function convert_board($step) { require './convert_db.php'; switch ($step) { default: $url = preg_replace('/install\\/?$/i', '', $this->server_url() . dirname($_SERVER['PHP_SELF'])); echo "<form action='{$this->self}?mode=convert&step=2' method='post'>\n\t\t\t\t<table border='0' cellpadding='4' cellspacing='0'>\n"; check_writeable_files(); include 'templates/convertfromforum.php'; include 'templates/convertfromdatabase.php'; include 'templates/converttodatabase.php'; include 'templates/convertboardsettings.php'; echo "<tr>\n <td class='subheader' colspan='2' align='center'><input type='submit' value='Continue' /></td>\n </tr>\n </table>\n </form>"; break; case 2: $oldboard = new qsfglobal(); $oldboard->db = new $this->modules['database']($this->post['old_db_host'], $this->post['old_db_user'], $this->post['old_db_pass'], $this->post['old_db_name'], $this->post['old_db_port'], $this->post['old_db_socket'], $this->post['old_prefix']); if (!$oldboard->db->connection) { echo "Couldn't connect to your old database using the specified information."; break; } $this->db = new $this->modules['database']($this->post['db_host'], $this->post['db_user'], $this->post['db_pass'], $this->post['db_name'], $this->post['db_port'], $this->post['db_socket'], $this->post['prefix']); if (!$this->db->connection) { echo "Couldn't connect to your new database using the specified information."; break; } if (!isset($this->post['old_forum']) || $this->post['old_forum'] == '') { echo "You have not selected a forum to convert from. Please go back and correct this error."; break; } $oldset['old_db_host'] = $this->post['old_db_host']; $oldset['old_db_user'] = $this->post['old_db_user']; $oldset['old_db_pass'] = $this->post['old_db_pass']; $oldset['old_db_name'] = $this->post['old_db_name']; $oldset['old_db_port'] = $this->post['old_db_port']; $oldset['old_db_socket'] = $this->post['old_db_socket']; $oldset['post_inc'] = $this->post['post_inc']; $oldset['old_prefix'] = trim(preg_replace('/[^a-zA-Z0-9_]/', '', $this->post['old_prefix'])); $oldset['converted'] = '0'; if (!$this->write_olddb_sets($oldset)) { echo 'The old database connection was ok, but convert_db.php in the install directory could not be updated.<br /><br />CHMOD convert_db.php to 666. Then press the back button and try again.'; break; } $this->sets['db_host'] = $this->post['db_host']; $this->sets['db_user'] = $this->post['db_user']; $this->sets['db_pass'] = $this->post['db_pass']; $this->sets['db_name'] = $this->post['db_name']; $this->sets['db_port'] = $this->post['db_port']; $this->sets['db_socket'] = $this->post['db_socket']; $this->sets['prefix'] = trim(preg_replace('/[^a-zA-Z0-9_]/', '', $this->post['prefix'])); if (get_magic_quotes_gpc()) { $this->unset_magic_quotes_gpc($this->get); $this->unset_magic_quotes_gpc($this->post); $this->unset_magic_quotes_gpc($this->cookie); } $this->sets['installed'] = 1; if (!$this->write_db_sets('../settings.php')) { echo 'The new database connection was ok, but settings.php could not be updated.<br /><br />CHMOD settings.php to 666.'; break; } if (!is_readable('./data_tables.php')) { echo 'New database connected, settings written, but no data could be loaded from data_tables.php'; break; } if (!is_readable(SKIN_FILE)) { echo 'New database connected, settings written, but no templates could be loaded from ' . SKIN_FILE; break; } $queries = array(); $pre = $this->sets['prefix']; $this->pre = $this->sets['prefix']; include './data_tables.php'; execute_queries($queries, $this->db); $queries = NULL; // Create template $xmlInfo = new xmlparser(); $xmlInfo->parse(SKIN_FILE); $templatesNode = $xmlInfo->GetNodeByPath('QSFMOD/TEMPLATES'); packageutil::insert_templates('default', $this->db, $templatesNode); unset($templatesNode); $xmlInfo = null; $this->pre = $this->sets['prefix']; $this->sets = $this->get_settings($this->sets); $this->sets['loc_of_board'] = $this->post['board_url']; $this->sets['forum_name'] = $this->post['board_name']; $this->write_sets(); echo "<meta http-equiv='Refresh' content='0;URL={$this->post['old_forum']}'>"; break; } }
function upgrade_site($step) { switch ($step) { default: echo "<form action='{$this->self}?mode=upgrade&step=2' method='post'>\n\t\t\t <div class='article'>\n\t\t\t <div class='title'>Upgrade Sandbox</div>\n\t\t\t <div class='subtitle'>Directory Permissions</div>"; check_writeable_files(); $dbt = 'db_' . $this->settings['db_type']; $db = new $dbt($this->settings['db_name'], $this->settings['db_user'], $this->settings['db_pass'], $this->settings['db_host'], $this->settings['db_pre']); if (!$db->db) { echo '<br /><br />A connection to the database could not be established. Please check your settings.php file to be sure it has the correct information.'; break; } $this->db = $db; // Need to do this before anything else. $coms = $this->db->quick_query("SELECT COUNT(*) count FROM INFORMATION_SCHEMA.COLUMNS WHERE table_schema = '{$this->settings['db_name']}' AND table_name = '%psettings'"); if ($coms['count'] < 3) { $this->db->dbquery("ALTER TABLE %psettings ADD settings_version smallint(2) NOT NULL default '1' AFTER settings_id"); } $this->settings = $this->load_settings($this->settings); $v_message = 'To determine what version you are running, check the bottom of your AdminCP page. Or check the CHANGELOG file and look for the latest revision mentioned there.'; if (isset($this->settings['app_version'])) { $v_message = 'The upgrade script has determined you are currently using ' . $this->settings['app_version']; } echo "<br /><br /><strong>{$v_message}</strong>"; if (isset($this->settings['app_version']) && $this->settings['app_version'] == $this->version) { echo "<br /><br /><strong>The detected version of Sandbox is the same as the version you are trying to upgrade to. The upgrade cannot be processed.</strong>"; } else { echo "\t<div class='title' style='text-align:center'>Upgrade from what version?</div>\n\n\t\t\t\t\t<span class='field'><input type='radio' name='from' value='2.3' id='230' /></span>\n\t\t\t\t\t<span class='form'><label for='230'>Sandbox 2.3</label></span>\n\t\t\t\t\t<p class='line'></p>\n\n\t\t\t\t\t<span class='field'><input type='radio' name='from' value='2.2' id='220' /></span>\n\t\t\t\t\t<span class='form'><label for='220'>Sandbox 2.2</label></span>\n\t\t\t\t\t<p class='line'></p>\n\n\t\t\t\t\t<span class='field'><input type='radio' name='from' value='2.1' id='210' /></span>\n\t\t\t\t\t<span class='form'><label for='210'>Sandbox 2.1</label></span>\n\t\t\t\t\t<p class='line'></p>\n\n\t\t\t\t\t<span class='field'><input type='radio' name='from' value='2.0.7' id='207' /></span>\n\t\t\t\t\t<span class='form'><label for='207'>Sandbox 2.0 thru 2.0.7</label></span>\n\t\t\t\t\t<p class='line'></p>\n\n\t\t\t\t\t<span class='field'><input type='radio' name='from' value='1.8' id='180' /></span>\n\t\t\t\t\t<span class='form'><label for='180'>Sandbox 1.8</label></span>\n\t\t\t\t\t<p class='line'></p>\n\n\t\t\t\t\t<div style='text-align:center'>\n\t\t\t\t\t <input type='submit' value='Continue' />\n\t\t\t\t\t <input type='hidden' name='mode' value='upgrade' />\n\t\t\t\t\t <input type='hidden' name='step' value='2' />\n\t\t\t\t\t</div>"; } echo " </div>\n\t\t\t </form>\n"; break; case 2: echo "<div class='article'>\n\t\t\t \t\t<div class='title'>Upgrade Sandbox</div>"; $dbt = 'db_' . $this->settings['db_type']; $db = new $dbt($this->settings['db_name'], $this->settings['db_user'], $this->settings['db_pass'], $this->settings['db_host'], $this->settings['db_pre']); if (!$db->db) { echo '<br />A connection to the database could not be established. Please check your settings.php file to be sure it has the correct information.'; break; } $this->db = $db; $this->settings = $this->load_settings($this->settings); // Missing breaks are deliberate. Upgrades from older versions need to step through all of this. switch ($this->post['from']) { case '1.8': // 1.8 to 2.0 $this->settings['sidebar_images'] = true; // Need to grab the owner user before embarking. $owner = $this->db->quick_query("SELECT user_id, user_name, user_isowner FROM %pusers WHERE user_isowner=1 LIMIT 1"); if (!isset($owner['user_id'])) { echo '<br />No user is assigned as the site owner! Cannot continue with upgrade.'; break; } $queries[] = "CREATE TABLE %pactive (\n\t\t\t\t\t\t \tactive_action varchar(50) NOT NULL,\n\t\t\t\t\t\t \tactive_time int(10) unsigned NOT NULL,\n\t\t\t\t\t\t \tactive_ip varchar(15) NOT NULL,\n\t\t\t\t\t\t \tactive_user_agent varchar(100) NOT NULL,\n\t\t\t\t\t\t\tPRIMARY KEY (active_ip)\n\t\t\t\t\t \t) ENGINE=MyISAM DEFAULT CHARSET=utf8"; $queries[] = "CREATE TABLE %prandom_quotes (\n\t\t\t\t\t\t \tquote_id int(10) unsigned NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t\t \tquote_text text,\n\t\t\t\t\t\t \tPRIMARY KEY (quote_id)\n\t\t\t\t\t \t) ENGINE=MyISAM DEFAULT CHARSET=utf8"; $queries[] = "CREATE TABLE %pspam (\n\t\t\t\t\t\t \tspam_id int(12) unsigned NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t\t\tspam_post int(12) unsigned NOT NULL,\n\t\t\t\t\t\t\tspam_author varchar(30) NOT NULL,\n\t\t\t\t\t\t \tspam_ip varchar(15) NOT NULL,\n\t\t\t\t\t\t \tspam_url varchar(100) DEFAULT NULL,\n\t\t\t\t\t\t \tspam_message text NOT NULL,\n\t\t\t\t\t\t\tspam_date int(10) unsigned NOT NULL,\n\t\t\t\t\t\t\tspam_server text NOT NULL,\n\t\t\t\t\t\t \tspam_type int(10) unsigned NOT NULL DEFAULT '0',\n\t\t\t\t\t\t\tspam_user int(10) unsigned NOT NULL DEFAULT '1',\n\t\t\t\t\t\t \tPRIMARY KEY (spam_id),\n\t\t\t\t\t\t \tKEY spam_post (spam_post)\n\t\t\t\t\t\t) ENGINE=MyISAM DEFAULT CHARSET=utf8"; $queries[] = "DROP TABLE IF EXISTS %ptemplates"; $queries[] = "ALTER TABLE %pblogcats CHANGE cat_name cat_name varchar(50) NOT NULL DEFAULT ''"; $queries[] = "ALTER TABLE %pblogposts ADD post_image varchar(50) NOT NULL DEFAULT '' AFTER post_comment_count"; $queries[] = "ALTER TABLE %pblogposts CHANGE post_description post_summary varchar(255) DEFAULT NULL"; $queries[] = 'ALTER TABLE %pblogcomments CHANGE comment_post comment_post int(12) unsigned NOT NULL'; $queries[] = "ALTER TABLE %pblogcomments ADD comment_editedby varchar(30) DEFAULT '' AFTER comment_author"; $queries[] = "ALTER TABLE %pblogcomments ADD comment_editdate int(10) unsigned NOT NULL DEFAULT '0' AFTER comment_date"; $queries[] = "ALTER TABLE %pblogcomments ADD comment_user int(10) unsigned NOT NULL DEFAULT '1' AFTER comment_post"; $queries[] = "ALTER TABLE %pblogcomments ADD comment_type tinyint(2) unsigned NOT NULL DEFAULT '0' AFTER comment_editdate"; $queries[] = 'ALTER TABLE %pblogcomments ADD comment_referrer tinytext AFTER comment_type'; $queries[] = 'ALTER TABLE %pblogcomments ADD comment_agent tinytext AFTER comment_referrer'; $queries[] = 'ALTER TABLE %pblogcomments DROP COLUMN comment_url'; $queries[] = "ALTER TABLE %pfilefolders CHANGE folder_parent folder_parent int(11) NOT NULL DEFAULT '0'"; $queries[] = "ALTER TABLE %pfilefolders CHANGE folder_protected folder_hidden tinyint(1) NOT NULL DEFAULT '0'"; $queries[] = "ALTER TABLE %pfilefolders CHANGE folder_password folder_password varchar(33) NOT NULL DEFAULT ''"; $queries[] = "ALTER TABLE %pfilefolders ADD folder_summary varchar(255) DEFAULT '' AFTER folder_name"; $queries[] = "ALTER TABLE %pfilefolders ADD folder_tree varchar(255) NOT NULL DEFAULT '' AFTER folder_summary"; $queries[] = 'ALTER TABLE %pfilelist CHANGE file_filename file_filename varchar(100) NOT NULL'; $queries[] = 'ALTER TABLE %pfilelist ADD file_summary text AFTER file_filename'; $queries[] = "ALTER TABLE %pfilelist ADD file_img_ext varchar(5) DEFAULT '' AFTER file_summary"; $queries[] = "ALTER TABLE %pfilelist CHANGE file_md5name file_md5name varchar(33) NOT NULL DEFAULT ''"; $queries[] = "ALTER TABLE %pfilelist CHANGE file_type file_type varchar(4) NOT NULL DEFAULT ''"; $queries[] = "ALTER TABLE %pfilelist ADD file_comment_count int(10) unsigned NOT NULL DEFAULT '0' AFTER file_downloaded"; $queries[] = "ALTER TABLE %pfilelist ADD file_flags int(10) unsigned NOT NULL DEFAULT '0' AFTER file_comment_count"; $queries[] = "ALTER TABLE %pfilelist CHANGE file_adddate file_date int(10) unsigned NOT NULL DEFAULT '0'"; $queries[] = 'ALTER TABLE %ppages CHANGE page_id page_id int(10) unsigned NOT NULL AUTO_INCREMENT'; $queries[] = "ALTER TABLE %pphotofolders CHANGE folder_parent folder_parent int(11) NOT NULL DEFAULT '0'"; $queries[] = "ALTER TABLE %pphotofolders CHANGE folder_protected folder_hidden tinyint(1) NOT NULL DEFAULT '0'"; $queries[] = "ALTER TABLE %pphotofolders CHANGE folder_password folder_password varchar(33) NOT NULL DEFAULT ''"; $queries[] = "ALTER TABLE %pphotofolders ADD folder_summary varchar(255) DEFAULT '' AFTER folder_name"; $queries[] = "ALTER TABLE %pphotofolders ADD folder_tree varchar(255) NOT NULL DEFAULT '' AFTER folder_summary"; $queries[] = "ALTER TABLE %pphotogallery CHANGE photo_caption photo_caption varchar(50) NOT NULL DEFAULT ''"; $queries[] = "ALTER TABLE %pphotogallery CHANGE photo_md5name photo_md5name varchar(33) NOT NULL DEFAULT ''"; $queries[] = "ALTER TABLE %pphotogallery ADD photo_flags int(10) unsigned NOT NULL DEFAULT '0' AFTER photo_adddate"; $queries[] = "ALTER TABLE %pphotogallery ADD photo_comment_count int(10) unsigned NOT NULL DEFAULT '0' AFTER photo_flags"; $queries[] = "ALTER TABLE %pphotogallery ADD photo_summary varchar(255) DEFAULT '' AFTER photo_caption"; $queries[] = "ALTER TABLE %pphotogallery CHANGE photo_adddate photo_date int(10) unsigned NOT NULL DEFAULT '0'"; $queries[] = "ALTER TABLE %pusers CHANGE user_password user_password varchar(64) NOT NULL DEFAULT ''"; $queries[] = "ALTER TABLE %pusers CHANGE user_icon user_icon varchar(30) DEFAULT 'Anonymous.png'"; $queries[] = "ALTER TABLE %pusers ADD user_email varchar(100) NOT NULL DEFAULT '' AFTER user_password"; $queries[] = "ALTER TABLE %pusers ADD user_url varchar(100) DEFAULT '' AFTER user_email"; $queries[] = "ALTER TABLE %pusers ADD user_stylesheet varchar(100) DEFAULT '' AFTER user_url"; $queries[] = "ALTER TABLE %pusers ADD user_level smallint(2) unsigned NOT NULL DEFAULT '2' AFTER user_stylesheet"; $queries[] = "ALTER TABLE %pusers ADD user_perms smallint(4) unsigned NOT NULL DEFAULT '7' AFTER user_level"; $queries[] = "ALTER TABLE %pusers ADD user_joined int(10) unsigned DEFAULT '0' AFTER user_perms"; $queries[] = "ALTER TABLE %pusers ADD user_ip varchar(15) NOT NULL DEFAULT '127.0.0.1' AFTER user_joined"; $queries[] = 'ALTER TABLE %pusers DROP COLUMN user_isowner'; // Update any blank icons lurking about. $queries[] = "UPDATE %pusers SET user_icon='Anonymous.png' WHERE user_icon=''"; // Promote the site owner to admin level and also assign them the site admin email address. $email = $this->settings['email_adm']; $id = $owner['user_id']; $queries[] = "UPDATE %pusers SET user_level=5, user_perms=7, user_email='{$email}' WHERE user_id={$id}"; $this->settings['footer_text'] = ''; $this->settings['copyright_terms'] = ''; $this->settings['sidebar_comments_count'] = 5; $this->settings['sidebar_images_count'] = 5; $this->settings['wordpress_api_key'] = ''; $this->settings['twitter_user'] = ''; $this->settings['rss_image_url'] = ''; $this->settings['global_announce'] = ''; unset($this->settings['dir_uploads']); unset($this->settings['dir_downloads']); unset($this->settings['dir_gallery']); unset($this->settings['dir_thumbnails']); unset($this->settings['dir_posticons']); case '2.0.7': // 2.0-2.0.7 to 2.1 $queries[] = 'ALTER TABLE %pactive CHANGE active_ip active_ip varchar(40) NOT NULL'; $queries[] = 'ALTER TABLE %pblogcomments CHANGE comment_ip comment_ip varchar(40) NOT NULL'; $queries[] = 'ALTER TABLE %pblogcomments CHANGE comment_message comment_message mediumtext NOT NULL'; $queries[] = 'ALTER TABLE %pblogposts CHANGE post_text post_text mediumtext NOT NULL'; $queries[] = 'ALTER TABLE %pfilelist ADD file_version varchar(10) AFTER file_img_ext'; $queries[] = 'ALTER TABLE %ppages CHANGE page_content page_content mediumtext NOT NULL'; $queries[] = 'ALTER TABLE %pspam CHANGE spam_message spam_message mediumtext NOT NULL'; $queries[] = 'ALTER TABLE %pspam CHANGE spam_ip spam_ip varchar(40) NOT NULL'; $queries[] = 'ALTER TABLE %pusers CHANGE user_ip user_ip varchar(40) NOT NULL'; $this->settings['blog_commentsperpage'] = 50; $this->settings['download_size'] = 0; case '2.1': // 2.1 to 2.2 $this->settings['anonymous_comments'] = true; // They were always on before, this continues behavior for existing sites $this->settings['global_comments'] = true; $queries[] = "CREATE TABLE %pemoticons (\n\t\t\t\t\t\t emote_id int(10) unsigned NOT NULL auto_increment,\n\t\t\t\t\t\t emote_string varchar(15) NOT NULL default '',\n\t\t\t\t\t\t emote_image varchar(255) NOT NULL default '',\n\t\t\t\t\t\t emote_clickable tinyint(1) unsigned NOT NULL default '1',\n\t\t\t\t\t\t PRIMARY KEY (emote_id)\n\t\t\t\t\t\t) ENGINE=MyISAM DEFAULT CHARSET=utf8"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':alien:', 'alien.png', 1 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':biggrin:', 'biggrin.gif', 1 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':blues:', 'blues.png', 1 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':cool:', 'cool.gif', 1 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':cry:', 'cry.gif', 1 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':cyclops:', 'cyclops.png', 1 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':devil:', 'devil.png', 1 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':evil:', 'evil.gif', 1 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':ghostface:', 'ghostface.png', 1 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':grinning:', 'grinning.png', 1 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':lol:', 'lol.gif', 1 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':mad:', 'angry.png', 1 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':redface:', 'redface.gif', 1 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':robot:', 'robot.gif', 1 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':rolleyes:', 'rolleyes.gif', 1 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':sad:', 'sad.png', 1 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':smile:', 'smile.gif', 1 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':stare:', 'stare.png', 1 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':surprised:', 'surprised.gif', 1 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':thinking:', 'thinking.gif', 1 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':tongue:', 'tongue.png', 1 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':unclesam:', 'unclesam.png', 1 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':wink:', 'wink.png', 1 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':huh:', 'huh.gif', 1 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':blink:', 'blink.gif', 1 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':facepalm:', 'facepalm.gif', 1 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':whistle:', 'whistle.gif', 1 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':sick:', 'sick.gif', 1 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':headbang:', 'headbang.gif', 1 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':innocent:', 'innocent.png', 1 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':crazy:', 'crazy.gif', 1 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':rofl:', 'rofl.gif', 1 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':lmao:', 'lmao.gif', 1 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':shrug:', 'shrug.gif', 1 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':ninja:', 'ninja.gif', 1 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':nuke:', 'nuke.gif', 1 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':wub:', 'wub.png', 1 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':imp:', 'imp.png', 1 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':banana:', 'dancingbanana.gif', 1 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':cricket:', 'cricket.png', 1 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':(', 'sad.png', 0 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':P', 'tongue.png', 0 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (';)', 'wink.png', 0 )"; $queries[] = "INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':)', 'smile.gif', 0 )"; case '2.2': // 2.2 to 2.3 $this->settings['site_tagline'] = ''; case '2.3': // 2.3 to 2.3.1 $this->settings['mobile_icons'] = ''; $queries[] = 'ALTER TABLE %pactive CHANGE active_user_agent active_user_agent varchar(255) NOT NULL'; default: break; } execute_queries($queries, $this->db); // Ugly hack of a special case because the Anonymous user never existed before now. How does that even happen? if ($this->settings['app_version'] < 2.3) { $uid = $this->db->quick_query('SELECT user_id FROM %pusers WHERE user_id=1'); if (!isset($uid['user_id'])) { $this->db->dbquery("INSERT INTO %pusers (user_id, user_name, user_level, user_perms, user_icon)\n\t\t\t\t\t\t\tVALUES( 1, 'Anonymous', 1, 0, 'Anonymous.png' )"); } else { $top_user = $this->db->quick_query('SELECT user_id, user_name FROM %pusers ORDER BY user_id DESC LIMIT 1'); $new_id = $top_user['user_id'] + 1; $name = $top_user['user_name']; $this->db->dbquery("UPDATE %pblogcomments SET comment_user=%d WHERE comment_user=1 AND comment_author='%s'", $new_id, $name); $this->db->dbquery("UPDATE %pblogposts SET post_user=%d WHERE post_user=1", $new_id); $this->db->dbquery("UPDATE %pfilefolders SET folder_user=%d WHERE folder_user=1", $new_id); $this->db->dbquery("UPDATE %pfilelist SET file_user=%d WHERE file_user=1", $new_id); $this->db->dbquery("UPDATE %ppages SET page_user=%d WHERE page_user=1", $new_id); $this->db->dbquery("UPDATE %pphotofolders SET folder_user=%d WHERE folder_user=1", $new_id); $this->db->dbquery("UPDATE %pphotogallery SET photo_user=%d WHERE photo_user=1", $new_id); $this->db->dbquery("UPDATE %pusers SET user_id=%d WHERE user_id=1 AND user_name='%s'", $new_id, $name); $this->db->dbquery("INSERT INTO %pusers (user_id, user_name, user_level, user_perms, user_icon)\n\t\t\t\t\t\t\tVALUES( 1, 'Anonymous', 1, 0, 'Anonymous.png' )"); } } $this->settings['app_version'] = $this->version; $this->save_settings(); echo "<div class='title'>Upgrade Successful</div>\n\t\t\t\t\tYou can <a href=\"../index.php\">return to your site</a> now.<br /><br />\n\t\t\t\t <span style='color:red'>Please DELETE THE INSTALL DIRECTORY NOW for security purposes!!</span>\n\t\t\t\t</div>"; break; } }
function install_board($step) { switch ($step) { default: $url = preg_replace('/install\\/?$/i', '', $this->server_url() . dirname($_SERVER['PHP_SELF'])); echo "<form action='{$this->self}?mode=new_install&step=2' method='post'>\n <table border='0' cellpadding='4' cellspacing='0'>\n"; check_writeable_files(); include 'templates/newdatabase.php'; include 'templates/newboardsettings.php'; include 'templates/newadmin.php'; include 'templates/newseeddata.php'; echo "<tr>\n <td class='subheader' colspan='2' align='center'><input type='submit' value='Continue' /></td>\n </tr>\n </table>\n </form>"; break; case 2: $db = new $this->modules['database']($this->post['db_host'], $this->post['db_user'], $this->post['db_pass'], $this->post['db_name'], $this->post['db_port'], $this->post['db_socket'], $this->post['prefix']); if (!$db->connection) { echo "Couldn't connect to a database using the specified information."; break; } $this->db =& $db; $this->sets['db_host'] = $this->post['db_host']; $this->sets['db_user'] = $this->post['db_user']; $this->sets['db_pass'] = $this->post['db_pass']; $this->sets['db_name'] = $this->post['db_name']; $this->sets['db_port'] = $this->post['db_port']; $this->sets['db_socket'] = $this->post['db_socket']; $this->sets['prefix'] = trim(preg_replace('/[^a-zA-Z0-9_]/', '', $this->post['prefix'])); if (!$this->write_db_sets('../settings.php') && !isset($this->post['downloadsettings'])) { echo "The database connection was ok, but settings.php could not be updated.<br />\n"; echo "You can CHMOD settings.php to 0666 and hit reload to try again<br/>\n"; echo "Or you can force the install to continue and download the new settings.php file "; echo "so you can later place it on the website manually<br/>\n"; echo "<form action=\"{$this->self}?mode=new_install&step=2\" method=\"post\">\n\n\t\t\t\t\t<input type=\"hidden\" name=\"downloadsettings\" value=\"yes\" />\n\n\t\t\t\t\t<input type=\"hidden\" name=\"db_host\" value=\"" . htmlspecialchars($this->post['db_host']) . "\" />\n\n\t\t\t\t\t<input type=\"hidden\" name=\"db_name\" value=\"" . htmlspecialchars($this->post['db_name']) . "\" />\n\n\t\t\t\t\t<input type=\"hidden\" name=\"db_user\" value=\"" . htmlspecialchars($this->post['db_user']) . "\" />\n\n\t\t\t\t\t<input type=\"hidden\" name=\"db_pass\" value=\"" . htmlspecialchars($this->post['db_pass']) . "\" />\n\n\t\t\t\t\t<input type=\"hidden\" name=\"db_port\" value=\"" . htmlspecialchars($this->post['db_port']) . "\" />\n\n\t\t\t\t\t<input type=\"hidden\" name=\"db_socket\" value=\"" . htmlspecialchars($this->post['db_socket']) . "\" />\n\n\t\t\t\t\t<input type=\"hidden\" name=\"prefix\" value=\"" . htmlspecialchars($this->post['prefix']) . "\" />\n\n\t\t\t\t\t<input type=\"hidden\" name=\"board_name\" value=\"" . htmlspecialchars($this->post['board_name']) . "\" />\n\n\t\t\t\t\t<input type=\"hidden\" name=\"board_url\" value=\"" . htmlspecialchars($this->post['board_url']) . "\" />\n\n\t\t\t\t\t<input type=\"hidden\" name=\"admin_name\" value=\"" . htmlspecialchars($this->post['admin_name']) . "\" />\n\n\t\t\t\t\t<input type=\"hidden\" name=\"admin_pass\" value=\"" . htmlspecialchars($this->post['admin_pass']) . "\" />\n\n\t\t\t\t\t<input type=\"hidden\" name=\"admin_pass2\" value=\"" . htmlspecialchars($this->post['admin_pass2']) . "\" />\n\n\t\t\t\t\t<input type=\"hidden\" name=\"admin_email\" value=\"" . htmlspecialchars($this->post['admin_email']) . "\" />\n\n\t\t\t\t\t"; if (isset($this->post['seed_data']) && $this->post['seed_data']) { echo "<input type=\"hidden\" name=\"seed_data\" value=\"yes\" />\n"; } echo "<input type=\"submit\" value=\"Force Install\" />\n\t\t\t\t\t</form>\n\t\t\t\t\t "; break; } $filename = './' . $this->sets['dbtype'] . '_data_tables.php'; if (!is_readable($filename)) { echo 'Database connected, settings written, but no tables could be loaded from file: ' . $filename; break; } if (!is_readable(SKIN_FILE)) { echo 'Database connected, settings written, but no templates could be loaded from file: ' . SKIN_FILE; break; } if (trim($this->post['admin_name']) == '' || trim($this->post['admin_pass']) == '' || trim($this->post['admin_email']) == '') { echo 'You have not specified an admistrator account. Please go back and correct this error.'; break; } if ($this->post['admin_pass'] != $this->post['admin_pass2']) { echo 'Your administrator passwords do not match. Please go back and correct this error.'; break; } if (isset($this->post['seed_data']) && $this->post['seed_data'] && !is_readable('./seed_data.php')) { echo 'Database connected, settings written, but no seed data could be loaded from file: seed_data.php'; break; } $queries = array(); $pre = $this->sets['prefix']; $this->pre = $this->sets['prefix']; // Create tables include './' . $this->sets['dbtype'] . '_data_tables.php'; execute_queries($queries, $db); $queries = null; // Create template $xmlInfo = new xmlparser(); $xmlInfo->parse(SKIN_FILE); $templatesNode = $xmlInfo->GetNodeByPath('QSFMOD/TEMPLATES'); packageutil::insert_templates('default', $this->db, $templatesNode); unset($templatesNode); $xmlInfo = null; $this->sets = $this->get_settings($this->sets); $this->sets['loc_of_board'] = $this->post['board_url']; $this->sets['forum_name'] = $this->post['board_name']; $this->post['admin_pass'] = md5($this->post['admin_pass']); if (get_magic_quotes_gpc()) { $this->unset_magic_quotes_gpc($this->get); $this->unset_magic_quotes_gpc($this->post); $this->unset_magic_quotes_gpc($this->cookie); } $this->post['admin_name'] = str_replace(array('&#', '\''), array('&#', '''), htmlspecialchars($this->post['admin_name'])); $this->db->query("INSERT INTO %pusers (user_name, user_password, user_group, user_title, user_title_custom, user_joined, user_email, user_timezone)\n\t\t\t\tVALUES ('%s', '%s', %d, 'Administrator', 1, %d, '%s', %d)", $this->post['admin_name'], $this->post['admin_pass'], USER_ADMIN, $this->time, $this->post['admin_email'], $this->sets['servertime']); $admin_uid = $this->db->insert_id("users"); $this->sets['last_member'] = $this->post['admin_name']; $this->sets['last_member_id'] = $admin_uid; $this->sets['admin_incoming'] = $this->post['admin_email']; $this->sets['admin_outgoing'] = $this->post['admin_email']; $this->sets['members']++; $this->sets['installed'] = 1; if (isset($this->post['seed_data']) && $this->post['seed_data']) { include './seed_data.php'; // Create Category $categoryId = $this->create_forum($categoryName, $categoryDesc, 0); // Create Forum $forumId = $this->create_forum($forumName, $forumDesc, $categoryId); // Create Topic $this->db->query("INSERT INTO %ptopics (topic_title, topic_forum, topic_description, topic_starter, topic_icon, topic_posted, topic_edited, topic_last_poster, topic_modes) \n\t\t\t\t\tVALUES ('%s', %d, '%s', %d, '%s', %d, %d, %d, %d)", $topicName, $forumId, $topicDesc, $admin_uid, $topicIcon, $this->time, $this->time, $admin_uid, TOPIC_PUBLISH); $topicId = $this->db->insert_id("topics"); // Create Post $this->db->query("INSERT INTO %pposts (post_topic, post_author, post_text, post_time, post_emoticons, post_mbcode, post_ip, post_icon)\n\t\t\t\t\tVALUES (%d, %d, '%s', %d, 1, 1, INET_ATON('%s'), '%s')", $topicId, $admin_uid, $topicPost, $this->time, $this->ip, $topicIcon); $postId = $this->db->insert_id("posts"); $this->db->query("UPDATE %ptopics SET topic_last_post=%d WHERE topic_id=%d", $postId, $topicId); $this->db->query("UPDATE %pusers SET user_posts=user_posts+1, user_lastpost=%d WHERE user_id=%d", $this->time, $admin_uid); $this->db->query("UPDATE %pforums SET forum_topics=forum_topics+1, forum_lastpost=%d WHERE forum_id=%d", $postId, $forumId); $this->sets['topics']++; $this->sets['posts']++; } $writeSetsWorked = $this->write_db_sets('../settings.php'); $this->write_sets(); if (version_compare(PHP_VERSION, "5.2.0", "<")) { setcookie($this->sets['cookie_prefix'] . 'user', $admin_uid, $this->time + $this->sets['logintime'], $this->sets['cookie_path'], $this->sets['cookie_domain'] . '; HttpOnly', $this->sets['cookie_secure']); setcookie($this->sets['cookie_prefix'] . 'pass', $this->post['admin_pass'], $this->time + $this->sets['logintime'], $this->sets['cookie_path'], $this->sets['cookie_domain'] . '; HttpOnly', $this->sets['cookie_secure']); } else { setcookie($this->sets['cookie_prefix'] . 'user', $admin_uid, $this->time + $this->sets['logintime'], $this->sets['cookie_path'], $this->sets['cookie_domain'], $this->sets['cookie_secure'], true); setcookie($this->sets['cookie_prefix'] . 'pass', $this->post['admin_pass'], $this->time + $this->sets['logintime'], $this->sets['cookie_path'], $this->sets['cookie_domain'], $this->sets['cookie_secure'], true); } if (!$writeSetsWorked) { echo "Congratulations! Your board has been installed.<br />\n\t\t\t\tAn administrator account was registered.<br />"; echo "Click here to download your settings.php file. You must put this file on the webhost before the board is ready to use<br/>\n"; echo "<form action=\"{$this->self}?mode=new_install&step=3\" method=\"post\">\n\n\t\t\t\t\t<input type=\"hidden\" name=\"db_host\" value=\"" . htmlspecialchars($this->post['db_host']) . "\" />\n\n\t\t\t\t\t<input type=\"hidden\" name=\"db_name\" value=\"" . htmlspecialchars($this->post['db_name']) . "\" />\n\n\t\t\t\t\t<input type=\"hidden\" name=\"db_user\" value=\"" . htmlspecialchars($this->post['db_user']) . "\" />\n\n\t\t\t\t\t<input type=\"hidden\" name=\"db_pass\" value=\"" . htmlspecialchars($this->post['db_pass']) . "\" />\n\n\t\t\t\t\t<input type=\"hidden\" name=\"db_port\" value=\"" . htmlspecialchars($this->post['db_port']) . "\" />\n\n\t\t\t\t\t<input type=\"hidden\" name=\"db_socket\" value=\"" . htmlspecialchars($this->post['db_socket']) . "\" />\n\n\t\t\t\t\t<input type=\"hidden\" name=\"prefix\" value=\"" . htmlspecialchars($this->post['prefix']) . "\" />\n\n\t\t\t\t\t<input type=\"submit\" value=\"Download settings.php\" />\n\t\t\t\t\t</form>\n\t\t\t\t\t<br/>\n\n\t\t\t\t\tOnce this is done: REMEMBER TO DELETE THE INSTALL DIRECTORY!<br /><br />\n\t\t\t\t\t<a href='../index.php'>Go to your board.</a>\n\t\t\t\t\t "; } else { echo "Congratulations! Your board has been installed.<br />\n\t\t\t\tAn administrator account was registered.<br />\n\t\t\t\tREMEMBER TO DELETE THE INSTALL DIRECTORY!<br /><br />\n\t\t\t\t<a href='../index.php'>Go to your board.</a>"; } break; case 3: // Give them the settings.php file $this->sets['db_host'] = $this->post['db_host']; $this->sets['db_user'] = $this->post['db_user']; $this->sets['db_pass'] = $this->post['db_pass']; $this->sets['db_name'] = $this->post['db_name']; $this->sets['db_port'] = $this->post['db_port']; $this->sets['db_socket'] = $this->post['db_socket']; $this->sets['installed'] = 1; $this->sets['prefix'] = trim(preg_replace('/[^a-zA-Z0-9_]/', '', $this->post['prefix'])); $settingsFile = $this->create_settings_file(); ob_clean(); header("Content-type: application/octet-stream"); header("Content-Disposition: attachment; filename=\"settings.php\""); echo $settingsFile; exit; break; } }
function upgrade_board($step) { switch ($step) { default: echo "<form action='{$this->self}' method='get'>\n\t\t\t <table border='0' cellpadding='4' cellspacing='0'>\n"; check_writeable_files(); echo "<tr><td colspan='2' align='center'><b>Upgrade from what version?</b></td></tr>"; include 'templates/upgradefromversion.php'; echo " </table>\n\t\t\t </form>\n"; break; // Step 1.5 simply updates the database info // Step 1.5 simply updates the database info case 15: $this->sets['db_host'] = $this->post['db_host']; $this->sets['db_name'] = $this->post['db_name']; $this->sets['db_user'] = $this->post['db_user']; $this->sets['db_pass'] = $this->post['db_pass']; $this->sets['db_port'] = $this->post['db_port']; $this->sets['db_socket'] = $this->post['db_socket']; $this->sets['prefix'] = trim(preg_replace('/[^a-zA-Z0-9_]/', '', $this->post['prefix'])); if (!$this->write_db_sets('../settings.php')) { echo 'settings.php could not be updated.<br /><br />CHMOD settings.php to 0666.'; break; } // Fall through to the next case // Fall through to the next case case 2: @set_time_limit(300); // Check to see if all upgrade files are intact $check = $this->get['from']; while ($check <= LATEST) { if (!is_readable("./upgrade_{$check}.php")) { echo "A file required for upgrading was not found: upgrade_{$check}.php"; break 2; } $check++; } $db = new $this->modules['database']($this->sets['db_host'], $this->sets['db_user'], $this->sets['db_pass'], $this->sets['db_name'], $this->sets['db_port'], $this->sets['db_socket'], $this->sets['prefix']); if (!$db->connection) { if ($this->get['step'] == 15) { $sets_error = '<br />Could not connect with the specified information.'; } else { $sets_error = null; } include 'templates/upgradefromdatabase.php'; break; } $queries = array(); $pre = $this->sets['prefix']; $full_template_list = false; $template_list = array(); $new_permissions = array(); $this->sets['installed'] = 1; $this->pre = $this->sets['prefix']; $this->db = $db; // We can't get settings from the database unless we're already running >= 1.1.0 if ($this->get['from'] >= 10) { $this->sets = $this->get_settings($this->sets); } $this->perms = new $this->modules['permissions']($this); while ($this->get['from'] <= LATEST) { include "./upgrade_{$this->get['from']}.php"; $this->get['from']++; // This gets really complicated so be careful if (is_bool($need_templates)) { if ($need_templates) { $full_template_list = true; } } else { $template_list = array_unique(array_merge($template_list, $need_templates)); } } /** * The order this next block executes is important. * 1. Verify we can upgrade templates * 2. Upgrade board * 3. Upgrade templates * * Because the query used to upgrade templates is for * the most recent version of the board, we must run * it after the board is fully upgraded. **/ if ($need_templates && !is_readable(SKIN_FILE)) { echo 'No templates could be loaded from ' . SKIN_FILE; break; } execute_queries($queries, $this->db); $queries = array(); // Check the default skin still exists $result = $this->db->fetch("SELECT * FROM %pskins WHERE skin_dir='default'"); if (!$result) { $this->db->query("INSERT INTO %pskins (skin_name, skin_dir) VALUES ('QSF Comet', 'default')"); $full_template_list = true; } $skinsupdated = "The following templates were upgraded:<br /><br /><span class='tiny'>"; $didsomething = false; $result = $this->db->query("SELECT * FROM %pskins"); while ($row = $this->db->nqfetch($result)) { $skin = $row['skin_dir']; // QSF or MB default skin in default location if (($row['skin_name'] == 'QSF Comet' || $row['skin_name'] == 'Candy Corn') && $skin == 'default') { if ($full_template_list || $template_list) { if ($full_template_list) { $template_list = null; $this->db->query("DELETE FROM %ptemplates WHERE template_skin='default'"); $skinsupdated .= $row['skin_name'] . ": Full Template Replacement<br />"; } else { $template_list_string = ''; foreach ($template_list as $temp_name) { $template_list_string .= "'{$temp_name}',"; $skinsupdated .= $row['skin_name'] . ": " . $temp_name . "<br />"; } $template_list_string = substr($template_list_string, 0, -1); $this->db->query("DELETE FROM %ptemplates WHERE template_name IN ({$template_list_string}) AND template_skin='default'"); } // Create template $xmlInfo = new xmlparser(); $xmlInfo->parse(SKIN_FILE); $templatesNode = $xmlInfo->GetNodeByPath('QSFMOD/TEMPLATES'); packageutil::insert_templates('default', $this->db, $templatesNode, $template_list); unset($templatesNode); $xmlInfo = null; $didsomething = true; } if ($row['skin_name'] == 'Candy Corn') { $this->db->query("UPDATE %pskins SET skin_name='QSF Comet' WHERE skin_dir='%s'", $skin); } } else { // Other skins $xmlInfo = new xmlparser(); $xmlInfo->parse(SKIN_FILE); $templatesNode = $xmlInfo->GetNodeByPath('QSFMOD/TEMPLATES'); $temp_names = packageutil::list_templates($templatesNode); $temps_to_insert = array(); foreach ($temp_names as $temp_name) { $miss = $this->db->query("SELECT template_name FROM %ptemplates WHERE template_skin='%s' AND template_name='%s'", $skin, $temp_name); if ($this->db->num_rows($miss) < 1) { $skinsupdated .= $row['skin_name'] . ": Added: " . $temp_name . "<br />"; $temps_to_insert[] = $temp_name; } } if ($temps_to_insert) { $templatesNode = $xmlInfo->GetNodeByPath('QSFMOD/TEMPLATES'); packageutil::insert_templates($skin, $this->db, $templatesNode, $temps_to_insert); $didsomething = true; } $xmlInfo = null; } /* Iterate over all our templates. This is excessive, but only needs to be done once anyway. */ $sql = "SELECT template_html, template_name FROM {$this->pre}templates WHERE template_skin='{$skin}'"; $query = $this->db->query($sql); while ($row2 = $this->db->nqfetch($query)) { if (strstr($row2['template_html'], '{$messageclass}')) { $didsomething = true; $row2['template_html'] = str_replace('{$messageclass}', '<MODLET messagelink(class)>', $row2['template_html']); $updated_temps[] = $row['template_name']; $this->db->query("UPDATE %ptemplates SET template_html='%s' WHERE template_skin='%s' AND template_name='%s'", $row2['template_html'], $skin, $row2['template_name']); } if (strstr($row2['template_html'], '{$MessageLink}')) { $didsomething = true; $row2['template_html'] = str_replace('{$MessageLink}', '<MODLET messagelink(text)>', $row2['template_html']); $skinsupdated .= $row['skin_name'] . " Modified: " . $row2['template_name'] . "<br />"; $this->db->query("UPDATE %ptemplates SET template_html='%s' WHERE template_skin='%s' AND template_name='%s'", $row2['template_html'], $skin, $row2['template_name']); } if (strstr($row2['template_html'], '$mercury')) { $didsomething = true; $row2['template_html'] = str_replace('$mercury', '$qsf', $row2['template_html']); $skinsupdated .= $row['skin_name'] . " Modified: " . $row2['template_name'] . "<br />"; $this->db->query("UPDATE %ptemplates SET template_html='%s' WHERE template_skin='%s' AND template_name='%s'", $row2['template_html'], $skin, $row2['template_name']); } if (strstr($row2['template_html'], '$qsfboard')) { $didsomething = true; $row2['template_html'] = str_replace('$qsfboard', '$quicksilverforums', $row2['template_html']); $skinsupdated .= $row['skin_name'] . " Modified: " . $row2['template_name'] . "<br />"; $this->db->query("UPDATE %ptemplates SET template_html='%s' WHERE template_skin='%s' AND template_name='%s'", $row2['template_html'], $skin, $row2['template_name']); } if (strstr($row2['template_html'], '$qsf->lang->main_powered')) { $didsomething = true; $row2['template_html'] = str_replace('$qsf->lang->main_powered', '$qsf->lang->powered', $row2['template_html']); $skinsupdated .= $row['skin_name'] . " Modified: " . $row2['template_name'] . "<br />"; $this->db->query("UPDATE %ptemplates SET template_html='%s' WHERE template_skin='%s' AND template_name='%s'", $row2['template_html'], $skin, $row2['template_name']); } if (strstr($row2['template_html'], '$qsf->lang->main_seconds')) { $didsomething = true; $row2['template_html'] = str_replace('$qsf->lang->main_seconds', '$qsf->lang->seconds', $row2['template_html']); $skinsupdated .= $row['skin_name'] . " Modified: " . $row2['template_name'] . "<br />"; $this->db->query("UPDATE %ptemplates SET template_html='%s' WHERE template_skin='%s' AND template_name='%s'", $row2['template_html'], $skin, $row2['template_name']); } if (strstr($row2['template_html'], '$this->lang->pm_inbox')) { $didsomething = true; $row2['template_html'] = str_replace('$this->lang->pm_inbox', '$foldername', $row2['template_html']); $skinsupdated .= $row['skin_name'] . " Modified: " . $row2['template_name'] . "<br />"; $this->db->query("UPDATE %ptemplates SET template_html='%s' WHERE template_skin='%s' AND template_name='%s'", $row2['template_html'], $skin, $row2['template_name']); } if (strstr($row2['template_html'], '$this->lang->board_topics_new')) { $didsomething = true; $row2['template_html'] = str_replace('$this->lang->board_topics_new', '$this->lang->main_topics_new', $row2['template_html']); $skinsupdated .= $row['skin_name'] . " Modified: " . $row2['template_name'] . "<br />"; $this->db->query("UPDATE %ptemplates SET template_html='%s' WHERE template_skin='%s' AND template_name='%s'", $row2['template_html'], $skin, $row2['template_name']); } if (strstr($row2['template_html'], '$this->lang->forum_topics_new')) { $didsomething = true; $row2['template_html'] = str_replace('$this->lang->forum_topics_new', '$this->lang->main_topics_new', $row2['template_html']); $skinsupdated .= $row['skin_name'] . " Modified: " . $row2['template_name'] . "<br />"; $this->db->query("UPDATE %ptemplates SET template_html='%s' WHERE template_skin='%s' AND template_name='%s'", $row2['template_html'], $skin, $row2['template_name']); } if (strstr($row2['template_html'], '$this->lang->recent_topics_new')) { $didsomething = true; $row2['template_html'] = str_replace('$this->lang->recent_topics_new', '$this->lang->main_topics_new', $row2['template_html']); $skinsupdated .= $row['skin_name'] . " Modified: " . $row2['template_name'] . "<br />"; $this->db->query("UPDATE %ptemplates SET template_html='%s' WHERE template_skin='%s' AND template_name='%s'", $row2['template_html'], $skin, $row2['template_name']); } if (strstr($row2['template_html'], 'post_mbcode_')) { $didsomething = true; $row2['template_html'] = str_replace('post_mbcode_', 'mbcode_', $row2['template_html']); $skinsupdated .= $row['skin_name'] . " Modified: " . $row2['template_name'] . "<br />"; $this->db->query("UPDATE %ptemplates SET template_html='%s' WHERE template_skin='%s' AND template_name='%s'", $row2['template_html'], $skin, $row2['template_name']); } if (strstr($row2['template_html'], '$qsf->tree')) { $didsomething = true; $row2['template_html'] = str_replace('$qsf->tree', '$qsf->htmlwidgets->tree', $row2['template_html']); $skinsupdated .= $row['skin_name'] . " Modified: " . $row2['template_name'] . "<br />"; $this->db->query("UPDATE %ptemplates SET template_html='%s' WHERE template_skin='%s' AND template_name='%s'", $row2['template_html'], $skin, $row2['template_name']); } if (strstr($row2['template_html'], '$admin->tree')) { $didsomething = true; $row2['template_html'] = str_replace('$admin->tree', '$admin->htmlwidgets->tree', $row2['template_html']); $skinsupdated .= $row['skin_name'] . " Modified: " . $row2['template_name'] . "<br />"; $this->db->query("UPDATE %ptemplates SET template_html='%s' WHERE template_skin='%s' AND template_name='%s'", $row2['template_html'], $skin, $row2['template_name']); } if (strstr($row2['template_html'], '$this->tree')) { $didsomething = true; $row2['template_html'] = str_replace('$this->tree', '$this->htmlwidgets->tree', $row2['template_html']); $skinsupdated .= $row['skin_name'] . " Modified: " . $row2['template_name'] . "<br />"; $this->db->query("UPDATE %ptemplates SET template_html='%s' WHERE template_skin='%s' AND template_name='%s'", $row2['template_html'], $skin, $row2['template_name']); } if (strstr($row2['template_html'], '{$active[\'TOTALCOUNT\']}')) { $didsomething = true; $row2['template_html'] = str_replace('{$active[\'TOTALCOUNT\']}', 'Skin Update Required', $row2['template_html']); $skinsupdated .= $row['skin_name'] . " Modified: " . $row2['template_name'] . "<br />"; $this->db->query("UPDATE %ptemplates SET template_html='%s' WHERE template_skin='%s' AND template_name='%s'", $row2['template_html'], $skin, $row2['template_name']); } if (strstr($row2['template_html'], '{$active[\'MEMBERCOUNT\']}')) { $didsomething = true; $row2['template_html'] = str_replace('{$active[\'MEMBERCOUNT\']}', 'Skin Update Required', $row2['template_html']); $skinsupdated .= $row['skin_name'] . " Modified: " . $row2['template_name'] . "<br />"; $this->db->query("UPDATE %ptemplates SET template_html='%s' WHERE template_skin='%s' AND template_name='%s'", $row2['template_html'], $skin, $row2['template_name']); } if (strstr($row2['template_html'], '{$active[\'GUESTCOUNT\']}')) { $didsomething = true; $row2['template_html'] = str_replace('{$active[\'GUESTCOUNT\']}', 'Skin Update Required', $row2['template_html']); $skinsupdated .= $row['skin_name'] . " Modified: " . $row2['template_name'] . "<br />"; $this->db->query("UPDATE %ptemplates SET template_html='%s' WHERE template_skin='%s' AND template_name='%s'", $row2['template_html'], $skin, $row2['template_name']); } if (strstr($row2['template_html'], '{$active[\'USERS\']}')) { $didsomething = true; $row2['template_html'] = str_replace('{$active[\'USERS\']}', 'Skin Update Required', $row2['template_html']); $skinsupdated .= $row['skin_name'] . " Modified: " . $row2['template_name'] . "<br />"; $this->db->query("UPDATE %ptemplates SET template_html='%s' WHERE template_skin='%s' AND template_name='%s'", $row2['template_html'], $skin, $row2['template_name']); } } } $this->write_sets(); // New fields in forum tables need to be fixed in case the old install was a conversion $this->updateForumTrees(); $this->RecountForums(); // Check if new permissions need to be added if (!empty($new_permissions)) { foreach ($new_permissions as $id => $default) { // Groups while ($this->perms->get_group()) { $perm_on = $default; if ($this->perms->auth('is_admin')) { $perm_on = true; } if (!$this->perms->auth('do_anything')) { $perm_on = false; } if ($this->perms->is_guest) { $perm_on = false; } $this->perms->add_perm($id, $perm_on); $this->perms->update(); } // Users while ($this->perms->get_group(true)) { $perm_on = $default; if ($this->perms->auth('is_admin')) { $perm_on = true; } if (!$this->perms->auth('do_anything')) { $perm_on = false; } if ($this->perms->is_guest) { $perm_on = false; } $this->perms->add_perm($id, $perm_on); $this->perms->update(); } } } $message = ''; if ($didsomething) { $message = $skinsupdated . "</span>"; } echo $message . "<br />Upgrade successful.<br />"; echo "<a href='../index.php'>To the board</a>"; break; } }
public function install($step, $mysqli, $pgsql) { switch ($step) { default: $url = preg_replace('/install\\/?$/i', '', $this->server_url() . dirname($_SERVER['PHP_SELF'])); echo "<form action='{$self}?mode=new_install&step=2' method='post'>\n\t\t\t <div class='article'>\n\t\t\t <div class='title'>New Sandbox Installation</div>\n\t\t\t <div class='subtitle'>Directory Permissions</div>"; check_writeable_files(); echo " <p></p>\n \t\t\t <div class='subtitle'>Database Configuration</div>\n\n <span class='field'>Host Server:</span>\n <span class='form'><input class='input' type='text' name='db_host' value='{$this->settings['db_host']}' /></span>\n <p class='line'></p>\n\n <span class='field'>Database Type:</span>\n <span class='form'>\n <select name='db_type'>"; if ($mysqli) { echo "<option value='mysqli'>MySQLi</option>"; } if ($pgsql) { echo "<option value='pgsql'>pgSQL</option>"; } echo "</select>\n </span>\n <p class='line'></p>\n\n <span class='field'>Database Name:</span>\n <span class='form'><input class='input' type='text' name='db_name' value='{$this->settings['db_name']}' /></span>\n <p class='line'></p>\n\n <span class='field'>Database Username:</span>\n <span class='form'><input class='input' type='text' name='db_user' value='{$this->settings['db_user']}' /></span>\n <p class='line'></p>\n\n <span class='field'>Database Password:</span>\n <span class='form'><input class='input' type='password' name='db_pass' value='' /></span>\n <p class='line'></p>\n\n <span class='field'>Table Prefix:</span>\n <span class='form'>\n <input class='input' type='text' name='db_pre' value='{$this->settings['db_pre']}' /><br />\n This should only be changed if you need to install multiple Sandbox sites in the same database.\n </span>\n <p></p>\n\n <div class='subtitle'>New Site Settings</div>\n\n <span class='field'>Site Name:</span>\n <span class='form'><input class='input' type='text' name='site_name' value='Sandbox' size='75' /></span>\n <p class='line'></p>\n\n <span class='field'>Site Tagline:</span>\n <span class='form'><input class='input' type='text' name='site_tagline' value='Personal websites made easy.' size='75' /></span>\n <p class='line'></p>\n\n <span class='field'>Site URL:</span>\n <span class='form'><input class='input' type='text' name='site_url' value='{$url}' size='75' /></span>\n <p></p>\n\n <div class='subtitle'>Administrator Account Settings</div>\n\n <span class='field'>User Name:</span>\n <span class='form'><input class='input' type='text' name='admin_name' size='30' maxlength='30' /></span>\n <p class='line'></p>\n\n <span class='field'>User Password:</span>\n <span class='form'><input class='input' type='password' name='admin_pass' size='30' /></span>\n <p class='line'></p>\n\n <span class='field'>Password (confirmation):</span>\n <span class='form'><input class='input' type='password' name='admin_pass2' size='30' /></span>\n <p class='line'></p>\n\n <span class='field'>Contact Email:</span>\n <span class='form'>\n <input class='input' type='text' name='contact_email' size='50' maxlength='100' />\n This is where contact form emails and error messages are sent.\n </span>\n <p class='line'></p>\n\n <span class='field'>System Email:</span>\n <span class='form'>\n <input class='input' type='text' name='admin_email' size='50' maxlength='100' />\n Address used by the system to send mail. Can be fake if desired.\n </span>\n <p class='line'></p>\n\n <div style='text-align:center'>\n <input type='submit' name='submit' value='Continue' />\n </div>\n </div>\n</form>"; break; case 2: echo "<div class='article'>\n\t\t <div class='title'>New Sandbox Installation</div>"; $dbt = 'db_' . $this->post['db_type']; $db = new $dbt($this->post['db_name'], $this->post['db_user'], $this->post['db_pass'], $this->post['db_host'], $this->post['db_pre']); if (!$db->db) { echo "Couldn't connect to a database using the specified information."; break; } $this->db =& $db; $this->settings['db_host'] = $this->post['db_host']; $this->settings['db_user'] = $this->post['db_user']; $this->settings['db_pass'] = $this->post['db_pass']; $this->settings['db_name'] = $this->post['db_name']; $this->settings['db_type'] = $this->post['db_type']; $this->settings['db_pre'] = trim(preg_replace('/[^a-zA-Z0-9_]/', '', $this->post['db_pre'])); $this->settings['error_email'] = $this->post['contact_email']; if (!is_writeable('../settings.php')) { echo 'Cannot write to settings.php file. Please change the permissions to at least 0666, then go back and try again.'; break; } $this->save_settings_file($this->settings); if (!is_readable('./' . $this->settings['db_type'] . '_queries.php')) { echo "Unable to read queries file: ./{$this->settings['db_type']}_queries.php"; break; } if (trim($this->post['admin_name']) == '' || trim($this->post['admin_pass']) == '' || trim($this->post['contact_email']) == '') { echo 'You have not specified an admistrator account. Please go back and correct this error.'; break; } if ($this->post['admin_pass'] != $this->post['admin_pass2']) { echo 'Your administrator passwords do not match. Please go back and correct this error.'; break; } $this->settings['site_name'] = $this->post['site_name']; $this->settings['site_tagline'] = $this->post['site_tagline']; if (!empty($this->post['site_url']) && $this->post['site_url'][strlen($this->post['site_url']) - 1] != '/') { $this->post['site_url'] = $this->post['site_url'] . '/'; } $this->settings['site_address'] = $this->post['site_url']; $this->settings['site_meta'] = 'Personal websites made easy.'; $this->settings['site_keywords'] = 'blog,gallery,downloads,personal website'; $this->settings['mobile_icons'] = ''; $this->settings['email_adm'] = $this->post['contact_email']; $this->settings['email_sys'] = $this->post['admin_email']; $this->settings['site_open'] = true; $this->settings['site_closedmessage'] = 'This site is currently down for maintenance.'; $this->settings['site_defaultskin'] = 'Default'; $this->settings['site_analytics'] = ''; $this->settings['wordpress_api_key'] = ''; $this->settings['copyright_terms'] = ''; $this->settings['footer_text'] = ''; $this->settings['page_links'] = array('Home' => '/', 'Gallery' => 'index.php?a=gallery', 'Downloads' => 'index.php?a=downloads', 'Contact' => 'index.php?a=contact'); $this->settings['blog_postsperpage'] = 5; $this->settings['blog_commentsperpage'] = 50; $this->settings['blog_avatar'] = 'sandbox.jpg'; $this->settings['blog_dateformat'] = 'M j, Y g:i a'; $this->settings['blog_autoclose'] = 90; $this->settings['blog_notifycomments'] = true; $this->settings['blog_icon_width'] = 40; $this->settings['blog_icon_height'] = 40; $this->settings['site_owner'] = $this->post['admin_name']; $this->settings['twitter_user'] = ''; $this->settings['blog_signature_on'] = true; $this->settings['anonymous_comments'] = false; $this->settings['global_comments'] = true; $this->settings['download_size'] = 0; $server = isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : $_SERVER['SERVER_NAME']; $this->settings['cookie_domain'] = $server; $path = dirname($_SERVER['PHP_SELF']); $path = str_replace('install', '', $path); $this->settings['cookie_path'] = $path; $this->settings['cookie_secure'] = false; $this->settings['cookie_prefix'] = 'sandbox_'; $this->settings['cookie_logintime'] = 31536000; $this->settings['html_email'] = false; $this->settings['spam_count'] = 0; $this->settings['email_spam_count'] = 0; $this->settings['ham_count'] = 0; $this->settings['spam_uncaught'] = 0; $this->settings['friendly_urls'] = false; $this->settings['site_pings'] = array(); $this->settings['sidebar_avatar'] = true; $this->settings['sidebar_search'] = true; $this->settings['sidebar_calendar'] = true; $this->settings['sidebar_comments'] = true; $this->settings['sidebar_blogroll'] = true; $this->settings['sidebar_categories'] = true; $this->settings['sidebar_images'] = true; $this->settings['banned_ips'] = array(); $this->settings['user_count'] = 1; $this->settings['gallery_thumb_w'] = 180; $this->settings['gallery_thumb_h'] = 180; $this->settings['register_spam_count'] = 0; $this->settings['global_announce'] = ''; $this->settings['sidebar_comments_count'] = 5; $this->settings['sidebar_images_count'] = 5; $this->settings['rss_enabled'] = true; $this->settings['rss_name'] = $this->post['site_name']; $this->settings['rss_description'] = ''; $this->settings['rss_image_url'] = ''; $this->settings['rss_items'] = 10; $this->settings['rss_refresh'] = 60; $queries = array(); $pre = $this->settings['db_pre']; // Create tables include './' . $this->settings['db_type'] . '_queries.php'; execute_queries($queries, $db); $queries = null; $newsets = array(); $this->db->dbquery("INSERT INTO %psettings (settings_value) VALUES( '%s' )", json_encode($newsets)); $this->db->dbquery("INSERT INTO %pblogposts (post_user, post_subject, post_summary, post_text, post_date, post_flags) VALUES(1, 'Welcome to your Sandbox Website', 'Sandbox: Personal websites made easy.', 'We hope you enjoy it. GitHub repository can be found at: https://github.com/Arthmoor/Sandbox Please post bug reports, feature requests and ideas there.', " . time() . ", 6 )"); $this->db->dbquery("INSERT INTO %pphotofolders (folder_name) VALUES( 'Root' )"); $this->db->dbquery('UPDATE %pphotofolders SET folder_id=0'); $this->db->dbquery("INSERT INTO %pfilefolders (folder_name) VALUES( 'Root' )"); $this->db->dbquery('UPDATE %pfilefolders SET folder_id=0'); $this->db->dbquery("INSERT INTO %pblogcats (cat_name, cat_description) VALUES ( 'Uncategorized', 'Default category.' )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':alien:', 'alien.png', 1 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':biggrin:', 'biggrin.gif', 1 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':blues:', 'blues.png', 1 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':cool:', 'cool.gif', 1 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':cry:', 'cry.gif', 1 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':cyclops:', 'cyclops.png', 1 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':devil:', 'devil.png', 1 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':evil:', 'evil.gif', 1 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':ghostface:', 'ghostface.png', 1 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':grinning:', 'grinning.png', 1 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':lol:', 'lol.gif', 1 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':mad:', 'angry.png', 1 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':redface:', 'redface.gif', 1 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':robot:', 'robot.gif', 1 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':rolleyes:', 'rolleyes.gif', 1 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':sad:', 'sad.png', 1 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':smile:', 'smile.gif', 1 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':stare:', 'stare.png', 1 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':surprised:', 'surprised.gif', 1 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':thinking:', 'thinking.gif', 1 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':tongue:', 'tongue.png', 1 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':unclesam:', 'unclesam.png', 1 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':wink:', 'wink.png', 1 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':huh:', 'huh.gif', 1 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':blink:', 'blink.gif', 1 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':facepalm:', 'facepalm.gif', 1 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':whistle:', 'whistle.gif', 1 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':sick:', 'sick.gif', 1 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':headbang:', 'headbang.gif', 1 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':innocent:', 'innocent.png', 1 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':crazy:', 'crazy.gif', 1 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':rofl:', 'rofl.gif', 1 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':lmao:', 'lmao.gif', 1 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':shrug:', 'shrug.gif', 1 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':ninja:', 'ninja.gif', 1 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':nuke:', 'nuke.gif', 1 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':wub:', 'wub.png', 1 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':imp:', 'imp.png', 1 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':banana:', 'dancingbanana.gif', 1 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':cricket:', 'cricket.png', 1 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':(', 'sad.png', 0 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':P', 'tongue.png', 0 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (';)', 'wink.png', 0 )"); $this->db->dbquery("INSERT INTO %pemoticons (emote_string, emote_image, emote_clickable) VALUES (':)', 'smile.gif', 0 )"); $this->settings['app_version'] = $this->version; $this->save_settings(); // Generate the Anonymous user. $this->db->dbquery("INSERT INTO %pusers (user_name, user_level, user_perms, user_icon)\n\t\t\t\tVALUES( 'Anonymous', 1, 0, 'Anonymous.png' )"); // Add the administrator next. $pass = hash('sha256', $this->post['admin_pass']); $current_time = time(); $this->db->dbquery("INSERT INTO %pusers (user_name, user_password, user_email, user_level, user_perms, user_joined, user_icon)\n\t\t\t\tVALUES( '%s', '%s', '%s', 5, 7, %d, 'Anonymous.png' )", $this->post['admin_name'], $pass, $this->post['contact_email'], $current_time); $id = $this->db->insert_id(); setcookie($this->settings['cookie_prefix'] . 'user', $id, $current_time + $this->settings['cookie_logintime'], $this->settings['cookie_path'], $this->settings['cookie_domain'], $this->settings['cookie_secure'], true); setcookie($this->settings['cookie_prefix'] . 'pass', $pass, $current_time + $this->settings['cookie_logintime'], $this->settings['cookie_path'], $this->settings['cookie_domain'], $this->settings['cookie_secure'], true); echo "\n\t\t\t<div class='article'>\n\t\t\t <div class='title'>Installation Successful!</div>\n\t\t\t Your Sandbox site is now installed. <a href='{$this->settings['site_address']}'>Click here</a> to go there now.<br /><br />\n\t\t\t Or <a href=\"{$this->settings['site_address']}admin.php\">Click here</a> to go directly to the AdminCP.<br /><br />\n\t\t\t <span style='color:red'>Please DELETE THE INSTALL DIRECTORY NOW for security purposes!!</span>\n\t\t\t</div>"; } }
function install_board($step) { switch ($step) { default: $url = preg_replace('/install\\/?$/i', '', $this->server_url() . dirname($_SERVER['PHP_SELF'])); echo "<form action='{$this->self}?mode=new_install&step=2' method='post'>\n <table border='0' cellpadding='4' cellspacing='0'>\n"; check_writeable_files(); include 'templates/newdatabase.php'; include 'templates/newboardsettings.php'; include 'templates/newadmin.php'; include 'templates/newseeddata.php'; echo "<tr>\n <td class='subheader' colspan='2' align='center'><input type='submit' value='Continue' /></td>\n </tr>\n </table>\n </form>"; break; case 2: $db = new $this->modules['database']($this->post['db_host'], $this->post['db_user'], $this->post['db_pass'], $this->post['db_name'], $this->post['db_port'], $this->post['db_socket'], $this->post['prefix']); if (!$db->connection) { echo "Couldn't connect to a database using the specified information."; break; } // load the installer SQL $db->install(); $this->db =& $db; $this->sets['db_host'] = $this->post['db_host']; $this->sets['db_user'] = $this->post['db_user']; $this->sets['db_pass'] = $this->post['db_pass']; $this->sets['db_name'] = $this->post['db_name']; $this->sets['db_port'] = $this->post['db_port']; $this->sets['db_socket'] = $this->post['db_socket']; $this->sets['prefix'] = trim(preg_replace('/[^a-zA-Z0-9_]/', '', $this->post['prefix'])); if (!$this->write_db_sets('../settings.php') && !isset($this->post['downloadsettings'])) { echo "The database connection was ok, but settings.php could not be updated.<br />\n"; echo "You can CHMOD settings.php to 0666 and hit reload to try again<br/>\n"; echo "Or you can force the install to continue and download the new settings.php file "; echo "so you can later place it on the website manually<br/>\n"; echo "<form action=\"{$this->self}?mode=new_install&step=2\" method=\"post\">\n\n\t\t\t\t\t<input type=\"hidden\" name=\"downloadsettings\" value=\"yes\" />\n\n\t\t\t\t\t<input type=\"hidden\" name=\"db_host\" value=\"" . htmlspecialchars($this->post['db_host']) . "\" />\n\n\t\t\t\t\t<input type=\"hidden\" name=\"db_name\" value=\"" . htmlspecialchars($this->post['db_name']) . "\" />\n\n\t\t\t\t\t<input type=\"hidden\" name=\"db_user\" value=\"" . htmlspecialchars($this->post['db_user']) . "\" />\n\n\t\t\t\t\t<input type=\"hidden\" name=\"db_pass\" value=\"" . htmlspecialchars($this->post['db_pass']) . "\" />\n\n\t\t\t\t\t<input type=\"hidden\" name=\"db_port\" value=\"" . htmlspecialchars($this->post['db_port']) . "\" />\n\n\t\t\t\t\t<input type=\"hidden\" name=\"db_socket\" value=\"" . htmlspecialchars($this->post['db_socket']) . "\" />\n\n\t\t\t\t\t<input type=\"hidden\" name=\"prefix\" value=\"" . htmlspecialchars($this->post['prefix']) . "\" />\n\n\t\t\t\t\t<input type=\"hidden\" name=\"board_name\" value=\"" . htmlspecialchars($this->post['board_name']) . "\" />\n\n\t\t\t\t\t<input type=\"hidden\" name=\"board_url\" value=\"" . htmlspecialchars($this->post['board_url']) . "\" />\n\n\t\t\t\t\t<input type=\"hidden\" name=\"admin_name\" value=\"" . htmlspecialchars($this->post['admin_name']) . "\" />\n\n\t\t\t\t\t<input type=\"hidden\" name=\"admin_pass\" value=\"" . htmlspecialchars($this->post['admin_pass']) . "\" />\n\n\t\t\t\t\t<input type=\"hidden\" name=\"admin_pass2\" value=\"" . htmlspecialchars($this->post['admin_pass2']) . "\" />\n\n\t\t\t\t\t<input type=\"hidden\" name=\"admin_email\" value=\"" . htmlspecialchars($this->post['admin_email']) . "\" />\n\n\t\t\t\t\t"; if (isset($this->post['seed_data']) && $this->post['seed_data']) { echo "<input type=\"hidden\" name=\"seed_data\" value=\"yes\" />\n"; } echo "<input type=\"submit\" value=\"Force Install\" />\n\t\t\t\t\t</form>\n\t\t\t\t\t "; break; } $filename = './' . $this->sets['dbtype'] . '_data_tables.php'; if (!is_readable($filename)) { echo 'Database connected, settings written, but no tables could be loaded from file: ' . $filename; break; } if (!is_readable(SKIN_FILE)) { echo 'Database connected, settings written, but no templates could be loaded from file: ' . SKIN_FILE; break; } if (trim($this->post['admin_name']) == '' || trim($this->post['admin_pass']) == '' || trim($this->post['admin_email']) == '') { echo 'You have not specified an admistrator account. Please go back and correct this error.'; break; } if ($this->post['admin_pass'] != $this->post['admin_pass2']) { echo 'Your administrator passwords do not match. Please go back and correct this error.'; break; } if (isset($this->post['seed_data']) && $this->post['seed_data'] && !is_readable('./seed_data.php')) { echo 'Database connected, settings written, but no seed data could be loaded from file: seed_data.php'; break; } $queries = array(); $pre = $this->sets['prefix']; $this->pre = $this->sets['prefix']; // Build settings array for the DB $this->sets['attach_types'] = array('jpg', 'gif', 'png', 'bmp', 'zip', 'tgz', 'gz', 'rar'); $this->sets['attach_upload_size'] = 25600; $this->sets['avatar_height'] = 75; $this->sets['avatar_upload_size'] = 51200; $this->sets['avatar_width'] = 75; $this->sets['banned_ips'] = array(); $this->sets['clickable_per_row'] = 5; $this->sets['closed'] = 0; $this->sets['closedtext'] = 'We are upgrading to the latest version of Quicksilver Forums. Please check back later.'; $this->sets['cookie_path'] = '/'; $this->sets['cookie_prefix'] = 'qsf_'; $this->sets['cookie_domain'] = ''; $this->sets['cookie_secure'] = 0; $this->sets['emailactivation'] = 1; $this->sets['flash_avs'] = 1; $this->sets['flood_time'] = 30; $this->sets['hot_limit'] = 20; $this->sets['loc_of_board'] = $this->post['board_url']; $this->sets['forum_name'] = $this->post['board_name']; $this->sets['last_member'] = ''; $this->sets['last_member_id'] = 0; $this->sets['link_target'] = '_blank'; $this->sets['logintime'] = 31536000; $this->sets['mailserver'] = 'localhost'; $this->sets['max_load'] = 0; $this->sets['mostonline'] = 0; $this->sets['mostonlinetime'] = 0; $this->sets['output_buffer'] = extension_loaded('zlib') ? 1 : 0; $this->sets['posts'] = 0; $this->sets['posts_per_page'] = 15; $this->sets['register_image'] = 0; $this->sets['servertime'] = 151; $this->sets['topics'] = 0; $this->sets['topics_per_page'] = 20; $this->sets['vote_after_results'] = 0; $this->sets['default_skin'] = 'default'; $this->sets['default_email_shown'] = 0; $this->sets['default_lang'] = 'en'; $this->sets['default_group'] = 2; $this->sets['default_timezone'] = 151; $this->sets['default_pm'] = 1; $this->sets['default_view_avatars'] = 1; $this->sets['default_view_sigs'] = 1; $this->sets['default_view_emots'] = 1; $this->sets['flood_time_pm'] = 30; $this->sets['flood_time_search'] = 10; $this->sets['members'] = 0; $this->sets['spider_active'] = 1; $this->sets['spider_name'] = array('googlebot' => 'Google', 'lycos' => 'Google', 'ask jeeves' => 'Google', 'scooter' => 'Altavista', 'fast-webcrawler' => 'AlltheWeb', 'slurp@inktomi' => 'Inktomi', 'turnitinbot' => 'Turnitin.com', 'gigabot' => 'Gigabot', 'yahoo' => 'Yahoo! Slurp', 'msnbot' => 'MSN Search', 'mediapartners-google' => 'AdSense', 'naverbot' => 'Naver', 'jetbot' => 'JetEye', 'alexa' => 'Alexa', 'ArchitextSpider' => 'Excite-Bot', 'pipeLiner' => 'PipeLine Spider'); $this->sets['debug_mode'] = 0; $this->sets['rss_feed_title'] = ''; $this->sets['rss_feed_desc'] = ''; $this->sets['rss_feed_posts'] = 5; $this->sets['rss_feed_time'] = 60; $this->sets['optional_modules'] = array('active', 'cp', 'email', 'help', 'members', 'mod', 'pm', 'profile', 'search', 'recent', 'rssfeed'); $settings = serialize($this->sets); // Create tables include './' . $this->sets['dbtype'] . '_data_tables.php'; execute_queries($queries, $db); $queries = null; // Create template $xmlInfo = new xmlparser(); $xmlInfo->parse(SKIN_FILE); $templatesNode = $xmlInfo->GetNodeByPath('QSFMOD/TEMPLATES'); packageutil::insert_templates('default', $this->db, $templatesNode); unset($templatesNode); $xmlInfo = null; $this->post['admin_pass'] = md5($this->post['admin_pass']); if (get_magic_quotes_gpc()) { $this->unset_magic_quotes_gpc($this->get); $this->unset_magic_quotes_gpc($this->post); $this->unset_magic_quotes_gpc($this->cookie); } $this->post['admin_name'] = str_replace(array('&#', '\''), array('&#', '''), htmlspecialchars($this->post['admin_name'])); $this->db->query($this->db->install_new_user, $this->post['admin_name'], $this->post['admin_pass'], USER_ADMIN, $this->time, $this->post['admin_email'], $this->sets['servertime']); $admin_uid = $this->db->insert_id("users"); $this->sets['last_member'] = $this->post['admin_name']; $this->sets['last_member_id'] = $admin_uid; $this->sets['admin_incoming'] = $this->post['admin_email']; $this->sets['admin_outgoing'] = $this->post['admin_email']; $this->sets['members']++; $this->sets['installed'] = 1; if (isset($this->post['seed_data']) && $this->post['seed_data']) { include './seed_data.php'; // Create Category $categoryId = $this->create_forum($categoryName, $categoryDesc, 0); // Create Forum $forumId = $this->create_forum($forumName, $forumDesc, $categoryId); // Create Topic $this->db->query($this->db->install_seed_topic_create, $topicName, $forumId, $topicDesc, $admin_uid, $topicIcon, $this->time, $this->time, $admin_uid, TOPIC_PUBLISH); $topicId = $this->db->insert_id("topics"); // Create Post $this->db->query($this->db->install_seed_post_create, $topicId, $admin_uid, $topicPost, $this->time, $this->ip, $topicIcon); $postId = $this->db->insert_id("posts"); $this->db->query($this->db->install_seed_update_topic, $postId, $topicId); $this->db->query($this->db->install_seed_update_user, $this->time, $admin_uid); $this->db->query($this->db->install_seed_update_forums, $postId, $forumId); $this->sets['topics']++; $this->sets['posts']++; } $writeSetsWorked = $this->write_db_sets('../settings.php'); $this->write_sets(); setcookie($this->sets['cookie_prefix'] . 'user', $admin_uid, $this->time + $this->sets['logintime'], $this->sets['cookie_path'], $this->sets['cookie_domain'], $this->sets['cookie_secure'], true); setcookie($this->sets['cookie_prefix'] . 'pass', $this->post['admin_pass'], $this->time + $this->sets['logintime'], $this->sets['cookie_path'], $this->sets['cookie_domain'], $this->sets['cookie_secure'], true); if (!$writeSetsWorked) { echo "Congratulations! Your board has been installed.<br />\n\t\t\t\tAn administrator account was registered.<br />"; echo "Click here to download your settings.php file. You must put this file on the webhost before the board is ready to use<br/>\n"; echo "<form action=\"{$this->self}?mode=new_install&step=3\" method=\"post\">\n\n\t\t\t\t\t<input type=\"hidden\" name=\"db_host\" value=\"" . htmlspecialchars($this->post['db_host']) . "\" />\n\n\t\t\t\t\t<input type=\"hidden\" name=\"db_name\" value=\"" . htmlspecialchars($this->post['db_name']) . "\" />\n\n\t\t\t\t\t<input type=\"hidden\" name=\"db_user\" value=\"" . htmlspecialchars($this->post['db_user']) . "\" />\n\n\t\t\t\t\t<input type=\"hidden\" name=\"db_pass\" value=\"" . htmlspecialchars($this->post['db_pass']) . "\" />\n\n\t\t\t\t\t<input type=\"hidden\" name=\"db_port\" value=\"" . htmlspecialchars($this->post['db_port']) . "\" />\n\n\t\t\t\t\t<input type=\"hidden\" name=\"db_socket\" value=\"" . htmlspecialchars($this->post['db_socket']) . "\" />\n\n\t\t\t\t\t<input type=\"hidden\" name=\"prefix\" value=\"" . htmlspecialchars($this->post['prefix']) . "\" />\n\n\t\t\t\t\t<input type=\"submit\" value=\"Download settings.php\" />\n\t\t\t\t\t</form>\n\t\t\t\t\t<br/>\n\n\t\t\t\t\tOnce this is done: REMEMBER TO DELETE THE INSTALL DIRECTORY!<br /><br />\n\t\t\t\t\t<a href='../index.php'>Go to your board.</a>\n\t\t\t\t\t "; } else { echo "Congratulations! Your board has been installed.<br />\n\t\t\t\tAn administrator account was registered.<br />\n\t\t\t\tREMEMBER TO DELETE THE INSTALL DIRECTORY!<br /><br />\n\t\t\t\t<a href='../index.php'>Go to your board.</a>"; } break; case 3: // Give them the settings.php file $this->sets['db_host'] = $this->post['db_host']; $this->sets['db_user'] = $this->post['db_user']; $this->sets['db_pass'] = $this->post['db_pass']; $this->sets['db_name'] = $this->post['db_name']; $this->sets['db_port'] = $this->post['db_port']; $this->sets['db_socket'] = $this->post['db_socket']; $this->sets['installed'] = 1; $this->sets['prefix'] = trim(preg_replace('/[^a-zA-Z0-9_]/', '', $this->post['prefix'])); $settingsFile = $this->create_settings_file(); ob_clean(); header("Content-type: application/octet-stream"); header("Content-Disposition: attachment; filename=\"settings.php\""); echo $settingsFile; exit; break; } }