<?php
# streber - a php5 based project management system (c) 2005-2007 / www.streber-pm.org
# Distributed under the terms and conditions of the GPL as stated in lang/license.html
/**
*
* installation
*
*/
error_reporting (E_ERROR | E_WARNING | E_PARSE | E_NOTICE | E_STRICT
|E_PARSE|E_CORE_ERROR|E_CORE_WARNING|E_COMPILE_ERROR
);
/**
* create a function to make sure we are starting from a valid entry points (all other php-files check this)
*/
function startedIndexPhp() {return true; } # define function
### bypassing date & timezone-related warnings with php 5.1
if (function_exists('date_default_timezone_set')) {
$tz= @date_default_timezone_get();
date_default_timezone_set($tz);
}
/**
*
* Add here new supported databases (the first being the default)
*
*/
$g_supported_db_types= array();
if(function_exists('mysql_connect')){
$g_supported_db_types[]='mysql';
}
if(function_exists('mysqli_connect')){
$g_supported_db_types[]='mysqli';
}
require_once(dirname(__FILE__)."/../std/common.inc.php");
#require_once(dirname(__FILE__)."/../std/errorhandler.inc.php");
require_once(dirname(__FILE__)."/../conf/defines.inc.php");
require_once(dirname(__FILE__)."/../conf/conf.inc.php");
require_once(dirname(__FILE__)."/install_forms.inc.php");
print_InstallationHTMLOpen();
clearRequestVars();
addRequestVars($_GET);
addRequestVars($_POST);
addRequestVars($_COOKIE);
if(!get('install_step')) {
step_01_checkEvironment();
}
else {
step_02_form_submit();
}
print_InstallationHTMLClose();
exit();
/**
* STEP WELCOME TO INSTALLATION
*/
function step_01_checkEvironment() {
global $g_supported_db_types;
$flag_errors=false;
echo "<h1>Welcome to installing streber ".confGet('STREBER_VERSION')."</h1>";
echo "<h2>Checking environment...</h2>";
### check php version ###
{
print_testStart("PHP-Version...");
$php_version=phpversion();
if($php_version > confGet('PHP_VERSION_REQUIRED')) {
print_testResult(RESULT_GOOD,"is $php_version");
}
else {
print_testResult(RESULT_FAILED,"Insufficient php version $php_version. Streber requires php v".confGet('PHP_VERSION_REQUIRED').".
You find additional information on how to get the latest php-version or a service provider
with php5 at the ".getStreberWikiLink('installation','installation guide'));
$flag_errors= true;
}
}
### check mysql-installed ###
{
print_testStart("Database installed?");
if(count($g_supported_db_types)) {
#$sql_obj = new sql_class('mysqli'); #@@@pixtur 2005-01-04: would creating the obj be better???
#if($sql_obj -> error == false){
print_testResult(RESULT_GOOD, "Database support available.");
}
else{
#print_testResult(RESULT_FAILED, $sql_obj->error);
print_testResult(RESULT_FAILED, "No mysql or mysqli supported");
$flag_errors= true;
}
#unset($sql_obj);
}
### check temporary directories writeable ###
foreach( array(
confGet('DIR_SETTINGS'),
confGet('DIR_TEMP'),
confGet('DIR_FILES'),
confGet('DIR_IMAGE_CACHE'),
confGet('DIR_RSS'),
) as $dir) {
print_testStart("check write-permissions for settings directory '<b>$dir</b>'?");
if(!is_writeable('../'. $dir)) {
if(!is_dir('../'. $dir)){
@mkdir('../'. $dir);
}
@chmod('../'. $dir, 0777);
if(!is_writeable('../'. $dir)){
print_testResult(RESULT_FAILED,"Please grant write-permissions for this directory.");
$flag_errors= true;
}else{
print_testResult(RESULT_GOOD, 'Folder written by Streber, please check permissions rights with your root account.');
}
}
else {
print_testResult(RESULT_GOOD, "Directory has required permissions set.");
}
}
### check db-setting exists ###
{
print_testStart("check previous db-settings in'<b>". confGet('DIR_SETTINGS') ."</b>'...");
$filepath_db_settings= '../'. confGet('DIR_SETTINGS'). confGet('FILE_DB_SETTINGS');
if(file_exists($filepath_db_settings)) {
print_testResult(RESULT_GOOD,"Good: Upgrading...");
require_once($filepath_db_settings);
}
### check if old style .inc setting exists...
else if(file_exists('../'. confGet('DIR_SETTINGS'). "db_settings.inc.php")) {
require_once('../'. confGet('DIR_SETTINGS'). "db_settings.inc.php");
print_testResult(RESULT_PROBLEM,"'db_settings.inc.php' found. This extension has been depreciated. Trying to rename to ".confGet('DIR_SETTINGS'));
if(!rename('../'. confGet('DIR_SETTINGS'). "db_settings.inc.php",
'../'. confGet('DIR_SETTINGS'). confGet('FILE_DB_SETTINGS'))
) {
print_testResult(RESULT_PROBLEM,"Renaming failed. Please remove manually.");
}
}
else print_testResult(RESULT_GOOD,"does not exists. Fresh installation");
global $g_form_fields;
$g_form_fields['db_username']['value']= confGet('DB_USERNAME') ? confGet('DB_USERNAME') : NULL;
$g_form_fields['db_password']['value']= confGet('DB_PASSWORD') ? confGet('DB_PASSWORD') : NULL;
$g_form_fields['db_name']['value']= confGet('DB_NAME') ? confGet('DB_NAME') : NULL;
$g_form_fields['db_table_prefix']['value']= confGet('DB_TABLE_PREFIX') ? confGet('DB_TABLE_PREFIX') : NULL;
$g_form_fields['site_name']['value']=confGet('APP_NAME');
$g_form_fields['site_email']['value']=confGet('EMAIL_ADMINISTRATOR');
}
### abort on errors... ##
if($flag_errors) {
echo "<h2>Installation failed</h2>";
echo "You may find help at ".getStreberWikiLink('installation','the wiki-installation guide');
return false;
}
### ...or render the configuration-form ###
else {
print_setup_form();
return true;
}
}
/**
* check form-fields
*/
function step_02_form_submit()
{
### check params passed ###
global $g_form_fields;
$errors=false;
foreach($g_form_fields as $key=>$value) {
$f= &$g_form_fields[$key];
$value=get($f['id']);
if(isset($value)) {
$f['value']= $value;
}
else if($f['type'] == 'checkbox') {
$f['value']= false;
}
if(isset($f['required']) && $f['required'] && !$value ) {
$errors=true;
$f['error']= true;
}
}
### reshow form if errors ###
if($errors) {
echo "<h2>Note: some fields are required</h2>";
print_setup_form();
return;
}
### if no error continue ###
if(step_02_proceed()) {
echo "<h2>Installation finished successfully</h2>";
echo "NOTE: If you don't remove the install-directory now, other people can spy out your database-settings!<br>";
echo "Please proceed by either...";
echo "<ul>";
echo "<li><a href='remove_install_dir.php'>try to delete installation-directory</a> now";
echo "<li>".getStreberWikiLink('first steps','read a fast tutorial about first steps');
echo "<li><a href='../index.php'>login</a>";
echo "</ul>";
}
else {
echo "<h2>Installation failed</h2>";
echo "You may find help at ".getStreberWikiLink('installation','the wiki-installation guide');
}
}
/**
* proceed with installation
* - returns true on success
*/
function step_02_proceed()
{
global $g_form_fields, $sql_obj;
echo "<h2>Proceeding...</h2>";
$f_db_type = $g_form_fields['db_type']['value'];
$f_hostname = $g_form_fields['hostname']['value'];
$f_db_name = $g_form_fields['db_name']['value'];
$f_db_username = $g_form_fields['db_username']['value'];
$f_db_password = $g_form_fields['db_password']['value'];
$f_db_table_prefix = $g_form_fields['db_table_prefix']['value'];
$f_user_admin_name = $g_form_fields['user_admin_name']['value'];
$f_user_admin_password = $g_form_fields['user_admin_password']['value'];
$f_continue_on_sql_errors = $g_form_fields['continue_on_sql_errors']['value'];
require_once(dirname(__FILE__)."/../db/db_".$f_db_type."_class.php");
### check mysql-connection ###
{
print_testStart("checking mysql connecting to '$f_hostname'...");
$sql_obj = new sql_class($f_hostname, $f_db_username, $f_db_password, $f_db_name);
if($sql_obj->error == false){
# Connection DB
if(!$sql_obj->connect()) {
$hint= 'This could be a problem with incorrect setup of your sql-server. <a href="http://www.streber-pm.org/1176">Read more...</a>';
print_testResult(RESULT_FAILED,"mySQL-Error[" . __LINE__ . "]:<pre>".$sql_obj->error."</pre><br>$hint");
return false;
}
else{
print_testResult(RESULT_GOOD, $sql_obj->error);
}
}
else{
print_testResult(RESULT_FAILED, $sql_obj->error);
return false;
}
}
### does database already exists? ###
{
print_testStart("Make sure to not overwrite existing streber-db called '$f_db_name'");
### db does NOT exists ###
if(!$sql_obj->selectdb())
{
print_testResult(RESULT_GOOD, $sql_obj->error);
### create new database ###
print_testStart("create database");
if(!$sql_obj->execute("CREATE DATABASE IF NOT EXISTS $f_db_name charset utf8 COLLATE utf8_general_ci")) {
print_testResult(RESULT_FAILED,"<pre>".$sql_obj->error."</pre>");
return false;
}
else {
if(!$sql_obj->selectdb()) {
print_testResult(RESULT_FAILED, $sql_obj->error);
return false;
}
else {
print_testResult(RESULT_GOOD, 'Database '.$f_db_name.' created.');
}
}
}
### db exists / upgrade ###
else
{
print_testResult(RESULT_PROBLEM,"DB '$f_db_name' already exists");
### check version of existing database ###
print_testStart("checking version of existing database");
if($sql_obj->execute("SELECT * FROM {$f_db_table_prefix}db
WHERE `updated` IS NULL ORDER BY `version` ASC"))
{
$count=0;
$db_version=NULL;
$streber_version_required=NULL;
while ($row = $sql_obj->fetchArray()) {
$db_version= $row['version'];
$streber_version_required= $row['version_streber_required'];
$count++;
}
/**
* there should be excactly one row with updated == NULL. Otherwise we a have a problem
*/
if($count < 1)
{
/* Ugh oh. Lets see if we can get the row with the highest
version instead. */
print_testResult(RESULT_PROBLEM, "Streber has detected a problem with db-version but is attempting to work around it.\n");
if($sql_obj->execute("SELECT * FROM {$f_db_table_prefix}db ORDER BY `version` DESC LIMIT 1"))
{
while ($row = $sql_obj->fetchArray())
{
$db_version= $row['version'];
$streber_version_required= $row['version_streber_required'];
$count++;
}
}
if($count < 1)
{
print_testResult(RESULT_FAILED, "Streber is unable to detect your current installed version.<br/>\n"
. "You can work around this by manually adding this information to the db table in your Streber database.");
return false;
}
print_testResult(RESULT_PROBLEM, "Taking best guess at currently installed version.\n");
}
if($count > 1)
{
/* Doh. It appears that our user is the victim of an installer bug
* found in older versions of Streber (we hope). */
print_testResult(RESULT_PROBLEM, "Streber has detected a problem with db-version but is now fixing. Upgrade history lost.");
$sql_obj->execute("TRUNCATE TABLE {$f_db_table_prefix}db");
$sql_obj->execute("INSERT INTO {$f_db_table_prefix}db SET version = "
. $db_version . ", version_streber_required = " . $streber_version_required
. ", id = 1, updated = ");
}
if($db_version < confGet('STREBER_VERSION')) {
### update ###
print_testResult(RESULT_PROBLEM,"version is $db_version. Upgrading...");
$result= upgrade(array(
'db_type' => $f_db_type,
'hostname' => $f_hostname,
'db_username' => $f_db_username,
'db_password' => $f_db_password,
'db_table_prefix'=> $f_db_table_prefix,
'db_name' => $f_db_name,
'db_version' => $db_version, # autodetect
'continue_on_sql_errors'=>$f_continue_on_sql_errors,
));
return $result;
}
else if($streber_version_required > confGet('STREBER_VERSION')) {
print_testResult(RESULT_PROBLEM,"version is $db_version. It's requires Version " .confGet('STREBER_VERSION'). " of Streber. Current Version is ".confGet('STREBER_VERSION').". Please download and install the latest version.");
return false;
}
else
{
$filename= '../'. confGet('DIR_SETTINGS'). confGet('FILE_DB_SETTINGS');
print_testStart("writing configuration file '$filename'...");
$write_ok = writeSettingsFile($filename, array(
'DB_TYPE' => $f_db_type,
'HOSTNAME' => $f_hostname,
'DB_USERNAME' => $f_db_username,
'DB_PASSWORD' => $f_db_password,
'DB_TABLE_PREFIX'=> $f_db_table_prefix,
'DB_NAME' => $f_db_name,
'DB_VERSION' => confGet('STREBER_VERSION'),
));
if($write_ok) {
print_testResult(RESULT_GOOD, "Current database (version $db_version) looks fine. Installation finished with database setting rewritten to file. Please view ".getStreberWikiLink('installation','Installation Guide')." on how to fix unsolved problems.");
}
else {
print_testResult(RESULT_PROBLEM, "Current database (version $db_version) looks fine. Installation finished with no change (unable to rewrite database setting to file). Please view ".getStreberWikiLink('installation','Installation Guide')." on how to fix unsolved problems.");
}
return true;
}
print_testResult(RESULT_PROBLEM,"Installation aborted due to unknown reason.");
return false;
}
### no version / fresh installation ###
else {
print_testResult(RESULT_GOOD,
"Could not query streber-db version. Assuming fresh installation");
}
}
/**
* fresh installation
*/
### creating database-structure ###
print_testStart("creating table structure...");
$filename= "./create_structure_v".confGet('DB_CREATE_DUMP_VERSION').".sql";
$upgradeFromVersion = confGet('DB_CREATE_DUMP_VERSION');
if(!file_exists($filename)) {
$filenames = glob("./create_structure_v*.sql");
if($filenames) {
rsort($filenames);
print_testResult(RESULT_PROBLEM,"Required file $filename is missing, trying to use $filenames[0] instead and then upgrade.");
$filename = $filenames[0];
preg_match("/create_structure_v(.*)\.sql/", $filename, $matches);
$upgradeFromVersion = $matches[1];
}
else {
print_testResult(RESULT_FAILED,"Getting sql-code failed. This is an internal error. Look at ". getStreberWikiLink('installation','Installation Guide') ." for clues. ");
return false;
}
}
if(!parse_mysql_dump($filename, $f_db_table_prefix, $sql_obj)) {
print_testResult(RESULT_FAILED,"SQL-Error[" . __LINE__ . "]:<br><pre>".$sql_obj->error."</pre>");
return false;
}
print_testResult(RESULT_GOOD);
### upgrade
if($upgradeFromVersion != confGet('STREBER_VERSION')) {
print_testStart("updating to latest version...");
$result= upgrade(array(
'db_type' => $f_db_type,
'hostname' => $f_hostname,
'db_username' => $f_db_username,
'db_password' => $f_db_password,
'db_table_prefix'=> $f_db_table_prefix,
'db_name' => $f_db_name,
'continue_on_sql_errors'=>$f_continue_on_sql_errors,
'db_version' => $upgradeFromVersion,
));
if(!$result) {
print_testResult(RESULT_FAILED,"Upgrading failed. This is an internal error. Look at ". getStreberWikiLink('installation','Installation Guide') ." for clues. ");
return false;
}
print_testResult(RESULT_GOOD);
}
### create db-version entry ###
print_testStart("add db-version entry");
$db_version = confGet('STREBER_VERSION');
$streber_version_required = confGet('STREBER_VERSION');
$str_query = "INSERT into {$f_db_table_prefix}db (id,version,version_streber_required,created) VALUES(1,'$db_version','$streber_version_required',NOW() )";
if(!$sql_obj->execute($str_query)) {
print_testResult(RESULT_FAILED,"SQL-Error[" . __LINE__ . "]:<pre>".$sql_obj->error. "</pre>");
return false;
}
else {
print_testResult(RESULT_GOOD);
}
### create admin entry entry ###
print_testStart("add admin-user entry 1/2");
$password_md5=md5($f_user_admin_password);
$str_query= "INSERT into {$f_db_table_prefix}person
(id,
name,
nickname,
password,
user_rights,
can_login,
profile,
language,
ip_address,
office_email
)
VALUES(
1,
'$f_user_admin_name',
'$f_user_admin_name',
'$password_md5',
268435455, /* all rights */
1,
1,
'".confGet('DEFAULT_LANGUAGE')."',
'',
'" . $g_form_fields["site_email"]["value"] . "'
)";
if(!$sql_obj->execute($str_query)) {
print_testResult(RESULT_FAILED,"SQL-Error[" . __LINE__ . "]:<br><pre>".$sql_obj->error."</pre>");
return false;
}
else {
print_testResult(RESULT_GOOD);
}
### create admin entry entry ###
print_testStart("add admin-user entry 2/2");
$str_query= "INSERT into {$f_db_table_prefix}item
(id,
type,
state,
created_by,
modified_by
)
VALUES(
1,
".ITEM_PERSON.",
".ITEM_STATE_OK.",
1,
1
)";
if(!$sql_obj->execute($str_query)) {
print_testResult(RESULT_FAILED,"SQL-Error[" . __LINE__ . "]:<br><pre>".$sql_obj->error."</pre>");
return false;
}
else {
print_testResult(RESULT_GOOD);
}
### settings-directory already exists? ###
if(!file_exists('../'. confGet('DIR_SETTINGS'))) {
print_testStart("try to create ".confGet('DIR_SETTINGS')."...");
if(!mkdir('../'. confGet('DIR_SETTINGS'))) {
print_testResult(RESULT_FAILED,"could not create directory. This could be a file permission problem...");
}
else {
print_testResult(RESULT_GOOD);
}
}
### writing setting-file ###
/* This block should be rewritten into a function to remove duplication.
* -- Cody Somerville <hide@address.com> 01-MAY-08
*/
{
/* Write general site settings */
$filename = "../" . confGet("DIR_SETTINGS") . confGet("SITE_SETTINGS");
print_testStart("writing configuration file '" . $filename . "'...");
$settings = array(
"APP_NAME" => $g_form_fields["site_name"]["value"],
"EMAIL_ADMINISTRATOR" => $g_form_fields["site_email"]["value"],
'APP_TITLE_HEADER' => $g_form_fields["site_name"]["value"] . "<span class=extend>PM</span>",
);
$write_ok= writeSettingsFile($filename, $settings);
if(!$write_ok)
{
print_testResult(RESULT_FAILED, "can not write '" . $filename
. "'. Please create it with this content:<br><pre><?php"
. buildSettingsFile($settings) . "?></pre>");
return false;
}
else print_testResult(RESULT_GOOD);
/* Write database settings */
$filename='../'. confGet('DIR_SETTINGS'). confGet('FILE_DB_SETTINGS');
print_testStart("writing configuration file '$filename'...");
$settings= array(
'DB_TYPE' => $f_db_type,
'HOSTNAME' => $f_hostname,
'DB_USERNAME' => $f_db_username,
'DB_PASSWORD' => $f_db_password,
'DB_TABLE_PREFIX'=> $f_db_table_prefix,
'DB_NAME' => $f_db_name,
'DB_VERSION' => confGet('STREBER_VERSION'),
);
$write_ok= writeSettingsFile($filename, $settings);
if(!$write_ok) {
print_testResult(RESULT_FAILED,"can not write '$filename'. Please create it with this content:<br><pre><?php".buildSettingsFile($settings)."?></pre>");
return false;
}
else {
print_testResult(RESULT_GOOD);
}
}
### tmp-directory already exists? ###
if(!file_exists('../'. confGet('DIR_TEMP'))) {
print_testStart("try to create directory of tempory files ".confGet('DIR_TEMP')."...");
if(!mkdir('../'. confGet('DIR_TEMP'))) {
print_testResult(RESULT_FAILED,"could not create directory. This could be a file permission problem...");
}
else {
print_testResult(RESULT_GOOD);
}
}
return true;
}
}
/**
* upgrades
*/
function upgrade($args=NULL)
{
global $g_form_fields;
$db_type= $args['db_type'];
$hostname= $args['hostname'];
$db_username= $args['db_username'];
$db_password= $args['db_password'];
$db_table_prefix= $args['db_table_prefix'];
$db_name= $args['db_name'];
$flag_continue_on_sql_errors= $args['continue_on_sql_errors'];
$db_version= $args['db_version']; # set to NULL if autodetect
require_once(dirname(__FILE__)."/../db/db_".$db_type."_class.php");
echo "<h2>Upgrading...</h2>";
print_testStart("getting original version...");
### connect db ###
$sql_obj = new sql_class($hostname, $db_username, $db_password, $db_name);
if($sql_obj -> error != false) {
print_testResult(RESULT_FAILED,"mySQL-Error[" . __LINE__ . "]:<pre>".$sql_obj -> error."</pre>");
return false;
}
### select db? ###
if(!$sql_obj->selectdb()) {
print_testResult(RESULT_FAILED,"Database does not exists mySQL-Error[" . __LINE__ . "]:<pre>".$sql_obj -> error."</pre>");
return false;
}
### get version ###
if(!$db_version)
{
if(!$result=$sql_obj->execute("SELECT *
FROM {$db_table_prefix}db
WHERE updated is NULL")
) {
print_testResult(RESULT_FAILED,"Count not get version:<pre>".$sql_obj -> error."</pre>");
return false;
}
$count= 0;
while ($row = $sql_obj->fetchArray()) {
$db_version= $row['version'];
$streber_version_required= $row['version_streber_required'];
$count++;
}
if( $count!=1 ) {
print_testResult(RESULT_FAILED,"could not get propper db-version table entry. Please view ".getStreberWikiLink('installation','Installation Guide')." on hints how to proceed.");
return false;
}
if($db_version < 0.044) {
print_testResult(RESULT_FAILED,"Sorry upgrading is supoorted since v0.044");
return false;
}
print_testResult(RESULT_GOOD,"v $db_version");
}
else {
print_testResult(RESULT_GOOD,"assuming v$db_version");
}
$update_queries=array();
require(dirname(__FILE__)."/db_updates.inc.php");
print_testStart("doing " .count($update_queries). " changes to database...");
foreach($update_queries as $q) {
### strict mode for development ###
#if($result= $sql_obj->execute('SET session sql_mode = "STRICT_ALL_TABLES,STRICT_TRANS_TABLES,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION"')){
# }
#}
if(!$result=$sql_obj->execute($q)){
if(function_exists('mysql_error') && mysql_error()) {
$mysql_error= mysql_error();
}
else if(function_exists('mysqli_error') && mysqli_error()) {
$mysql_error= mysql_error();
}
else {
$mysql_error = $sql_obj->error;
}
print_testResult(RESULT_FAILED,"Failed:<pre>".$sql_obj -> error."</pre><br>Error:<pre>". $mysql_error . "</pre>");
if(isset($flag_continue_on_sql_errors) && $flag_continue_on_sql_errors) {
print_testStart("proceeding upgrade...");
}
else {
return false;
}
}
}
### update the db-version ###
print_testStart("update db-version information");
$str_query= "UPDATE {$db_table_prefix}db
SET updated = now();
";
if(!$sql_obj->execute($str_query)) {
print_testResult(RESULT_FAILED,"SQL-Error[" . __LINE__ . "]:<br><pre>".$sql_obj -> error."</pre><br><br>Querry was:<br>$str_query");
return false;
}
### create new db-version ###
$db_version_new= confGet('STREBER_VERSION');
$streber_version_required= confGet('STREBER_VERSION');
$str_query= "INSERT IGNORE into {$db_table_prefix}db (id,version,version_streber_required,created) VALUES(1,'$db_version_new','$streber_version_required',NOW() )";
if(!$sql_obj->execute($str_query)) {
print_testResult(RESULT_FAILED,"SQL-Error[" . __LINE__ . "]:<pre>".$sql_obj -> error."</pre>Query was:<pre>$str_query</pre>");
return false;
}
else {
print_testResult(RESULT_GOOD);
}
### rewrite setting-file ###
{
$filename = "../" . confGet("DIR_SETTINGS") . confGet("SITE_SETTINGS");
print_testStart("writing configuration file '" . $filename . "'...");
$write_ok= writeSettingsFile($filename, $settings = array(
"APP_NAME" => $g_form_fields["site_name"]["value"],
"EMAIL_ADMINISTRATOR" => $g_form_fields["site_email"]["value"],
'APP_TITLE_HEADER' => $g_form_fields["site_name"]["value"] . "<span class=extend>PM</span>",
));
if(!$write_ok)
{
print_testResult(RESULT_FAILED, "can not write '" . $filename . "'.");
/**
* note: because settings-file is now written by a function, we no longer
* have content to display when creation fails
*/
# Please create it with this content:<br><pre><?php".$buffer."?></pre>");
return false;
}
else {
print_testResult(RESULT_GOOD);
}
$filename='../'. confGet('DIR_SETTINGS'). confGet('FILE_DB_SETTINGS');
print_testStart("writing configuration file '$filename'...");
$write_ok= writeSettingsFile($filename, array(
'DB_TYPE' => $db_type,
'HOSTNAME' => $hostname,
'DB_USERNAME' => $db_username,
'DB_PASSWORD' => $db_password,
'DB_TABLE_PREFIX'=> $db_table_prefix,
'DB_NAME' => $db_name,
'DB_VERSION' => confGet('STREBER_VERSION'),
));
if(!$write_ok) {
print_testResult(RESULT_FAILED,"can not write '$filename'.");
/**
* note: because settings-file is now written by a function, we no longer
* have content to display when creation fails
*/
# Please create it with this content:<br><pre><?php".$buffer."?></pre>");
return false;
}
else {
print_testResult(RESULT_GOOD);
}
}
return true;
}
/**
* build settings file
* - the setting file is also been written on upgrades (because the
* location of the settings can change.
*/
function buildSettingsFile($args) {
$buffer='
#--- streber db-configuration file ---
# this file has automatically been created and might be
# overwritten be installation procedures. If you want
# to overwrite any of these settings add lines to
# "customize.inc.php" in streber-root directory
';
foreach($args as $key=>$value) {
$buffer.='confChange("' . $key . '","' . $value .'");
';
}
return $buffer;
}
/**
* write setting file
* - the setting file is also been written on upgrades (because the
* location of the settings can change.
*/
function writeSettingsFile($filename, $args) {
$buffer= buildSettingsFile($args);
$FH= @fopen ($filename,"w");
if(!$FH) {
return false;
}
else if(!fputs ($FH, "<"."?php".$buffer."?".">")) {
return false;
}
fclose ($FH);
return true;
}
/**
* make sure, errors.log.php is secure by adding a forward-line to beginning of file
*
*/
function checkLogfileIsSecure()
{
$error_flag = false;
print_testStart("Check errors.inc.php is secure");
### check if errors.log.php is secure
if($FO = @fopen("../" . confGet('DIR_TEMP') . "/errors.log.php", "r")) {
$first_line= fgets ( $FO );
fclose( $FO );
if(stristr($first_line, "../index.php") ) {
print_testResult(RESULT_GOOD,"Already secure");
return $error_flag;
}
}
### try to create
if($FO = @fopen("../" . confGet('DIR_TEMP') . "/errors.log.php", "w")) {
@fputs($FO,'<? header("Location: ../index.php");exit(); ?>');
fclose($FO);
}
else {
print_testResult(RESULT_FAILED,"Failed to create secure version of error.log.php.");
$error_flag = true;
}
return $error_flag;
}