function process()
{
global $DB;
global $website;
global $events;
global $theme;
set_time_limit(0);
setlocale(LC_ALL, $_SESSION['navigate_install_locale']);
$lang = navigate_install_load_language();
switch ($_REQUEST['process']) {
case 'verify_zip':
sleep(1);
if (!file_exists('package.zip')) {
die(json_encode($lang['missing_package']));
} else {
$zip = new ZipArchive();
if ($zip->open('package.zip') !== TRUE) {
die(json_encode($lang['invalid_package']));
} else {
$zip->close();
die(json_encode(true));
}
}
break;
case 'extract_zip':
$npath = getcwd() . NAVIGATE_FOLDER;
$npath = str_replace('\\', '/', $npath);
if (!file_exists($npath)) {
mkdir($npath);
}
if (file_exists($npath)) {
$zip = new ZipArchive();
if ($zip->open('package.zip') === TRUE) {
$zip->extractTo($npath);
$zip->close();
copy($npath . '/crossdomain.xml', dirname($npath) . '/crossdomain.xml');
die(json_encode(true));
} else {
die(json_encode($lang['extraction_failed']));
}
}
die(json_encode($lang['folder_not_exists']));
break;
case 'chmod':
sleep(1);
// chmod the directories recursively
$npath = getcwd() . NAVIGATE_FOLDER;
if (!navigate_install_chmodr($npath, 0755)) {
die(json_encode($lang['chmod_failed']));
} else {
die(json_encode(true));
}
break;
case 'verify_database':
if ($_REQUEST['PDO_DRIVER'] == 'mysql' || $_REQUEST['PDO_DRIVER'] == 'mysql-socket') {
try {
$dsn = "mysql:host=" . $_REQUEST['PDO_HOSTNAME'] . ";port=" . $_REQUEST['PDO_PORT'] . ';charset=utf8';
if ($_REQUEST['PDO_DRIVER'] == "mysql-socket") {
$dsn = "mysql:unix_socket=" . $_REQUEST['PDO_SOCKET'] . ";charset=utf8";
}
$db_test = @new PDO($dsn, $_REQUEST['PDO_USERNAME'], $_REQUEST['PDO_PASSWORD']);
if (!$db_test) {
echo json_encode(array('error' => $lang['database_connect_error']));
} else {
$create_database_privilege = false;
$drop_database_privilege = false;
$stm = $db_test->query('SHOW DATABASES;');
$rs = $stm->fetchAll(PDO::FETCH_COLUMN, 'Database');
$rs = array_diff($rs, array('mysql', 'information_schema'));
$stm = $db_test->query('SHOW PRIVILEGES;');
$privileges = $stm->fetchAll(PDO::FETCH_ASSOC);
for ($p = 0; $p < count($privileges); $p++) {
if ($privileges[$p]['Privilege'] == 'Create') {
if (strpos($privileges[$p]['Context'], 'Databases') !== false) {
$create_database_privilege = true;
}
}
if ($privileges[$p]['Privilege'] == 'Drop') {
if (strpos($privileges[$p]['Context'], 'Databases') !== false) {
$drop_database_privilege = true;
}
}
}
if ($create_database_privilege && $drop_database_privilege) {
// check if we are really allowed to create databases
$dbname = 'navigate_test_' . time();
$create_result = $db_test->exec('CREATE DATABASE ' . $dbname);
if ($create_result) {
$db_test->exec('DROP DATABASE ' . $dbname);
}
if (!$create_result) {
$create_database_privilege = false;
}
}
$db_test = NULL;
echo json_encode(array('databases' => array_values($rs), 'create_database_privilege' => $create_database_privilege));
}
} catch (Exception $e) {
echo json_encode(array('error' => $e->getMessage()));
}
} else {
echo json_encode(array('error' => $lang['database_driver_error']));
}
exit;
break;
case 'database_create':
$DB = new database();
if (!$DB->connect()) {
// try to create the database automatically
if (PDO_DRIVER == 'mysql') {
if (PDO_DATABASE != '') {
if (PDO_HOSTNAME != "") {
$dsn = "mysql:host=" . PDO_HOSTNAME . ";port=" . PDO_PORT . ";charset=utf8";
} else {
$dsn = "mysql:unix_socket=" . PDO_SOCKET . ";charset=utf8";
}
$db_test = new PDO($dsn, PDO_USERNAME, PDO_PASSWORD);
$db_test->exec('CREATE DATABASE IF NOT EXISTS `' . PDO_DATABASE . '` DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;');
$db_test = NULL;
}
if (!$DB->connect()) {
echo json_encode(array('error' => $DB->get_last_error()));
} else {
echo json_encode(array('ok' => $lang['database_created']));
}
}
} else {
echo json_encode(array('ok' => $lang['database_exists']));
}
exit;
break;
case 'database_import':
$DB = new database();
if (!$DB->connect()) {
die(json_encode(array('error' => $DB->get_last_error())));
}
try {
$sql = file_get_contents('navigate.sql');
$sql = str_replace("{#!NAVIGATE_FOLDER!#}", NAVIGATE_PARENT . NAVIGATE_FOLDER, $sql);
$sql = explode("\n\n", $sql);
// can't do it in one step => SQLSTATE[HY000]: General error: 2014
foreach ($sql as $sqlline) {
$sqlline = trim($sqlline);
if (empty($sqlline)) {
continue;
}
if (!@$DB->execute($sqlline)) {
$error = $DB->get_last_error();
}
if (!empty($error)) {
break;
}
}
} catch (Exception $e) {
$error = $e->getMessage();
}
if (!empty($error) && false) {
echo json_encode(array('error' => $error));
} else {
echo json_encode(array('ok' => $lang['done']));
}
exit;
break;
case 'create_account':
// create admin
try {
$DB = new database();
if (!$DB->connect()) {
die(json_encode(array('error' => $DB->get_last_error())));
}
$user = new user();
$user->id = 0;
$user->username = $_SESSION['NAVIGATE-SETUP']['ADMIN_USERNAME'];
$user->set_password($_SESSION['NAVIGATE-SETUP']['ADMIN_PASSWORD']);
$user->email = $_SESSION['NAVIGATE-SETUP']['ADMIN_EMAIL'];
$user->profile = 1;
$user->skin = 'cupertino';
$user->language = $_SESSION['navigate_install_lang'];
$user->blocked = 0;
$user->timezone = 'UTC';
$user->date_format = 'Y-m-d H:i';
$user->decimal_separator = ',';
$user->thousands_separator = '';
$user->attempts = 0;
$user->cookie_hash = '';
$user->activation_key = '';
$ok = $user->insert();
if (!$ok) {
throw new Exception($lang['error']);
}
// create default website details
$website = new website();
$website->create_default();
$_SESSION['NAVIGATE-SETUP']['WEBSITE_DEFAULT'] = $website->id;
echo json_encode(array('ok' => $lang['done']));
} catch (Exception $e) {
echo json_encode(array('error' => $e->getMessage()));
}
exit;
break;
case 'install_default_theme':
try {
$DB = new database();
if (!$DB->connect()) {
die(json_encode(array('error' => $DB->get_last_error())));
}
if (@$_SESSION['NAVIGATE-SETUP']['DEFAULT_THEME'] == 'theme_kit') {
$website = new website();
$website->load($_SESSION['NAVIGATE-SETUP']['WEBSITE_DEFAULT']);
$website->theme = 'theme_kit';
$website->languages = array('en' => array('language' => 'en', 'variant' => '', 'code' => 'en', 'system_locale' => 'en_US.utf8'), 'es' => array('language' => 'es', 'variant' => '', 'code' => 'es', 'system_locale' => 'es_ES.utf8'));
$website->languages_published = array('en', 'es');
$website->save();
// default objects (first user, no events bound...)
$user = new user();
$user->load(1);
$events = new events();
$zip = new ZipArchive();
$zip_open_status = $zip->open(NAVIGATE_PATH . '/themes/theme_kit.zip');
if ($zip_open_status === TRUE) {
$zip->extractTo(NAVIGATE_PATH . '/themes/theme_kit');
$zip->close();
$theme = new theme();
$theme->load('theme_kit');
$theme->import_sample($website);
}
echo json_encode(array('ok' => $lang['done']));
} else {
// user does not want to install the default theme
echo json_encode(array('ok' => $lang['not_selected']));
}
} catch (Exception $e) {
echo json_encode(array('error' => $e->getMessage()));
}
exit;
break;
case 'apache_htaccess':
try {
$nvweb = dirname($_SERVER['REQUEST_URI']) . NAVIGATE_FOLDER . '/web/nvweb.php';
$nvweb = str_replace('//', '/', $nvweb);
$data = array();
$data[] = 'Options +FollowSymLinks';
$data[] = 'Options -Indexes';
$data[] = 'RewriteEngine On';
$data[] = 'RewriteBase /';
$data[] = 'RewriteCond %{REQUEST_FILENAME} !-f';
$data[] = 'RewriteCond %{REQUEST_FILENAME} !-d';
$data[] = 'RewriteRule ^(.+) ' . $nvweb . '?route=$1 [QSA]';
$data[] = 'RewriteRule ^$ ' . $nvweb . '?route=nv.empty [L,QSA]';
$ok = @file_put_contents(dirname(NAVIGATE_PATH) . '/.htaccess', implode("\n", $data));
if (!$ok) {
throw new Exception($lang['unexpected_error']);
}
echo json_encode('true');
} catch (Exception $e) {
echo json_encode(array('error' => $e->getMessage()));
}
exit;
break;
}
}
function run()
{
global $user;
global $layout;
global $website;
global $theme;
global $DB;
$out = '';
switch ($_REQUEST['act']) {
case 'theme_info':
echo '<iframe src="' . NAVIGATE_URL . '/themes/' . $_REQUEST['theme'] . '/' . $_REQUEST['theme'] . '.info.html' . '" scrolling="auto" frameborder="0" width="100%" height="100%"></iframe>';
core_terminate();
break;
case 'remove':
// check the theme is not actually used in any website
$usages = $DB->query_single('COUNT(*)', 'nv_websites', ' theme = ' . protect($_REQUEST['theme']));
if ($usages == 0) {
try {
$theme = new theme();
$theme->load($_REQUEST['theme']);
$status = $theme->delete();
echo json_encode($status);
} catch (Exception $e) {
echo $e->getMessage();
}
} else {
$status = t(537, "Can't remove the theme because it is currently being used by another website.");
echo $status;
}
core_terminate();
break;
/*
case 'export':
$out = themes_export_form();
break;
*/
/*
case 'export':
$out = themes_export_form();
break;
*/
case 'theme_sample_content_import':
try {
$theme->import_sample();
$layout->navigate_notification(t(374, "Item installed successfully."), false);
} catch (Exception $e) {
$layout->navigate_notification($e->getMessage(), true, true);
}
$themes = theme::list_available();
$out = themes_grid($themes);
break;
case 'theme_sample_content_export':
if (empty($_POST)) {
$out = themes_sample_content_export_form();
} else {
$categories = explode(',', $_POST['categories']);
$folder = $_POST['folder'];
$items = explode(',', $_POST['elements']);
$block_groups = explode(',', $_POST['block_groups']);
$blocks = explode(',', $_POST['blocks']);
$comments = explode(',', $_POST['comments']);
theme::export_sample($categories, $items, $block_groups, $blocks, $comments, $folder);
core_terminate();
}
break;
case 'install_from_hash':
$url = base64_decode($_GET['hash']);
if (!empty($url) && $user->permission("themes.install") == "true") {
$error = false;
parse_str(parse_url($url, PHP_URL_QUERY), $query);
$tmp_file = sys_get_temp_dir() . DIRECTORY_SEPARATOR . $query['code'] . '.zip';
@core_file_curl($url, $tmp_file);
if (@filesize($tmp_file) == 0) {
@unlink($tmp_file);
// core file curl failed, try using file_get_contents...
$tmp = @file_get_contents($url);
if (!empty($tmp)) {
@file_put_contents($tmp_file, $tmp);
}
unset($tmp);
}
if (@filesize($tmp_file) > 0) {
// uncompress ZIP and copy it to the themes dir
@mkdir(NAVIGATE_PATH . '/themes/' . $query['code']);
$zip = new ZipArchive();
$zip_open_status = $zip->open($tmp_file);
if ($zip_open_status === TRUE) {
$zip->extractTo(NAVIGATE_PATH . '/themes/' . $query['code']);
$zip->close();
$layout->navigate_notification(t(374, "Item installed successfully."), false);
} else {
$layout->navigate_notification('ERROR ' . $zip_open_status, true, true);
$error = true;
}
} else {
$layout->navigate_notification(t(56, 'Unexpected error'), true, true);
$error = true;
}
if ($error) {
$layout->add_content('
<div id="navigate_marketplace_install_from_hash_error">
<p>' . t(529, "It has not been possible to download the item you have just bought from the marketplace.") . '</p>
<p>' . t(530, "You have to visit your Marketplace Dashboard and download the file, then use the <strong>Install from file</strong> button you'll find in the actions bar on the right.") . '</p>
<p>' . t(531, "Sorry for the inconvenience.") . '</p>
<a class="uibutton" href="http://www.navigatecms.com/en/marketplace/dashboard" target="_blank"><span class="ui-icon ui-icon-extlink" style="float: left;"></span> ' . t(532, "Navigate CMS Marketplace") . '</a>
</div>
');
$layout->add_script('
$("#navigate_marketplace_install_from_hash_error").dialog({
modal: true,
title: "' . t(56, "Unexpected error") . '"
});
');
}
}
// don't break, we want to show the themes grid right now (theme_upload by browser upload won't trigger)
// don't break, we want to show the themes grid right now (theme_upload by browser upload won't trigger)
case 'theme_upload':
if (isset($_FILES['theme-upload']) && $_FILES['theme-upload']['error'] == 0 && $user->permission("themes.install") == "true") {
// uncompress ZIP and copy it to the themes dir
$tmp = trim(substr($_FILES['theme-upload']['name'], 0, strpos($_FILES['theme-upload']['name'], '.')));
$theme_name = filter_var($tmp, FILTER_SANITIZE_EMAIL);
if ($tmp != $theme_name) {
$layout->navigate_notification(t(344, 'Security error'), true, true);
} else {
@mkdir(NAVIGATE_PATH . '/themes/' . $theme_name);
$zip = new ZipArchive();
if ($zip->open($_FILES['theme-upload']['tmp_name']) === TRUE) {
$zip->extractTo(NAVIGATE_PATH . '/themes/' . $theme_name);
$zip->close();
$layout->navigate_notification(t(374, "Item installed successfully."), false);
} else {
$layout->navigate_notification(t(262, 'Error uploading file'), true, true);
}
}
}
// don't break, we want to show the themes grid right now
// don't break, we want to show the themes grid right now
case 'themes':
default:
if (@$_REQUEST['opt'] == 'install') {
$ntheme = new theme();
$ntheme->load($_REQUEST['theme']);
$website->theme = $ntheme->name;
if (!empty($ntheme->styles)) {
$nst = get_object_vars($ntheme->styles);
$nst = array_keys($nst);
if (!isset($website->theme_options) || empty($website->theme_options)) {
$website->theme_options = json_decode('{"style": ""}');
}
$website->theme_options->style = array_shift($nst);
} else {
if (!isset($website->theme_options) || empty($website->theme_options)) {
$website->theme_options = json_decode('{"style": ""}');
} else {
$website->theme_options->style = "";
}
}
try {
$website->update();
$layout->navigate_notification(t(374, "Item installed successfully."), false);
} catch (Exception $e) {
$layout->navigate_notification($e->getMessage(), true, true);
}
}
$themes = theme::list_available();
$out = themes_grid($themes);
break;
}
return $out;
}