$config = new Config();
date_default_timezone_set($config->timezone);
// Test wether an update should be done
if ($config->version !== Config::$versions[count(Config::$versions) - 1]) {
require_once INC_DIR . 'update.php';
update($config->version, Config::$versions[count(Config::$versions) - 1]);
header('location: index.php');
exit;
}
// Load Rain TPL
require_once INC_DIR . 'rain.tpl.class.php';
require_once INC_DIR . 'rewriting.class.php';
RainTPL::$tpl_dir = RELATIVE_TPL_DIR . $config->template;
RainTPL::$base_url = $config->base_url;
RewriteEngine::$rewrite_base = RainTPL::$base_url;
RainTPL::$rewriteEngine = new RewriteEngine();
$tpl = new RainTPL();
$tpl->assign('start_generation_time', microtime(true), RainTPL::RAINTPL_IGNORE_SANITIZE);
$tpl->assign('config', $config);
// CSRF protection
require_once INC_DIR . 'csrf.php';
// Sharing options
require_once INC_DIR . 'share.php';
// Manage users
require_once INC_DIR . 'users.php';
if (log_user_in() === false) {
$error = array();
$error['type'] = 'error';
$error['title'] = 'Login error';
$error['content'] = '<p>The provided username or password is incorrect.</p>';
$tpl->assign('error', $error, RainTPL::RAINTPL_IGNORE_SANITIZE);
/**
* Proceed to Freeder installation.
*/
function install()
{
global $default_timezone;
$current_user = get_current_user();
$tmp = install_dir('tmp');
if (!empty($tmp)) {
exit('Unable to create or write to tmp/ folder. Please check write permissions on this folder.');
}
$login = isset($_POST['login']) ? $_POST['login'] : '';
$timezone = isset($_POST['timezone']) ? $_POST['timezone'] : $default_timezone;
require_once INC_DIR . 'rain.tpl.class.php';
require_once INC_DIR . 'rewriting.class.php';
RainTPL::$tpl_dir = RELATIVE_TPL_DIR . DEFAULT_THEME . '/';
RainTPL::$base_url = dirname($_SERVER['SCRIPT_NAME']) . '/';
RewriteEngine::$rewrite_base = RainTPL::$base_url;
RainTPL::$rewriteEngine = new RewriteEngine();
$tpl = new RainTPL();
$tpl->assign('start_generation_time', microtime(true), RainTPL::RAINTPL_IGNORE_SANITIZE);
$tpl->assign('login', $login, RainTPL::RAINTPL_HTML_SANITIZE);
$tpl->assign('timezone', $timezone, RainTPL::RAINTPL_HTML_SANITIZE);
if ($err = RainTPL::$rewriteEngine->write_htaccess()) {
$error = array();
$error['type'] = 'error';
$error['title'] = 'Permissions error';
$error['content'] = 'Unable to create or write .htaccess file. Check the writing rights of Freeder root directory. The user who executes Freeder — ' . sanitize($current_user) . ' — should be able to write in this directory. You may prefer to create the .htaccess file on your own and allow ' . sanitize($current_user) . ' to write only in .htaccess instead of in the whole Freeder root.';
$tpl->assign('error', $error, RainTPL::RAINTPL_IGNORE_SANITIZE);
}
if (!empty($_POST['login']) && !empty($_POST['password']) && !empty($_POST['confirm_password']) && !empty($_POST['timezone'])) {
if ($_POST['confirm_password'] != $_POST['password']) {
$error = array();
$error['type'] = 'error';
$error['title'] = 'Password mismatch';
$error['content'] = 'Passwords do not match!';
} else {
$error = install_dir(DATA_DIR);
if (empty($error)) {
$error = install_db();
if (empty($error)) {
$_SESSION['user'] = new stdClass();
$_SESSION['user']->login = $_POST['login'];
$_SESSION['is_admin'] = 1;
header('location: index.php');
exit;
} else {
$tpl->assign('error', $error, RainTPL::RAINTPL_IGNORE_SANITIZE);
}
} else {
$tpl->assign('error', $error, RainTPL::RAINTPL_IGNORE_SANITIZE);
}
}
} else {
if (isset($_POST['login'])) {
$error = array();
$error['type'] = 'error';
$error['title'] = 'Incomplete installation form';
$error['content'] = 'You must fill every field.';
$tpl->assign('error', $error, RainTPL::RAINTPL_IGNORE_SANITIZE);
}
}
$tpl->draw('install');
exit;
}
