]> git.p6c8.net - jirafeau_project.git/blob - install.php
[TASK] security announcement
[jirafeau_project.git] / install.php
1 <?php
2 /*
3 * Jirafeau, your web file repository
4 * Copyright (C) 2008 Julien "axolotl" BERNARD <axolotl@magieeternelle.org>
5 * Copyright (C) 2015 Nicola Spanti (RyDroid) <dev@nicola-spanti.info>
6 *
7 * This program is free software: you can redistribute it and/or modify
8 * it under the terms of the GNU Affero General Public License as
9 * published by the Free Software Foundation, either version 3 of the
10 * License, or (at your option) any later version.
11 *
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU Affero General Public License for more details.
16 *
17 * You should have received a copy of the GNU Affero General Public License
18 * along with this program. If not, see <https://www.gnu.org/licenses/>.
19 */
20 define('JIRAFEAU_ROOT', dirname(__FILE__) . '/');
21
22 define('JIRAFEAU_CFG', JIRAFEAU_ROOT . 'lib/config.local.php');
23 define('JIRAFEAU_VAR_RAND_LENGTH', 15);
24
25 require(JIRAFEAU_ROOT . 'lib/settings.php');
26 require(JIRAFEAU_ROOT . 'lib/functions.php');
27 require(JIRAFEAU_ROOT . 'lib/lang.php');
28
29 /**
30 * Prepend used functions
31 **/
32
33 function jirafeau_quoted($str)
34 {
35 return QUOTE . str_replace(QUOTE, "\'", $str) . QUOTE;
36 }
37
38 function jirafeau_export_cfg($cfg)
39 {
40 $content = '<?php' . NL;
41 $content .= '/* ' . t('This file was generated by the install process. ' .
42 'You can edit it. Please see config.original.php to understand the ' .
43 'configuration items.') . ' */' . NL;
44 $content .= '$cfg = ' . var_export($cfg, true) . ';';
45
46 $fileWrite = file_put_contents(JIRAFEAU_CFG, $content);
47
48 if (false === $fileWrite) {
49 jirafeau_fatal_error(t('Can not write local configuration file'));
50 }
51 }
52
53 function jirafeau_mkdir($path)
54 {
55 return !(!file_exists($path) && !@mkdir($path, 0755));
56 }
57
58 /**
59 * Returns true whether the path is writable or we manage to make it
60 * so, which essentially is the same thing.
61 * @param $path is the file or directory to be tested.
62 * @return true if $path is writable.
63 */
64 function jirafeau_is_writable($path)
65 {
66 /* "@" gets rid of error messages. */
67 return is_writable($path) || @chmod($path, 0777);
68 }
69
70 function jirafeau_check_var_dir($path)
71 {
72 $mkdir_str1 = t('CANNOT_CREATE_DIR') . ':';
73 $mkdir_str2 = t('MANUAL_CREATE');
74 $write_str1 = t('DIR_NOT_W') . ':';
75 $write_str2 = t('You should give the write permission to the web server on ' .
76 'this directory.');
77 $solution_str = t('HERE_SOLUTION') . ':';
78
79 if (!jirafeau_mkdir($path) || !jirafeau_is_writable($path)) {
80 return array('has_error' => true,
81 'why' => $mkdir_str1 . '<br /><code>' .
82 $path . '</code><br />' . $solution_str .
83 '<br />' . $mkdir_str2);
84 }
85
86 foreach (array('files', 'links', 'async') as $subdir) {
87 $subpath = $path.$subdir;
88
89 if (!jirafeau_mkdir($subpath) || !jirafeau_is_writable($subpath)) {
90 return array('has_error' => true,
91 'why' => $mkdir_str1 . '<br /><code>' .
92 $subpath . '</code><br />' . $solution_str .
93 '<br />' . $mkdir_str2);
94 }
95 }
96
97 return array('has_error' => false, 'why' => '');
98 }
99
100 function jirafeau_add_ending_slash($path)
101 {
102 return $path . ((substr($path, -1) == '/') ? '' : '/');
103 }
104
105 /**
106 * Check installation
107 **/
108
109 // Is the installation process done already?
110 // Then there is nothing to do here → redirect to the main page.
111 if ($cfg['installation_done'] === true) {
112 header('Location: index.php');
113 exit;
114 }
115
116 /**
117 * Prepare installation process
118 **/
119
120 require(JIRAFEAU_ROOT . 'lib/template/header.php');
121
122 // does the local configuration file exist?
123 if (!file_exists(JIRAFEAU_CFG)) {
124 // show an error if it is not possible to create the file
125 if (!@touch(JIRAFEAU_CFG)) {
126 jirafeau_fatal_error(
127 t('The local configuration file could not be created. Create a ' .
128 '<code>lib/config.local.php</code> file and give the write ' .
129 'permission to the web server (preferred solution), or give the ' .
130 'write permission to the web server on the <code>lib</code> ' .
131 'directory.')
132 );
133 }
134 }
135
136 // is the local configuration writable?
137 if (!is_writable(JIRAFEAU_CFG) && !@chmod(JIRAFEAU_CFG, '0666')) {
138 jirafeau_fatal_error(
139 t('The local configuration is not writable by the web server. ' .
140 'Give the write permission to the web server on the ' .
141 '<code>lib/config.local.php</code> file.')
142 );
143 }
144
145 /**
146 * Run trough each installation step
147 **/
148
149 if (isset($_POST['step']) && isset($_POST['next'])) {
150 switch ($_POST['step']) {
151 case 1:
152 if (strlen($_POST['admin_password'])) {
153 $cfg['admin_password'] = hash('sha256', $_POST['admin_password']);
154 } else {
155 $cfg['admin_password'] = '';
156 }
157 jirafeau_export_cfg($cfg);
158 break;
159
160 case 2:
161 $cfg['web_root'] = jirafeau_add_ending_slash($_POST['web_root']);
162 $cfg['var_root'] = jirafeau_add_ending_slash($_POST['var_root']);
163 jirafeau_export_cfg($cfg);
164 break;
165
166 case 3:
167 $cfg['web_root'] = jirafeau_add_ending_slash($_POST['web_root']);
168 $cfg['var_root'] = jirafeau_add_ending_slash($_POST['var_root']);
169 jirafeau_export_cfg($cfg);
170 break;
171 }
172 }
173
174 $current = 1;
175 if (isset($_POST['next'])) {
176 $current = $_POST['step'] + 1;
177 } elseif (isset($_POST['previous'])) {
178 $current = $_POST['step'] - 1;
179 } elseif (isset($_POST['retry'])) {
180 $current = $_POST['step'];
181 }
182
183 switch ($current) {
184 case 1:
185 default:
186 ?><h2><?php printf(t('JI_INSTALL') . ' - ' . t('STEP') .
187 ' %d ' . t('OUT_OF') . ' %d', 1, 3);
188 ?></h2> <div id = "install"> <form method="post"> <input type =
189 "hidden" name = "jirafeau" value =
190 "<?php echo JIRAFEAU_VERSION; ?>" /><input type = "hidden" name =
191 "step" value = "1" /><fieldset> <legend><?php
192 echo t('ADMIN_PSW');
193 ?></legend> <table> <tr> <td class = "info" colspan =
194 "2"><?php echo t('ADMIN_INTERFACE_INFO');
195 ?></td> </tr> <tr> <td class = "label"><label for = "select_password"
196 ><?php echo t('ADMIN_PSW') . ':';
197 ?></label></td>
198 <td class = "field"><input type = "password" name = "admin_password"
199 id = "admin_password" size = "40" /></td>
200 </tr>
201 <tr class = "nav">
202 <td></td>
203 <td class = "nav next">
204 <input type = "submit"
205 class = "navleft" name = "previous" value = "<?php
206 echo t('PREV_STEP'); ?>" />
207 <input type = "submit" name = "next" value =
208 "<?php echo t('NEXT_STEP'); ?>" /></td> </tr> </table>
209 </fieldset> </form> </div> <?php
210 break;
211
212 case 2:
213 ?><h2><?php printf(t('JI_INSTALL') . ' - ' . t('STEP') .
214 ' %d ' . t('OUT_OF') . ' %d', 2, 3);
215 ?></h2> <div id = "install"> <form method="post"> <input type =
216 "hidden" name = "jirafeau" value =
217 "<?php echo JIRAFEAU_VERSION; ?>" /><input type = "hidden" name =
218 "step" value =
219 "2" /><fieldset> <legend><?php echo t('INFO');
220 ?></legend> <table> <tr> <td class = "info" colspan =
221 "2"><?php echo t('BASE_ADDR_INFO');
222 ?></td> </tr> <tr> <td class = "label"><label for = "input_web_root"
223 ><?php echo t('BASE_ADDR') . ':';
224 ?></label></td>
225 <td class = "field"><input type = "text" name = "web_root"
226 id = "input_web_root" value = "<?php
227 echo(empty($cfg['web_root']) ?
228 'http://' . $_SERVER['HTTP_HOST'] . str_replace(basename(__FILE__),
229 '', $_SERVER['REQUEST_URI']) : $cfg['web_root']);
230 ?>" size = "40" /></td>
231 </tr> <tr> <td class = "info" colspan = "2"><?php
232 echo t('DATA_DIR_EXPLAINATION');
233 ?></td> </tr> <tr> <td class = "label"><label for = "input_var_root"
234 ><?php echo t('DATA_DIR') . ':';
235 ?></label></td>
236 <td class = "field"><input type = "text" name = "var_root"
237 id = "input_var_root" value = "<?php
238 if (empty($cfg['var_root'])) {
239 $alphanum = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' .
240 'abcdefghijklmnopqrstuvwxyz' . '0123456789';
241 $len_alphanum = strlen($alphanum);
242 $var = 'var-';
243 for ($i = 0; $i <JIRAFEAU_VAR_RAND_LENGTH; $i++) {
244 $var .= substr($alphanum, mt_rand(0, $len_alphanum - 1), 1);
245 }
246 echo JIRAFEAU_ROOT . $var . '/';
247 } else {
248 echo $cfg['var_root'];
249 }
250 ?>" size = "40" /></td>
251 </tr> <tr> <td colspan = "2"><input type = "submit"
252 class = "navleft" name = "previous" value = "<?php
253 echo t('PREV_STEP'); ?>" />
254 <input type = "submit" class = "navright" name = "next" value = "
255 <?php echo t('NEXT_STEP'); ?>" />
256 </td> </tr> </table> </fieldset>
257 </form> </div> <?php
258 break;
259
260 case 3:
261 ?><h2><?php printf(t('JI_INSTALL') . ' - ' . t('STEP') .
262 ' %d ' . t('OUT_OF') . ' %d', 3, 3);
263 ?></h2> <div id = "install"> <form method="post"> <input type =
264 "hidden" name = "jirafeau" value =
265 "<?php echo JIRAFEAU_VERSION; ?>" /><input type = "hidden" name =
266 "step" value =
267 "3" /><fieldset> <legend><?php echo t('FINALIZATION');
268 ?></legend> <table> <tr> <td class = "info" colspan =
269 "2"><?php echo t('SETTING_UP');
270 ?></td> </tr> <tr> <td class = "nav previous"><input type =
271 "submit" name = "previous" value =
272 "
273 <?php
274 echo t('PREV_STEP');
275 ?>" /></td> <td></td> </tr>
276 </table> </fieldset> </form> </div>
277 <?php
278 $err = jirafeau_check_var_dir($cfg['var_root']);
279 if ($err['has_error']) {
280 echo '<div class="error"><p>'.$err['why'].'<br />'.NL; ?><form method="post"> <input type = "hidden" name = "jirafeau" value =
281 "<?php echo JIRAFEAU_VERSION; ?>" /><input type = "hidden" name =
282 "step" value = "3" /><input type = "submit" name =
283 "retry" value =
284 "<?php echo t('RETRY_STEP'); ?>" /></form>
285 <?php echo '</p></div>';
286 } else {
287 $cfg['installation_done'] = true;
288 jirafeau_export_cfg($cfg);
289 echo '<div class="message"><p>' .
290 t('JI_FONCTIONAL') . ':' .
291 '<br /><a href="./">' .
292 $cfg['web_root'].'</a></p></div>';
293 }
294 break;
295 }
296
297 require(JIRAFEAU_ROOT . 'lib/template/footer.php');

patrick-canterino.de