
        $class = '';
        $value = '';
        
        $rows = null;
        for ($i=0; $i<count($dir_list); $i++) {
            $dirname = str_replace('../', '', $dir_list[$i][0]);
            
            $perms = @substr(decoct(fileperms($dir_list[$i][0])), -3);
            $expected = $this->getExpectedPerms($dir_list[$i][0]);
            
            if ($expected == "777") {
                $caution_flag = 1;
            }

             $class = 'pass';
            if (!$this->perm_compare($expected, $perms)) {
                $flag  = 1;
                $class = "fail";
            }
            
            $rows .= "<tr><td class=\"$class\">{$dirname}</td>"
                . "<td  align=\"center\" class=\"$class\">{$perms}</td>" 
                . "<td class=\"expected\" align=\"center\">$expected</td></tr>\n";
        }
        $this->html = str_replace(
            '{config_test:dirs}',
            $rows,
            $this->html
        );
        
        $rows = null;
        for ($i=0; $i<count($file_list); $i++) {
            $filename = str_replace('../', '', $file_list[$i][0]);
            
            $perms = @substr(decoct(fileperms($file_list[$i][0])), -3);
            $expected = $this->getExpectedPerms($file_list[$i][0]);
            
            if ($expected == "777") {
                $caution_flag = 1;
            }

            $class = "pass";
            if (!$this->perm_compare($expected, $perms)) {
                $flag  = 1;
                $class = "fail";
            }
            
            $rows .= "<tr><td class=\"$class\">{$filename}</td>"
                . "<td  align=\"center\" class=\"$class\">{$perms}</td>" 
                . "<td class=\"expected\" align=\"center\">$expected</td></tr>\n";
        }
        $this->html = str_replace(
            '{config_test:files}',
            $rows,
            $this->html
        );
        
        
        $configStyle  = "div#no-posix, #config-pass, #config-warn {display:none;}";
        
        if (!$flag && $caution_flag) {
            $configStyle  = "div#no-posix, #config-pass, #config-fail {display:none;}";
        }
        else if (!$flag) {
            $configStyle  = "div#no-posix, #config-fail, #config-warn {display:none;}";
        }
        
        if (!$this->hasPosix) {
            $configStyle = "#config-pass, #config-warn, #config-fail {display:none;}";
        }
        
        $this->html = str_replace('/*config-style*/', $configStyle, $this->html);
        $this->html = str_replace($dontShow, null, $this->html);
        $this->html = str_replace('{skyblue:name}',    SB_PROD_NAME, $this->html);
        $this->html = str_replace('{skyblue:version}', SB_VERSION,   $this->html);
        $this->html = str_replace('{page:title}', 'Configuration Details',   $this->html);
        echo $this->html;
    }
    
    function perm_compare($perm1, $perm2) {
        if (strlen($perm1) != 3) return false;
        if (strlen($perm2) != 3) return false;
        if (intval($perm1{0}) > intval($perm2{0})) {
            return false;
        }
        if (intval($perm1{1}) > intval($perm2{1})) {
            return false;
        }
        if (intval($perm1{2}) > intval($perm2{2})) {
            return false;
        }
        return true;
    }
    
    function CheckExistingInstall() {
        global $Core;

        if (file_exists(SB_LOGIN_FILE) &&
            file_exists(SB_CONFIG_XML_FILE) && 
            file_exists(SB_PAGE_FILE) &&
            file_exists(SB_MENU_GRP_FILE))
        {
            return 1;
        }
        return 0;
    }
    
    function ShowNoInstall() {
        global $Core;
        $this->html = str_replace(
            '{page:content}',
            FileSystem::read_file(SETUP_HTML_NO_INSTALL),
            FileSystem::read_file(SETUP_HTML_SKIN)
        );
        $this->html = str_replace('"ui/', '"../ui/', $this->html);
        
        $dontShow = array(
            '{page:dashboard}',
            '{analytics}',
            '{inc:wysiwygeditor}',
            '{inc:scripts}'
        );
        $this->html = str_replace($dontShow, null, $this->html);
        $this->html = str_replace('{skyblue:name}',    SB_PROD_NAME, $this->html);
        $this->html = str_replace('{skyblue:version}', SB_VERSION,   $this->html);
        $this->html = str_replace('{page:title}', 'Create Your Password',   $this->html);
        echo $this->html;
    }
    
    function Finish() {
        global $Core;
        $this->html = str_replace(
            '{page:content}',
            FileSystem::read_file(SETUP_HTML_FINISH),
            FileSystem::read_file(SETUP_HTML_SKIN)
        );
        $this->html = str_replace('"ui/', '"' . SETUP_PATH_TO_ROOT .  'ui/', $this->html);
        $dontShow = array(
            '{page:dashboard}',
            '{analytics}',
            '{inc:wysiwygeditor}',
            '{inc:scripts}'
        );
        $this->html = str_replace($dontShow, null, $this->html);
        $this->html = str_replace('{skyblue:name}',    SB_PROD_NAME, $this->html);
        $this->html = str_replace('{skyblue:version}', SB_VERSION,   $this->html);
        $this->html = str_replace('{page:title}', 'Congratulations!',   $this->html);
        echo $this->html;
    }
        
    function GetLastError() {
        if (isset($_SESSION[SETUP_KEY_ERROR]) &&
            !empty($_SESSION[SETUP_KEY_ERROR]))
        {
            $error = $_SESSION[SETUP_KEY_ERROR];
            unset($_SESSION[SETUP_KEY_ERROR]);
            $this->error = 
            "<div class=\"msg-error\">\n" . 
            "<h2>Error</h2>\n" . 
            "<p>" . $error[SETUP_KEY_MSG] . "</p>\n" . 
            "</div>\n";
        }
    }
       
    function InitLoginFile() {
        global $Core;
        if (file_exists(SB_LOGIN_FILE)) {
            $this->CheckExistingInstall();
        }
        $xml = $Core->xmlHandler->ObjsToXML(array(), SETUP_TYPE_PASSWORD);
        $Core->WriteFile(SB_LOGIN_FILE, $xml);
    }
    
    function SetError($message) {
        $_SESSION[SETUP_KEY_ERROR] = array(
            SETUP_KEY_MSG  => $message
        );
    }
    
    function ConfirmAuthInfo($username, $password, $confirm) {
        if (empty($username)) {
            $this->IsError = 1;
            $this->SetError(SETUP_USERNAME_NULL);
            return;
        }
        else if (strlen($username) < SETUP_USERNAME_LENGTH) {
            $this->IsError = 1;
            $this->SetError(SETUP_USERNAME_TOO_SHORT);
            return;
        }
        else if (empty($password)) {
            $this->IsError = 1;
            $this->SetError(SETUP_PASSWORD_NULL);
            return;
        }
        else if (strlen($password) < SETUP_PASSWORD_LENGTH) {
            $this->IsError = 1;
            $this->SetError(SETUP_PASSWORD_TOO_SHORT);
            return;
        }
        else if ($password !== $confirm) {
            $this->IsError = 1;
            $this->SetError(SETUP_PASSWORD_MISMATCH);
            return;
        }
    }
    
    function SavePassword() {
        global $Core;
        global $config;
        
        $username = $Core->GetVar($_POST, SETUP_KEY_USERNAME, null);
        $password = $Core->GetVar($_POST, SETUP_KEY_PASSWORD, null);
        $confirm  = $Core->GetVar($_POST, SETUP_KEY_CONFIRM_PASSWORD, null);
        
        $this->ConfirmAuthInfo($username, $password, $confirm);

        if ($this->IsError) {
            $Core->SBRedirect(SETUP_URL_PASSWORD);
            exit(0);
        }
            
        $_SESSION[SETUP_KEY_ERROR] = null;
		$this->InitLoginFile();
		
		$login = new stdClass;
		$login->id = 1;
		$login->username = md5(
			SB_PASS_SALT.$Core->GetVar($_POST, SETUP_KEY_USERNAME, null)
	    );
		$login->password = md5(
			SB_PASS_SALT.$Core->GetVar($_POST, SETUP_KEY_PASSWORD, null)
		);

		$xml = $Core->xmlHandler->ObjsToXML(array($login), SETUP_STR_LOGIN);
		
		if (!$Core->WriteFile(SB_LOGIN_FILE, $xml, 1)) {
			$this->IsError = 1;
			$this->SetError(SETUP_PASSWORD_NOT_SAVED);
			$Core->SBRedirect(SETUP_URL_PASSWORD);
		} 
		$Core->SBRedirect(SETUP_URL_FINISH);
    }
    
    function SaveUrl() {
        global $Core;
        global $config;
        
        $url = $Core->GetVar($_POST, 'url', null);
        
        $arr = $this->sbc_parse_url($url);
        
        if (!isset($arr['host']) || empty($arr['host'])) {
            $this->IsError = 1;
            $this->SetError(
                "You must specify a fully-qualified domain.<br />" 
                . "Example: http://www.mydomain.com"
            );
            $Core->SBRedirect(SETUP_URL_URL);
            exit(0);
        }
        
        $_SESSION[SETUP_KEY_ERROR] = null;
		
		$config = $Core->xmlHandler->ParserMain(SB_CONFIG_XML_FILE);
		$config = $config[0];
		
		$config->site_url = $url;
		
		$xml = $Core->xmlHandler->ObjsToXML(array($config), "configuration");
		
		if (!$Core->WriteFile(SB_CONFIG_XML_FILE, $xml, 1)) {
			$this->IsError = 1;
			$this->SetError("Your web site address could not be saved");
			$Core->SBRedirect(SETUP_URL_URL);
		} 
		$Core->SBRedirect(SETUP_URL_PASSWORD);
    }
    
    function sbc_parse_url($url) {
		if (empty($url)) return array();
		return @parse_url($url);
    }
    
    function ShowPage() {
        echo str_replace(SETUP_TOKEN_ERROR, $this->error, $this->html);
    }
    
    function UrlPage() {
        global $Core;
        $this->html = str_replace(
            '{page:content}',
            FileSystem::read_file(SETUP_HTML_URL),
            FileSystem::read_file(SETUP_HTML_SKIN)
        );
        $this->html = str_replace('"ui/', '"' . SETUP_PATH_TO_ROOT .  'ui/', $this->html);
        $dontShow = array(
            '{page:dashboard}',
            '{analytics}',
            '{inc:wysiwygeditor}',
            '{inc:scripts}'
        );
        $this->html = str_replace($dontShow, null, $this->html);
        $this->html = str_replace('{skyblue:name}',    SB_PROD_NAME, $this->html);
        $this->html = str_replace('{skyblue:version}', SB_VERSION,   $this->html);
        $this->html = str_replace('{page:title}', 'Enter Your Site URL',   $this->html);
    }
    
    function StartPage() {
        global $Core;
        $this->html = str_replace(
            '{page:content}',
            FileSystem::read_file(SETUP_HTML_PASSWORD),
            FileSystem::read_file(SETUP_HTML_SKIN)
        );
        $this->html = str_replace('"ui/', '"' . SETUP_PATH_TO_ROOT .  'ui/', $this->html);

        if ($this->safeMode == 1) {
            $this->html = str_replace(
                '<!--#safemode_flag-->',
                '<div class="msg-warning"><h2>Warning</h2>' . 
                '<p>Safe Mode is enabled on your server. You can continue with the installation ' . 
                'but this may cause SkyBlueCanvas to malfunction.</p></div>',
                $this->html
            );
        }
        
        $dontShow = array(
            '{page:dashboard}',
            '{analytics}',
            '{inc:wysiwygeditor}',
            '{inc:scripts}'
        );
        $this->html = str_replace($dontShow, null, $this->html);
        $this->html = str_replace('{skyblue:name}',    SB_PROD_NAME, $this->html);
        $this->html = str_replace('{skyblue:version}', SB_VERSION,   $this->html);
        $this->html = str_replace('{page:title}', 'Create Your Password',   $this->html);
    }
    
}

?>
Return current item: SkyBlueCanvas Lightweight CMS