* the License, or (at your option) any later version. *
* *
* eLabFTW is distributed in the hope that it will be useful, *
* but WITHOUT ANY WARRANTY; without even the implied *
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR *
* PURPOSE. See the GNU Affero General Public License for more details. *
* *
* You should have received a copy of the GNU Affero General Public *
* License along with eLabFTW. If not, see <http://www.gnu.org/licenses/>. *
* *
********************************************************************************/
/* admin.php - for administration of the elab */
require_once 'inc/common.php';
require_once 'inc/locale.php';
require_once 'vendor/autoload.php';
$crypto = new \Elabftw\Elabftw\Crypto();
if ($_SESSION['is_admin'] != 1) {
die(ADMIN_DIE);
}
$page_title = _('Admin panel');
$selected_menu = null;
require_once 'inc/head.php';
require_once 'inc/info_box.php';
require_once 'vendor/autoload.php';
$formKey = new \Elabftw\Elabftw\FormKey();
?>
<script src="js/tinymce/tinymce.min.js"></script>
<script src="js/raphael/raphael-min.js"></script>
<script src="js/colorwheel/colorwheel.js"></script>
<?php
if (strlen(get_config('mail_from')) == 0) {
function getMailer()
{
$crypto = new \Elabftw\Elabftw\Crypto();
// Choose mail transport method; either smtp or sendmail
$mail_method = get_config('mail_method');
switch ($mail_method) {
// Use SMTP Server
case 'smtp':
$transport = Swift_SmtpTransport::newInstance(get_config('smtp_address'), get_config('smtp_port'), get_config('smtp_encryption'))->setUsername(get_config('smtp_username'))->setPassword($crypto->decrypt(get_config('smtp_password')));
break;
// Use php mail function
// Use php mail function
case 'php':
$transport = Swift_MailTransport::newInstance();
break;
// Use locally installed MTA (aka sendmail); Default
// Use locally installed MTA (aka sendmail); Default
default:
$transport = Swift_SendmailTransport::newInstance(get_config('sendmail_path') . ' -bs');
break;
}
$mailer = Swift_Mailer::newInstance($transport);
return $mailer;
}
}
if (!$table_is_here) {
q("CREATE TABLE IF NOT EXISTS `items_revisions` (\n `id` int(10) unsigned NOT NULL AUTO_INCREMENT PRIMARY KEY,\n `item_id` int(10) unsigned NOT NULL,\n `body` text NOT NULL,\n `savedate` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,\n `userid` int(11) NOT NULL\n ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;");
}
// 20150324 : adding secret key used to encrypt the SMTP password
// first we check if we can write the config file
if (!is_writable('config.php')) {
// check that there is no secret key already
if (!defined('SECRET_KEY')) {
$msg_arr[] = "[ERROR] Please allow webserver to write config file, or add SECRET_KEY yourself to config.php. <a href='https://github.com/elabftw/elabftw/wiki/Troubleshooting'>Link to documentation</a>";
$_SESSION['errors'] = $msg_arr;
header('Location: sysconfig.php');
exit;
}
} elseif (is_writable('config.php') && !defined('SECRET_KEY')) {
$crypto = new \Elabftw\Elabftw\Crypto();
// add generated strings to config file
// the IV is stored in hex
$data_to_add = "\ndefine('SECRET_KEY', '" . $crypto->getSecretKey() . "');\ndefine('IV', '" . bin2hex($crypto->getIv()) . "');\n";
try {
file_put_contents('config.php', $data_to_add, FILE_APPEND);
} catch (Exception $e) {
$msg_arr[] = "[ERROR] " . $e->getMessage();
$_SESSION['errors'] = $msg_arr;
header('Location: sysconfig.php');
exit;
}
// ok so now we have a secret key, an IV and we want to convert our old cleartext SMTP password to an encrypted one
$config_arr = array();
// if there is a password in cleartext in the database, we encrypt it
if (strlen(get_config('smtp_password')) > 0) {
* the License, or (at your option) any later version. *
* *
* eLabFTW is distributed in the hope that it will be useful, *
* but WITHOUT ANY WARRANTY; without even the implied *
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR *
* PURPOSE. See the GNU Affero General Public License for more details. *
* *
* You should have received a copy of the GNU Affero General Public *
* License along with eLabFTW. If not, see <http://www.gnu.org/licenses/>. *
* *
********************************************************************************/
/* admin-exec.php - for administration of the elab */
require_once '../inc/common.php';
require_once ELAB_ROOT . 'inc/locale.php';
require_once ELAB_ROOT . 'vendor/autoload.php';
$crypto = new \Elabftw\Elabftw\Crypto();
// only admin can use this
if ($_SESSION['is_admin'] != 1) {
die(_('This section is out of your reach.'));
}
$msg_arr = array();
$errflag = false;
$email = '';
$formKey = new \Elabftw\Elabftw\FormKey();
// VALIDATE USERS
if ($_SERVER['REQUEST_METHOD'] == 'POST' && !empty($_POST['validate'])) {
// sql to validate users
$sql = "UPDATE users SET validated = 1 WHERE userid = :userid";
$req = $pdo->prepare($sql);
// check we only have int in validate array
if (!filter_var_array($_POST['validate'], FILTER_VALIDATE_INT)) {
* You should have received a copy of the GNU Affero General Public *
* License along with eLabFTW. If not, see <http://www.gnu.org/licenses/>. *
* *
********************************************************************************/
/* sysconfig.php - configuration system */
require_once 'inc/common.php';
require_once 'inc/locale.php';
if ($_SESSION['is_sysadmin'] != 1) {
die(_('This section is out of your reach.'));
}
$page_title = _('eLabFTW configuration');
$selected_menu = null;
require_once 'inc/head.php';
require_once 'inc/info_box.php';
require_once 'vendor/autoload.php';
$crypto = new \Elabftw\Elabftw\Crypto();
$formKey = new \Elabftw\Elabftw\FormKey();
if (strlen(get_config('mail_method')) == 0) {
$message = sprintf(_('Please finalize install : %slink to documentation%s.'), "<a href='https://github.com/elabftw/elabftw/wiki/finalizing'>", "</a>");
display_message('error', $message);
}
?>
<?php
// get current version
if (check_executable('git')) {
$current_version = shell_exec('git describe --abbrev=0 --tags');
// it is possible to have git installed, but elabftw is installed without git (zip or tarball)
// so we need to check if the version actually looks like a version number
if (preg_match('/[0-99]+\\.[0-99]+\\.[0-99]+.*/', $current_version) === 1) {
// display the current version to sysadmin
$db_password = $_POST['db_password'];
}
// connect to DB
try {
$pdo_options[PDO::ATTR_ERRMODE] = PDO::ERRMODE_EXCEPTION;
$pdo = new PDO('mysql:host=' . $db_host . ';dbname=' . $db_name, $db_user, $db_password, $pdo_options);
} catch (Exception $e) {
die('Error : ' . $e->getMessage());
}
// now import the structure
import_sql_structure();
// BUILD CONFIG FILE
// the new file to write to
$config_file = '../config.php';
$elab_root = substr(realpath(__FILE__), 0, -20) . '/';
$crypto = new \Elabftw\Elabftw\Crypto();
// what we will write
$config = "<?php\ndefine('DB_HOST', '" . $db_host . "');\ndefine('DB_NAME', '" . $db_name . "');\ndefine('DB_USER', '" . $db_user . "');\ndefine('DB_PASSWORD', '" . $db_password . "');\ndefine('ELAB_ROOT', '" . $elab_root . "');\ndefine('SECRET_KEY', '" . $crypto->getSecretKey() . "');\ndefine('IV', '" . bin2hex($crypto->getIv()) . "');\n";
// we try to write content to file and propose the file for download if we can't write to it
if (file_put_contents($config_file, $config)) {
// it's cool, we managed to write the config file
// let's put restricting permissions on it as discussed in #129
if (is_writable($config_file)) {
chmod($config_file, 0400);
}
$infos_arr = array();
$infos_arr[] = 'Congratulations, you successfully installed eLabFTW,
now you need to <strong>register</strong> your account (you will have admin rights).';
$_SESSION['infos'] = $infos_arr;
header('Location: ../register.php');
exit;
