/**
* Creates the database tables necessary for the CMS to function
*
* @param array $menuPages The menu configuration array
* @return void
*/
public static function build_database()
{
// Loads necessary MySQL to build and populate the database
$file_array = array();
$var_arr = array();
$file_array[] = CMS_PATH . 'core/resources/sql/build_database.sql';
$file_array[] = CMS_PATH . 'core/resources/sql/build_table_pages.sql';
$file_array[] = CMS_PATH . 'core/resources/sql/build_table_entries.sql';
$file_array[] = CMS_PATH . 'core/resources/sql/build_table_categories.sql';
$file_array[] = CMS_PATH . 'core/resources/sql/build_table_entry_categories.sql';
$file_array[] = CMS_PATH . 'core/resources/sql/build_table_featured.sql';
$file_array[] = CMS_PATH . 'core/resources/sql/build_table_users.sql';
$file_array[] = CMS_PATH . 'core/resources/sql/build_table_comments.sql';
// If an admin is initializing the ECMS, create his or her account
if (DEV_PASS !== '') {
$filepath = CMS_PATH . 'core/resources/sql/insert_users_entry.sql';
// Create a salted hash of the password
$password_hash = AdminUtilities::createSaltedHash(DEV_PASS);
// Assign variables needed to properly parse the file
$var_arr = array($filepath => array('display' => DEV_DISPLAY_NAME, 'username' => DEV_USER_NAME, 'email' => DEV_EMAIL, 'vcode' => sha1(uniqid(time(), TRUE)), 'clearance' => DEV_CLEARANCE, 'password' => $password_hash));
// Add the file to the array
$file_array[] = $filepath;
}
// Load the files
$sql = Utilities::load_file($file_array, $var_arr);
// Execute the loaded queries
try {
$dsn = "mysql:host=" . DB_HOST . ";dbname=" . DB_NAME;
$db = new PDO($dsn, DB_USER, DB_PASS);
$db->query($sql);
} catch (Exception $e) {
ECMS_Error::log_exception($e);
}
}
public function verify_user()
{
// Store and clean the POST data
$this->_store_post_data();
// Make sure the username is valid
if (!SIV::validate($_POST['username'], SIV::USERNAME)) {
// Set error message
$this->_sdata->error = '0001';
} else {
if (!SIV::validate($_POST['display'], SIV::STRING)) {
// Set error message
$this->_sdata->error = '0002';
} else {
if (strlen($_POST['password']) < 8) {
// Set error message
$this->_sdata->error = '0003';
} else {
if ($_POST['password'] !== $_POST['verify-password']) {
// Set error message
$this->_sdata->error = '0004';
} else {
// Reset the error code
$this->_sdata->error = '0000';
// Grab cleaned data out of the temporary session data
$username = $this->_sdata->temp->username;
$display = $this->_sdata->temp->display;
$vcode = $this->_sdata->temp->vcode;
// Create a salted hash of the password
$password = AdminUtilities::createSaltedHash($_POST['password']);
}
}
}
}
// Check for errors
if ($this->_sdata->error !== '0000') {
// Bounce back to the verification form
header('Location: /admin/verify/' . $vcode);
exit;
}
// Define the update query
$sql = "UPDATE `" . DB_NAME . "`.`" . DB_PREFIX . "users`\n SET\n `username`=:username,\n `display`=:display,\n `password`=:password,\n `active`=1\n WHERE `vcode`=:vcode\n AND `active`=0\n LIMIT 1";
try {
$stmt = $this->db->prepare($sql);
$stmt->bindParam(':username', $username, PDO::PARAM_STR);
$stmt->bindParam(':display', $display, PDO::PARAM_STR);
$stmt->bindParam(':password', $password, PDO::PARAM_STR);
$stmt->bindParam(':vcode', $vcode, PDO::PARAM_STR);
$stmt->execute();
if ($stmt->errorCode() !== '00000') {
FB::error($e);
$err = $stmt->errorInfo();
ECMS_Error::log_exception(new Exception($err[2]));
}
$stmt->closeCursor();
$this->_sdata = NULL;
return TRUE;
} catch (Exception $e) {
ECMS_Error::log_exception($e);
}
}
static function buildDB($menuPages)
{
$mysqli = new mysqli(DB_HOST, DB_USER, DB_PASS, DB_NAME);
if ($mysqli->connect_errno) {
exit("Couldn't connect to the database." . $mysqli->connect_error());
}
$admin_u = DEV_NAME;
$admin_e = DEV_EMAIL;
$admin_p = AdminUtilities::createSaltedHash(DEV_PASS);
$sql = "CREATE DATABASE IF NOT EXISTS `" . DB_NAME . "`\n DEFAULT CHARACTER SET " . DEFAULT_CHARACTER_SET . " COLLATE " . DEFAULT_COLLATION . ";\n CREATE TABLE IF NOT EXISTS `" . DB_NAME . "`.`" . DB_PREFIX . "entryMgr`\n (\n `id` INT UNSIGNED NOT NULL PRIMARY KEY auto_increment,\n `page` VARCHAR(64) NOT NULL,\n `title` VARCHAR(255) DEFAULT NULL,\n `subhead` VARCHAR(75) DEFAULT NULL,\n `body` TEXT DEFAULT NULL,\n `img` VARCHAR(128) DEFAULT NULL,\n `imgcap` VARCHAR(128) DEFAULT NULL,\n `data1` VARCHAR(255) DEFAULT NULL,\n `data2` VARCHAR(255) DEFAULT NULL,\n `data3` VARCHAR(255) DEFAULT NULL,\n `data4` VARCHAR(255) DEFAULT NULL,\n `data5` VARCHAR(255) DEFAULT NULL,\n `data6` VARCHAR(255) DEFAULT NULL,\n `data7` VARCHAR(255) DEFAULT NULL,\n `data8` VARCHAR(255) DEFAULT NULL,\n `author` VARCHAR(64) DEFAULT '" . SITE_CONTACT_NAME . "',\n `created` INT(12),\n INDEX(`page`),\n INDEX(`created`),\n INDEX(`title`),\n FULLTEXT KEY `search` (`title`,`body`,`data2`)\n ) ENGINE=MYISAM CHARACTER SET " . DEFAULT_CHARACTER_SET . " COLLATE " . DEFAULT_COLLATION . ";\n CREATE TABLE IF NOT EXISTS `" . DB_NAME . "`.`" . DB_PREFIX . "adminMgr`\n (\n `id` INT UNSIGNED NOT NULL PRIMARY KEY auto_increment,\n `admin_u` VARCHAR(60) UNIQUE,\n `admin_e` VARCHAR(100) UNIQUE,\n `admin_p` VARCHAR(150) DEFAULT NULL,\n `admin_v` VARCHAR(150) NOT NULL,\n `is_admin` TINYINT(1) DEFAULT '0',\n INDEX(admin_v)\n ) ENGINE=MYISAM CHARACTER SET " . DEFAULT_CHARACTER_SET . " COLLATE " . DEFAULT_COLLATION . ";\n INSERT INTO `" . DB_NAME . "`.`" . DB_PREFIX . "entryMgr`\n (\n `page`, `title`, `body`, `img`, `imgcap`,\n `data2`, `data6`, `author`, `created`\n )\n VALUES\n (\n '" . DEFAULT_PAGE . "', 'Welcome to the ECMS!',\n '<p>You have successfully installed the " . "<a href=\"http://ennuicms.com/\">ECMS</a>.</p>" . "\r\n<p>To get started:</p>\r\n<ul>\r\n<li>" . "<a href=\"/admin\">Log in</a> using the username " . "and password you set up in the config files</li>\r\n" . "<li>Edit this entry to contain the content for your " . "site''s home page</li>\r\n<li>Add content to the " . "rest of the pages on your site</li>\r\n</ul>\r\n" . "<h2>HTML Element Style Test (h2)</h2>\r\n" . "<blockquote>\r\n<p>This is a blockquote. Putamus " . "lectores litterarum dynamicus facilisi dolore. " . "Facilisi qui zzril legunt nibh in. Nostrud nonummy " . "sequitur autem consequat ut. Assum tincidunt " . "vulputate gothica molestie veniam.</p>\r\n" . "</blockquote>\r\n<h3>H3 Element</h3>\r\n<p>Sed " . "consequat tempor ex formas dignissim. Lobortis " . "anteposuerit consectetuer consequat ullamcorper " . "dolore. Dolore imperdiet amet iis sed iriure. " . "Luptatum adipiscing lorem augue diam te. Cum autem " . "claritas tempor sed augue.</p>\r\n<h4>H4 Element" . "</h4>\r\n<ol>\r\n<li>This is an ordered list</li>" . "\r\n<li>Typi at doming usus lectores parum.</li>" . "\r\n<li>Parum quod legentis qui nonummy mirum. Nunc " . "quis consequat in seacula consectetuer.</li>\r\n" . "</ol>\r\n<h5>H5 Element</h5>\r\n<p>Parum quod " . "legentis qui nonummy mirum. Nunc quis consequat in " . "seacula consectetuer. Est humanitatis eros duis qui " . "quarta. Enim quod in aliquip placerat insitam. " . "Putamus consequat hendrerit demonstraverunt " . "eleifend claram. Videntur molestie typi hendrerit " . "duis qui.</p>\r\n<h6>H6 Element</h6>\r\n<p>Mazim ut " . "euismod formas amet in. Ex blandit nulla tincidunt " . "wisi consequat. Typi illum ad luptatum " . "Investigationes legentis.</p>',\n 'blog, entry, testing', 'welcome-to-the-ecms',\n 'Ennui Design', " . time() . "\n )\n ON DUPLICATE KEY UPDATE `created`=" . time() . ";";
if (DEV_PASS != '') {
$sql .= "INSERT INTO `" . DB_NAME . "`.`" . DB_PREFIX . "adminMgr`\n (`admin_u`, `admin_e`, `admin_p`, `admin_v`, `is_admin`)\n VALUES\n ('{$admin_u}', '{$admin_e}', '{$admin_p}', '" . sha1(time()) . "', '1')\n ON DUPLICATE KEY UPDATE `is_admin`=1;";
}
if (array_key_exists('blog', $menuPages)) {
$sql .= "\n CREATE TABLE IF NOT EXISTS `" . DB_NAME . "`.`" . DB_PREFIX . "blogCmnt`\n (\n `id` INT(5) PRIMARY KEY auto_increment,\n `bid` INT(5),\n `user` VARCHAR(60),\n `email` VARCHAR(100),\n `link` VARCHAR(100),\n `comment` TEXT,\n `timestamp` INT(12),\n `subscribe` TINYINT(1) DEFAULT '0',\n INDEX(bid),\n INDEX(timestamp),\n INDEX(subscribe)\n ) ENGINE=MYISAM CHARACTER SET " . DEFAULT_CHARACTER_SET . " COLLATE " . DEFAULT_COLLATION . ";";
}
if ($mysqli->multi_query($sql)) {
do {
if ($result = $mysqli->store_result()) {
echo "Table created.<br />\n";
$result->close();
}
} while ($mysqli->next_result());
} else {
exit('Database tables could not be created. ' . $mysqli->error());
}
$mysqli->close();
return true;
}
