/**
* Checks if server is ready to work by comparing the server's $type version.
* At least are required both PHP 5 and MySQL 5.
* @param string $type "php" or "mysql", by now
* @param string $minReqVer minimun system version (default: 5.0.0)
* @return boolean TRUE on sucess, or FALSE on failure
*/
function check_systemversion($type, $minReqVer = "5.0.0")
{
switch (strtolower($type)) {
case 'mysql':
// mysqli_get_client_info() doesn't require connection
//$ver = mysqli_get_client_info();
$ver = db_version();
break;
case 'php':
$ver = phpversion();
break;
default:
break;
}
// $ver must be >= $minReqVer
$status = version_compare($ver, $minReqVer, ">=");
return $status;
}
/**
* Show administration index page
*
* @param void
* @return null
*/
function index()
{
if (isset($this->application->version)) {
$version = $this->application->version;
} else {
$version = '1.0';
}
// if
$admin_sections = array(ADMIN_SECTION_SYSTEM => null, ADMIN_SECTION_MAIL => null, ADMIN_SECTION_TOOLS => null, ADMIN_SECTION_OTHER => null);
event_trigger('on_admin_sections', array(&$admin_sections));
$original_licence_key = LICENSE_KEY;
$license_id = '';
$license_group_length = 6;
for ($x = 0; $x < ceil(strlen($original_licence_key) / $license_group_length); $x++) {
$license_id .= substr($original_licence_key, $x * $license_group_length, $license_group_length) . '-';
}
// for
$license_id .= LICENSE_UID;
$support_url = 'https://www.activecollab.com/support/index.php?pg=request';
$support_url .= '&acinfo[ac_version]=' . urlencode($version);
$support_url .= '&acinfo[ac_version]=' . urlencode($version);
$support_url .= '&acinfo[php_version]=' . urlencode(PHP_VERSION);
$support_url .= '&acinfo[mysql_version]=' . urlencode(db_version());
$support_url .= '&acinfo[license_key]=' . urlencode($original_licence_key);
$support_url .= '&acinfo[license_type]=' . urlencode(LICENSE_PACKAGE);
$support_url .= '&acinfo[license_uid]=' . urlencode(LICENSE_UID);
$support_url .= '&acinfo[license_branding_removed]=' . urlencode(LICENSE_COPYRIGHT_REMOVED);
$support_url .= '&acinfo[license_url]=' . urlencode(LICENSE_URL);
$support_url .= '&acinfo[encoded_license_id]=' . urlencode($license_id);
$user_id = LICENSE_UID;
$license_key = LICENSE_KEY;
$update_to_corporate_url = LICENSE_PACKAGE == 'corporate' ? false : "http://www.activecollab.com/user/{$user_id}/upgrade-to-corporate?license_key={$license_key}";
$branding_removal_url = LICENSE_COPYRIGHT_REMOVED === true ? false : "http://www.activecollab.com/user/{$user_id}/purchase-branding-removal?license_key={$license_key}";
$extend_support_url = "http://www.activecollab.com/user/{$user_id}/extend-support?license_key={$license_key}";
$this->smarty->assign(array('ac_version' => $version, 'admin_sections' => $admin_sections, 'php_version' => PHP_VERSION, 'mysql_version' => db_version(), 'license_user_id' => LICENSE_UID, 'licence_type' => LICENSE_PACKAGE, 'licence_url' => LICENSE_URL, 'licence_expires' => new DateValue(LICENSE_EXPIRES), 'license_branding_removed' => LICENSE_COPYRIGHT_REMOVED, 'license_id' => $license_id, 'support_url' => $support_url, 'upgrade_to_corporate_url' => LICENSE_PACKAGE === 'corporate' ? false : "http://www.activecollab.com/user/{$user_id}/upgrade-to-corporate?license_key={$license_key}", 'branding_removal_url' => LICENSE_COPYRIGHT_REMOVED === true ? false : "http://www.activecollab.com/user/{$user_id}/purchase-branding-removal?license_key={$license_key}", 'extend_support_url' => "http://www.activecollab.com/user/{$user_id}/extend-support?license_key={$license_key}"));
}
function check_mysql_version()
{
return version_compare(db_version(), $this->getMySQLVersion()) >= 0;
}
while (!@socket_connect($s, $vars['dbhost'], 3306) && $t < CONNECTION_TIMEOUT_SEC) {
$t++;
if ($t % 15 == 0) {
echo "Waited for {$t} seconds...\n";
}
sleep(1);
}
if ($t >= CONNECTION_TIMEOUT_SEC) {
err("Timed out waiting for database TCP connection");
}
//Check database installation status
$db_installed = false;
echo "Connecting to database mysql://{$vars['dbuser']}@{$vars['dbhost']}/{$vars['dbname']}\n";
if (!db_connect($vars['dbhost'], $vars['dbuser'], $vars['dbpass'])) {
err(sprintf(__('Unable to connect to MySQL server: %s'), db_connect_error()));
} elseif (explode('.', db_version()) < explode('.', $installer->getMySQLVersion())) {
err(sprintf(__('osTicket requires MySQL %s or later!'), $installer->getMySQLVersion()));
} elseif (!db_select_database($vars['dbname']) && !db_create_database($vars['dbname'])) {
err("Database doesn't exist");
} elseif (!db_select_database($vars['dbname'])) {
err('Unable to select the database');
} else {
$sql = 'SELECT * FROM `' . $vars['prefix'] . 'config` LIMIT 1';
if (db_query($sql, false)) {
$db_installed = true;
echo "Database already installed\n";
}
}
//Create secret if not set by env var and not previously stored
DEFINE('SECRET_FILE', '/data/secret.txt');
if (!$vars['siri']) {
if (CONF_BACKEND_SAFEMODE != 1 && (!isset($_SESSION["log"]) || !in_array(26, $relaccess))) {
$smarty->assign("admin_sub_dpt", "error_forbidden.tpl");
} else {
$postsize = ini_get('upload_max_filesize');
$executiontime = ini_get('max_execution_time');
$registerglobals = ini_get('register_globals') == 1 ? "On" : "Off";
$safemodel = ini_get('safe_mode') == 1 || strtolower(ini_get('safe_mode')) == 'on' ? "On" : "Off";
$magicquotesgpc = ini_get('magic_quotes_gpc') == 1 || strtolower(ini_get('magic_quotes_gpc')) == 'on' ? "On" : "Off";
$fileup = ini_get('file_uploads') == 1 || strtolower(ini_get('file_uploads')) == 'on' ? "On" : "Off";
$smarty->assign("postsize", $postsize);
$smarty->assign("executiontime", $executiontime);
$smarty->assign("registerglobals", $registerglobals);
$smarty->assign("safemodel", $safemodel);
$smarty->assign("magicquotesgpc", $magicquotesgpc);
$smarty->assign("fileup", $fileup);
$rd = db_version();
$smarty->assign("mver", $rd);
$phpver = phpversion();
$smarty->assign("pver", $phpver);
if (!extension_loaded('gd')) {
$gd_ver = 0;
} else {
$gd_ver = php_gd();
}
if ($gd_ver == 0) {
$smarty->assign("gd_ver", ADMIN_NOGD);
} else {
$smarty->assign("gd_ver", $gd_ver);
}
$qzz = db_query("select count(*) from " . ORDERS_TABLE . " WHERE statusID!=0 ");
$nzz = db_fetch_row($qzz);
?>
<h2><?php echo __('About this osTicket Installation'); ?></h2>
<br/>
<table class="list" width="100%";>
<thead>
<tr><th colspan="2"><?php echo __('Server Information'); ?></th></tr>
</thead>
<tbody>
<tr><td><?php echo __('osTicket Version'); ?></td>
<td><span class="ltr"><?php
echo sprintf("%s (%s)", THIS_VERSION, trim($commit)); ?></span></td></tr>
<tr><td><?php echo __('Web Server Software'); ?></td>
<td><span class="ltr"><?php echo $_SERVER['SERVER_SOFTWARE']; ?></span></td></tr>
<tr><td><?php echo __('MySQL Version'); ?></td>
<td><span class="ltr"><?php echo db_version(); ?></span></td></tr>
<tr><td><?php echo __('PHP Version'); ?></td>
<td><span class="ltr"><?php echo phpversion(); ?></span></td></tr>
</tbody>
<thead>
<tr><th colspan="2"><?php echo __('PHP Extensions'); ?></th></tr>
</thead>
<tbody>
<?php
foreach($extensions as $ext => $info) { ?>
<tr><td><?php echo $info['name']; ?></td>
<td><?php
echo sprintf('<i class="icon icon-%s"></i> %s',
extension_loaded($ext) ? 'check' : 'warning-sign',
$info['desc']);
?>
if ($_POST['sysemail'] && $_POST['email'] && !strcasecmp($_POST['sysemail'], $_POST['email'])) {
$errors['email'] = 'Conflicts with system email above';
}
if (!$errors && strcasecmp($_POST['password'], $_POST['password2'])) {
$errors['password2'] = 'passwords to not match!';
}
//Check table prefix underscore required at the end!
if ($_POST['prefix'] && substr($_POST['prefix'], -1) != '_') {
$errors['prefix'] = 'Bad prefix. Must have underscore (_) at the end. e.g \'ost_\'';
}
//Connect to the DB
if (!$errors && !db_connect($_POST['dbhost'], $_POST['dbuser'], $_POST['dbpass'])) {
$errors['mysql'] = 'Unable to connect to MySQL server. Possibly invalid login info. <br>';
}
//check mysql version
if (!$errors && db_version() < '4.1.1') {
$errors['mysql'] = 'osTicket requires MySQL 4.1.1 or better! Please upgrade';
}
//Select the DB
if (!$errors && !db_select_database($_POST['dbname'])) {
//Try creating the missing DB
if (!db_query('CREATE DATABASE ' . $_POST['dbname'])) {
$errors['dbname'] = 'Database doesn\'t exist';
$errors['mysql'] = 'Unable to create the database due to permission';
} elseif (!db_select_database($_POST['dbname'])) {
$errors['dbname'] = 'Unable to select the database';
}
}
//Get database schema
if (!$errors && (!file_exists(SCHEMAFILE) || !($schema = file_get_contents(SCHEMAFILE)))) {
$errors['err'] = 'Internal error. Please make sure your download is the latest';
function install($vars) {
$this->errors=$f=array();
$f['name'] = array('type'=>'string', 'required'=>1, 'error'=>__('Name required'));
$f['email'] = array('type'=>'email', 'required'=>1, 'error'=>__('Valid email required'));
$f['fname'] = array('type'=>'string', 'required'=>1, 'error'=>__('First name required'));
$f['lname'] = array('type'=>'string', 'required'=>1, 'error'=>__('Last name required'));
$f['admin_email'] = array('type'=>'email', 'required'=>1, 'error'=>__('Valid email required'));
$f['username'] = array('type'=>'username', 'required'=>1, 'error'=>__('Username required'));
$f['passwd'] = array('type'=>'password', 'required'=>1, 'error'=>__('Password required'));
$f['passwd2'] = array('type'=>'password', 'required'=>1, 'error'=>__('Confirm Password'));
$f['prefix'] = array('type'=>'string', 'required'=>1, 'error'=>__('Table prefix required'));
$f['dbhost'] = array('type'=>'string', 'required'=>1, 'error'=>__('Host name required'));
$f['dbname'] = array('type'=>'string', 'required'=>1, 'error'=>__('Database name required'));
$f['dbuser'] = array('type'=>'string', 'required'=>1, 'error'=>__('Username required'));
$f['dbpass'] = array('type'=>'string', 'required'=>1, 'error'=>__('Password required'));
$vars = array_map('trim', $vars);
if(!Validator::process($f,$vars,$this->errors) && !$this->errors['err'])
$this->errors['err']=__('Missing or invalid data - correct the errors and try again.');
//Staff's email can't be same as system emails.
if($vars['admin_email'] && $vars['email'] && !strcasecmp($vars['admin_email'],$vars['email']))
$this->errors['admin_email']=__('Conflicts with system email above');
//Admin's pass confirmation.
if(!$this->errors && strcasecmp($vars['passwd'],$vars['passwd2']))
$this->errors['passwd2']=__('Password(s) do not match');
//Check table prefix underscore required at the end!
if($vars['prefix'] && substr($vars['prefix'], -1)!='_')
$this->errors['prefix']=__('Bad prefix. Must have underscore (_) at the end. e.g \'ost_\'');
//Make sure admin username is not very predictable. XXX: feels dirty but necessary
if(!$this->errors['username'] && in_array(strtolower($vars['username']),array('admin','admins','username','osticket')))
$this->errors['username']=__('Bad username');
// Support port number specified in the hostname with a colon (:)
list($host, $port) = explode(':', $vars['dbhost']);
if ($port && is_numeric($port) && ($port < 1 || $port > 65535))
$this->errors['db'] = __('Invalid database port number');
//MYSQL: Connect to the DB and check the version & database (create database if it doesn't exist!)
if(!$this->errors) {
if(!db_connect($vars['dbhost'],$vars['dbuser'],$vars['dbpass']))
$this->errors['db']=sprintf(__('Unable to connect to MySQL server: %s'), db_connect_error());
elseif(explode('.', db_version()) < explode('.', $this->getMySQLVersion()))
$this->errors['db']=sprintf(__('osTicket requires MySQL %s or later!'),$this->getMySQLVersion());
elseif(!db_select_database($vars['dbname']) && !db_create_database($vars['dbname'])) {
$this->errors['dbname']=__("Database doesn't exist");
$this->errors['db']=__('Unable to create the database.');
} elseif(!db_select_database($vars['dbname'])) {
$this->errors['dbname']=__('Unable to select the database');
} else {
//Abort if we have another installation (or table) with same prefix.
$sql = 'SELECT * FROM `'.$vars['prefix'].'config` LIMIT 1';
if(db_query($sql, false)) {
$this->errors['err'] = __('We have a problem - another installation with same table prefix exists!');
$this->errors['prefix'] = __('Prefix already in-use');
} else {
//Try changing charset and collation of the DB - no bigie if we fail.
db_query('ALTER DATABASE '.$vars['dbname'].' DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci', false);
}
}
}
//bailout on errors.
if($this->errors) return false;
/*************** We're ready to install ************************/
define('ADMIN_EMAIL',$vars['admin_email']); //Needed to report SQL errors during install.
define('TABLE_PREFIX',$vars['prefix']); //Table prefix
Bootstrap::defineTables(TABLE_PREFIX);
Bootstrap::loadCode();
$debug = true; // Change it to false to squelch SQL errors.
//Last minute checks.
if(!file_exists($this->getConfigFile()) || !($configFile=file_get_contents($this->getConfigFile())))
$this->errors['err']=__('Unable to read config file. Permission denied! (#2)');
elseif(!($fp = @fopen($this->getConfigFile(),'r+')))
$this->errors['err']=__('Unable to open config file for writing. Permission denied! (#3)');
else {
$streams = DatabaseMigrater::getUpgradeStreams(INCLUDE_DIR.'upgrader/streams/');
foreach ($streams as $stream=>$signature) {
$schemaFile = INC_DIR."streams/$stream/install-mysql.sql";
if (!file_exists($schemaFile) || !($fp2 = fopen($schemaFile, 'rb')))
$this->errors['err'] = sprintf(
__('%s: Internal Error - please make sure your download is the latest (#1)'),
$stream);
elseif (
// TODO: Make the hash algo configurable in the streams
// configuration ( core : md5 )
!($hash = md5(fread($fp2, filesize($schemaFile))))
|| strcasecmp($signature, $hash))
$this->errors['err'] = sprintf(
__('%s: Unknown or invalid schema signature (%s .. %s)'),
$stream,
$signature, $hash);
elseif (!$this->load_sql_file($schemaFile, $vars['prefix'], true, $debug))
$this->errors['err'] = sprintf(
__('%s: Error parsing SQL schema! Get help from developers (#4)'),
$stream);
}
}
if(!$this->errors) {
// TODO: Use language selected from install worksheet
$i18n = new Internationalization($vars['lang_id']);
$i18n->loadDefaultData();
Signal::send('system.install', $this);
$sql='SELECT `id` FROM '.TABLE_PREFIX.'sla ORDER BY `id` LIMIT 1';
$sla_id_1 = db_result(db_query($sql, false));
$sql='SELECT `dept_id` FROM '.TABLE_PREFIX.'department ORDER BY `dept_id` LIMIT 1';
$dept_id_1 = db_result(db_query($sql, false));
$sql='SELECT `tpl_id` FROM '.TABLE_PREFIX.'email_template_group ORDER BY `tpl_id` LIMIT 1';
$template_id_1 = db_result(db_query($sql, false));
$sql='SELECT `group_id` FROM '.TABLE_PREFIX.'groups ORDER BY `group_id` LIMIT 1';
$group_id_1 = db_result(db_query($sql, false));
$sql='SELECT `value` FROM '.TABLE_PREFIX.'config WHERE namespace=\'core\' and `key`=\'default_timezone_id\' LIMIT 1';
$default_timezone = db_result(db_query($sql, false));
//Create admin user.
$sql='INSERT INTO '.TABLE_PREFIX.'staff SET created=NOW() '
.", isactive=1, isadmin=1, group_id='$group_id_1', dept_id='$dept_id_1'"
.", timezone_id='$default_timezone', max_page_size=25"
.', email='.db_input($vars['admin_email'])
.', firstname='.db_input($vars['fname'])
.', lastname='.db_input($vars['lname'])
.', username='******'username'])
.', passwd='.db_input(Passwd::hash($vars['passwd']));
if(!db_query($sql, false) || !($uid=db_insert_id()))
$this->errors['err']=__('Unable to create admin user (#6)');
}
if(!$this->errors) {
//Create default emails!
$email = $vars['email'];
list(,$domain)=explode('@',$vars['email']);
$sql='INSERT INTO '.TABLE_PREFIX.'email (`name`,`email`,`created`,`updated`) VALUES '
." ('Support','$email',NOW(),NOW())"
.",('osTicket Alerts','alerts@$domain',NOW(),NOW())"
.",('','noreply@$domain',NOW(),NOW())";
$support_email_id = db_query($sql, false) ? db_insert_id() : 0;
$sql='SELECT `email_id` FROM '.TABLE_PREFIX."email WHERE `email`='alerts@$domain' LIMIT 1";
$alert_email_id = db_result(db_query($sql, false));
//Create config settings---default settings!
$defaults = array(
'default_email_id'=>$support_email_id,
'alert_email_id'=>$alert_email_id,
'default_dept_id'=>$dept_id_1, 'default_sla_id'=>$sla_id_1,
'default_template_id'=>$template_id_1,
'admin_email'=>$vars['admin_email'],
'schema_signature'=>$streams['core'],
'helpdesk_url'=>URL,
'helpdesk_title'=>$vars['name']);
$config = new Config('core');
if (!$config->updateAll($defaults))
$this->errors['err']=__('Unable to create config settings').' (#7)';
// Set company name
require_once(INCLUDE_DIR.'class.company.php');
$company = new Company();
$company->getForm()->setAnswer('name', $vars['name']);
$company->getForm()->save();
foreach ($streams as $stream=>$signature) {
if ($stream != 'core') {
$config = new Config($stream);
if (!$config->update('schema_signature', $signature))
$this->errors['err']=__('Unable to create config settings').' (#8)';
}
}
}
if($this->errors) return false; //Abort on internal errors.
//Rewrite the config file - MUST be done last to allow for installer recovery.
$configFile= str_replace("define('OSTINSTALLED',FALSE);","define('OSTINSTALLED',TRUE);",$configFile);
$configFile= str_replace('%ADMIN-EMAIL',$vars['admin_email'],$configFile);
$configFile= str_replace('%CONFIG-DBHOST',$vars['dbhost'],$configFile);
$configFile= str_replace('%CONFIG-DBNAME',$vars['dbname'],$configFile);
$configFile= str_replace('%CONFIG-DBUSER',$vars['dbuser'],$configFile);
$configFile= str_replace('%CONFIG-DBPASS',$vars['dbpass'],$configFile);
$configFile= str_replace('%CONFIG-PREFIX',$vars['prefix'],$configFile);
$configFile= str_replace('%CONFIG-SIRI',Misc::randCode(32),$configFile);
if(!$fp || !ftruncate($fp,0) || !fwrite($fp,$configFile)) {
$this->errors['err']=__('Unable to write to config file. Permission denied! (#5)');
return false;
}
@fclose($fp);
/************* Make the system happy ***********************/
$sql='UPDATE '.TABLE_PREFIX."email SET dept_id=$dept_id_1";
db_query($sql, false);
global $cfg;
$cfg = new OsticketConfig();
//Create a ticket to make the system warm and happy.
$errors = array();
$ticket_vars = $i18n->getTemplate('templates/ticket/installed.yaml')
->getData();
$ticket = Ticket::create($ticket_vars, $errors, 'api', false, false);
if ($ticket
&& ($org = Organization::objects()->order_by('id')->one())) {
$user=User::lookup($ticket->getOwnerId());
$user->setOrganization($org);
}
//TODO: create another personalized ticket and assign to admin??
//Log a message.
$msg=__("Congratulations osTicket basic installation completed!\n\nThank you for choosing osTicket!");
$sql='INSERT INTO '.TABLE_PREFIX.'syslog SET created=NOW(), updated=NOW(), log_type="Debug" '
.', title="osTicket installed!"'
.', log='.db_input($msg)
.', ip_address='.db_input($_SERVER['REMOTE_ADDR']);
db_query($sql, false);
return true;
}
?>
</b></small>)</li>
<li class="<?php
echo $upgrader->check_mysql() ? 'yes' : 'no';
?>
">
MySQLi extension for PHP - (<small><b><?php
echo extension_loaded('mysqli') ? 'module loaded' : 'missing!';
?>
</b></small>)</li>
<li class="<?php
echo $upgrader->check_mysql_version() ? 'yes' : 'no';
?>
">
MySQL v5.0 or greater - (<small><b><?php
echo db_version();
?>
</b></small>)</li>
</ul>
<h3>Highly Recommended:</h3>
We highly recommend that you follow the steps below.
<ul>
<li>Back up the current database if you haven't done so already.</li>
<li>Be patient. The upgrade process will take a couple of seconds.</li>
</ul>
<div id="bar">
<form method="post" action="upgrade.php" id="prereq">
<?php
csrf_token();
?>
<input type="hidden" name="s" value="prereq">
<div id="intro">
<p><?php echo __('Thank you for being a loyal osTicket user!');?></p>
<p><?php echo __("The upgrade wizard will guide you every step of the way in the upgrade process. While we try to ensure that the upgrade process is straightforward and painless, we can't guarantee it will be the case for every user.");?></p>
</div>
<h2><?php echo __('Getting ready!');?></h2>
<p><?php echo __("Before we begin, we'll check your server configuration to make sure you meet the minimum requirements to run the latest version of osTicket.");?></p>
<h3><?php echo __('Prerequisites');?>: <font color="red"><?php echo $errors['prereq']; ?></font></h3>
<?php echo __('These items are necessary in order to run the latest version of osTicket.');?>
<ul class="progress">
<li class="<?php echo $upgrader->check_php()?'yes':'no'; ?>">
<?php echo sprintf(__('%s or later'), 'PHP v5.3'); ?> - (<small><b><?php echo PHP_VERSION; ?></b></small>)</li>
<li class="<?php echo $upgrader->check_mysql()?'yes':'no'; ?>">
<?php echo __('MySQLi extension for PHP'); ?>- (<small><b><?php
echo extension_loaded('mysqli')?__('module loaded'):__('missing!'); ?></b></small>)</li>
<li class="<?php echo $upgrader->check_mysql_version()?'yes':'no'; ?>">
<?php echo sprintf(__('%s or later'), 'MySQL v5.0'); ?> - (<small><b><?php echo db_version(); ?></b></small>)</li>
</ul>
<h3><?php echo __('Higly Recommended');?>:</h3>
<?php echo __('We highly recommend that you follow the steps below.');?>
<ul>
<li><?php echo __("Back up the current database if you haven't done so already."); ?></li>
<li><?php echo __("Be patient. The upgrade process will take a couple of seconds."); ?></li>
</ul>
<div id="bar">
<form method="post" action="upgrade.php" id="prereq">
<?php csrf_token(); ?>
<input type="hidden" name="s" value="prereq">
<input class="btn" type="submit" name="submit" value="<?php echo __('Start Upgrade Now');?> »">
</form>
</div>
</div>
function install($vars)
{
$this->errors = $f = array();
$f['name'] = array('type' => 'string', 'required' => 1, 'error' => 'Name required');
$f['email'] = array('type' => 'email', 'required' => 1, 'error' => 'Valid email required');
$f['fname'] = array('type' => 'string', 'required' => 1, 'error' => 'First name required');
$f['lname'] = array('type' => 'string', 'required' => 1, 'error' => 'Last name required');
$f['admin_email'] = array('type' => 'email', 'required' => 1, 'error' => 'Valid email required');
$f['username'] = array('type' => 'username', 'required' => 1, 'error' => 'Username required');
$f['passwd'] = array('type' => 'password', 'required' => 1, 'error' => 'Password required');
$f['passwd2'] = array('type' => 'string', 'required' => 1, 'error' => 'Confirm password');
$f['prefix'] = array('type' => 'string', 'required' => 1, 'error' => 'Table prefix required');
$f['dbhost'] = array('type' => 'string', 'required' => 1, 'error' => 'Hostname required');
$f['dbname'] = array('type' => 'string', 'required' => 1, 'error' => 'Database name required');
$f['dbuser'] = array('type' => 'string', 'required' => 1, 'error' => 'Username required');
$f['dbpass'] = array('type' => 'string', 'required' => 1, 'error' => 'password required');
if (!Validator::process($f, $vars, $this->errors) && !$this->errors['err']) {
$this->errors['err'] = 'Missing or invalid data - correct the errors and try again.';
}
//Staff's email can't be same as system emails.
if ($vars['admin_email'] && $vars['email'] && !strcasecmp($vars['admin_email'], $vars['email'])) {
$this->errors['admin_email'] = 'Conflicts with system email above';
}
//Admin's pass confirmation.
if (!$this->errors && strcasecmp($vars['passwd'], $vars['passwd2'])) {
$this->errors['passwd2'] = 'passwords to not match!';
}
//Check table prefix underscore required at the end!
if ($vars['prefix'] && substr($vars['prefix'], -1) != '_') {
$this->errors['prefix'] = 'Bad prefix. Must have underscore (_) at the end. e.g \'ost_\'';
}
//Make sure admin username is not very predictable. XXX: feels dirty but necessary
if (!$this->errors['username'] && in_array(strtolower($vars['username']), array('admin', 'admins', 'username', 'osticket'))) {
$this->errors['username'] = '******';
}
// Support port number specified in the hostname with a colon (:)
list($host, $port) = explode(':', $vars['dbhost']);
if ($port && is_numeric($port) && ($port < 1 || $port > 65535)) {
$this->errors['db'] = 'Invalid database port number';
}
//MYSQL: Connect to the DB and check the version & database (create database if it doesn't exist!)
if (!$this->errors) {
if (!db_connect($vars['dbhost'], $vars['dbuser'], $vars['dbpass'])) {
$this->errors['db'] = 'Unable to connect to MySQL server. ' . db_connect_error();
} elseif (explode('.', db_version()) < explode('.', $this->getMySQLVersion())) {
$this->errors['db'] = sprintf('osTicket requires MySQL %s or better!', $this->getMySQLVersion());
} elseif (!db_select_database($vars['dbname']) && !db_create_database($vars['dbname'])) {
$this->errors['dbname'] = 'Database doesn\'t exist';
$this->errors['db'] = 'Unable to create the database.';
} elseif (!db_select_database($vars['dbname'])) {
$this->errors['dbname'] = 'Unable to select the database';
} else {
//Abort if we have another installation (or table) with same prefix.
$sql = 'SELECT * FROM `' . $vars['prefix'] . 'config` LIMIT 1';
if (db_query($sql, false)) {
$this->errors['err'] = 'We have a problem - another installation with same table prefix exists!';
$this->errors['prefix'] = 'Prefix already in-use';
} else {
//Try changing charset and collation of the DB - no bigie if we fail.
db_query('ALTER DATABASE ' . $vars['dbname'] . ' DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci', false);
}
}
}
//bailout on errors.
if ($this->errors) {
return false;
}
/*************** We're ready to install ************************/
define('ADMIN_EMAIL', $vars['admin_email']);
//Needed to report SQL errors during install.
define('PREFIX', $vars['prefix']);
//Table prefix
$debug = true;
// Change it to false to squelch SQL errors.
//Last minute checks.
if (!file_exists($this->getConfigFile()) || !($configFile = file_get_contents($this->getConfigFile()))) {
$this->errors['err'] = 'Unable to read config file. Permission denied! (#2)';
} elseif (!($fp = @fopen($this->getConfigFile(), 'r+'))) {
$this->errors['err'] = 'Unable to open config file for writing. Permission denied! (#3)';
} else {
$streams = DatabaseMigrater::getUpgradeStreams(INCLUDE_DIR . 'upgrader/streams/');
foreach ($streams as $stream => $signature) {
$schemaFile = INC_DIR . "streams/{$stream}/install-mysql.sql";
if (!file_exists($schemaFile) || !($fp2 = fopen($schemaFile, 'rb'))) {
$this->errors['err'] = $stream . ': Internal Error - please make sure your download is the latest (#1)';
} elseif (!($hash = md5(fread($fp2, filesize($schemaFile)))) || strcasecmp($signature, $hash)) {
$this->errors['err'] = $stream . ': Unknown or invalid schema signature (' . $signature . ' .. ' . $hash . ')';
} elseif (!$this->load_sql_file($schemaFile, $vars['prefix'], true, $debug)) {
$this->errors['err'] = $stream . ': Error parsing SQL schema! Get help from developers (#4)';
}
}
}
$sql = 'SELECT `id` FROM ' . PREFIX . 'sla ORDER BY `id` LIMIT 1';
$sla_id_1 = db_result(db_query($sql, false), 0);
$sql = 'SELECT `dept_id` FROM ' . PREFIX . 'department ORDER BY `dept_id` LIMIT 1';
$dept_id_1 = db_result(db_query($sql, false), 0);
$sql = 'SELECT `tpl_id` FROM ' . PREFIX . 'email_template_group ORDER BY `tpl_id` LIMIT 1';
$template_id_1 = db_result(db_query($sql, false), 0);
$sql = 'SELECT `group_id` FROM ' . PREFIX . 'groups ORDER BY `group_id` LIMIT 1';
$group_id_1 = db_result(db_query($sql, false), 0);
$sql = 'SELECT `id` FROM ' . PREFIX . 'timezone WHERE offset=-5.0 LIMIT 1';
$eastern_timezone = db_result(db_query($sql, false), 0);
if (!$this->errors) {
//Create admin user.
$sql = 'INSERT INTO ' . PREFIX . 'staff SET created=NOW() ' . ", isactive=1, isadmin=1, group_id={$group_id_1}, dept_id={$dept_id_1}" . ", timezone_id={$eastern_timezone}, max_page_size=25" . ', email=' . db_input($vars['admin_email']) . ', firstname=' . db_input($vars['fname']) . ', lastname=' . db_input($vars['lname']) . ', username='******'username']) . ', passwd=' . db_input(Passwd::hash($vars['passwd']));
if (!db_query($sql, false) || !($uid = db_insert_id())) {
$this->errors['err'] = 'Unable to create admin user (#6)';
}
}
if (!$this->errors) {
//Create default emails!
$email = $vars['email'];
list(, $domain) = explode('@', $vars['email']);
$sql = 'INSERT INTO ' . PREFIX . 'email (`name`,`email`,`created`,`updated`) VALUES ' . " ('Support','{$email}',NOW(),NOW())" . ",('osTicket Alerts','alerts@{$domain}',NOW(),NOW())" . ",('','noreply@{$domain}',NOW(),NOW())";
$support_email_id = db_query($sql, false) ? db_insert_id() : 0;
$sql = 'SELECT `email_id` FROM ' . PREFIX . "email WHERE `email`='alerts@{$domain}' LIMIT 1";
$alert_email_id = db_result(db_query($sql, false), 0);
//Create config settings---default settings!
//XXX: rename ostversion helpdesk_* ??
// XXX: Some of this can go to the core install file
$defaults = array('isonline' => '0', 'default_email_id' => $support_email_id, 'alert_email_id' => $alert_email_id, 'default_dept_id' => $dept_id_1, 'default_sla_id' => $sla_id_1, 'default_timezone_id' => $eastern_timezone, 'default_template_id' => $template_id_1, 'admin_email' => db_input($vars['admin_email']), 'schema_signature' => db_input($streams['core']), 'helpdesk_url' => db_input(URL), 'helpdesk_title' => db_input($vars['name']));
foreach ($defaults as $key => $value) {
$sql = 'UPDATE ' . PREFIX . 'config SET updated=NOW(), value=' . $value . ' WHERE namespace="core" AND `key`=' . db_input($key);
if (!db_query($sql, false)) {
$this->errors['err'] = 'Unable to create config settings (#7)';
}
}
foreach ($streams as $stream => $signature) {
if ($stream != 'core') {
$sql = 'INSERT INTO ' . PREFIX . 'config (`namespace`, `key`, `value`, `updated`) ' . 'VALUES (' . db_input($stream) . ', ' . db_input('schema_signature') . ', ' . db_input($signature) . ', NOW())';
if (!db_query($sql, false)) {
$this->errors['err'] = 'Unable to create config settings (#7)';
}
}
}
}
if ($this->errors) {
return false;
}
//Abort on internal errors.
//Rewrite the config file - MUST be done last to allow for installer recovery.
$configFile = str_replace("define('OSTINSTALLED',FALSE);", "define('OSTINSTALLED',TRUE);", $configFile);
$configFile = str_replace('%ADMIN-EMAIL', $vars['admin_email'], $configFile);
$configFile = str_replace('%CONFIG-DBHOST', $vars['dbhost'], $configFile);
$configFile = str_replace('%CONFIG-DBNAME', $vars['dbname'], $configFile);
$configFile = str_replace('%CONFIG-DBUSER', $vars['dbuser'], $configFile);
$configFile = str_replace('%CONFIG-DBPASS', $vars['dbpass'], $configFile);
$configFile = str_replace('%CONFIG-PREFIX', $vars['prefix'], $configFile);
$configFile = str_replace('%CONFIG-SIRI', Misc::randCode(32), $configFile);
if (!$fp || !ftruncate($fp, 0) || !fwrite($fp, $configFile)) {
$this->errors['err'] = 'Unable to write to config file. Permission denied! (#5)';
return false;
}
@fclose($fp);
/************* Make the system happy ***********************/
$sql = 'UPDATE ' . PREFIX . "email SET dept_id={$dept_id_1}";
db_query($sql, false);
$sql = 'UPDATE ' . PREFIX . "department SET email_id={$support_email_id}" . ", autoresp_email_id={$support_email_id}";
db_query($sql, false);
//Create a ticket to make the system warm and happy.
$sql = 'INSERT INTO ' . PREFIX . 'ticket SET created=NOW(), status="open", source="Web" ' . " ,priority_id=0, dept_id={$dept_id_1}, topic_id=0 " . ' ,ticketID=' . db_input(Misc::randNumber(6)) . ' ,email="*****@*****.**" ' . ' ,name="osTicket Support" ' . ' ,subject="osTicket Installed!"';
if (db_query($sql, false) && ($tid = db_insert_id())) {
if (!($msg = file_get_contents(INC_DIR . 'msg/installed.txt'))) {
$msg = 'Congratulations and Thank you for choosing osTicket!';
}
$sql = 'INSERT INTO ' . PREFIX . 'ticket_thread SET created=NOW()' . ', source="Web" ' . ', thread_type="M" ' . ', ticket_id=' . db_input($tid) . ', title=' . db_input('osTicket Installed') . ', body=' . db_input($msg);
db_query($sql, false);
}
//TODO: create another personalized ticket and assign to admin??
//Log a message.
$msg = "Congratulations osTicket basic installation completed!\n\nThank you for choosing osTicket!";
$sql = 'INSERT INTO ' . PREFIX . 'syslog SET created=NOW(), updated=NOW(), log_type="Debug" ' . ', title="osTicket installed!"' . ', log=' . db_input($msg) . ', ip_address=' . db_input($_SERVER['REMOTE_ADDR']);
db_query($sql, false);
return true;
}
$f['dbpass'] = array('type' => 'string', 'required' => 1, 'error' => 'password required');
$f['prefix'] = array('type' => 'string', 'required' => 1, 'error' => 'Table prefix required');
$validate = new Validator($f);
if (!$validate->validate($_POST)) {
$errors = array_merge($errors, $validate->errors());
}
//Check table prefix underscore required at the end!
if ($_POST['prefix'] && substr($_POST['prefix'], -1) != '_') {
$errors['prefix'] = 'Bad prefix. Must have underscore (_) at the end. e.g \'ktk_\'';
}
//Connect to the DB
if (!$errors && !db_connect($_POST['dbhost'], $_POST['dbuser'], $_POST['dbpass'], $_POST['dbname'])) {
$errors['mysql'] = 'Unable to connect to MySQL server. Possibly invalid login info. <br />';
}
//check mysql version
if (!$errors && db_version() < '4.4') {
$errors['mysql'] = 'Katak Support requires MySQL 4.4 or better! Please upgrade';
}
//Check if it is an osTicket v1.6 ST database
if (!$errors) {
$sql = 'SHOW TABLES FROM ' . $_POST['dbname'];
if (db_query($sql) != '') {
$sql = 'SELECT ostversion FROM ' . $_POST['prefix'] . 'config';
$result = db_fetch_array(db_query($sql));
if (trim($result['ostversion']) != '1.6 ST') {
$errors['err'] = 'The database ' . $_POST['dbname'] . ' does not seem to be a osTicket 1.6 ST database!';
$errors['mysql'] = 'The database does not seem to be a osTicket 1.6 ST database!';
}
} else {
$errors['err'] = 'The database ' . $_POST['dbname'] . ' does not seem to be a osTicket 1.6 ST database!';
$errors['mysql'] = 'The database does not seem to be a osTicket 1.6 ST database!';
function install($vars)
{
$this->errors = $f = array();
$f['name'] = array('type' => 'string', 'required' => 1, 'error' => 'Name required');
$f['email'] = array('type' => 'email', 'required' => 1, 'error' => 'Valid email required');
$f['fname'] = array('type' => 'string', 'required' => 1, 'error' => 'First name required');
$f['lname'] = array('type' => 'string', 'required' => 1, 'error' => 'Last name required');
$f['admin_email'] = array('type' => 'email', 'required' => 1, 'error' => 'Valid email required');
$f['username'] = array('type' => 'username', 'required' => 1, 'error' => 'Username required');
$f['passwd'] = array('type' => 'password', 'required' => 1, 'error' => 'Password required');
$f['passwd2'] = array('type' => 'string', 'required' => 1, 'error' => 'Confirm password');
$f['prefix'] = array('type' => 'string', 'required' => 1, 'error' => 'Table prefix required');
$f['dbhost'] = array('type' => 'string', 'required' => 1, 'error' => 'Hostname required');
$f['dbname'] = array('type' => 'string', 'required' => 1, 'error' => 'Database name required');
$f['dbuser'] = array('type' => 'string', 'required' => 1, 'error' => 'Username required');
$f['dbpass'] = array('type' => 'string', 'required' => 1, 'error' => 'password required');
if (!Validator::process($f, $vars, $this->errors) && !$this->errors['err']) {
$this->errors['err'] = 'Missing or invalid data - correct the errors and try again.';
}
//Staff's email can't be same as system emails.
if ($vars['admin_email'] && $vars['email'] && !strcasecmp($vars['admin_email'], $vars['email'])) {
$this->errors['admin_email'] = 'Conflicts with system email above';
}
//Admin's pass confirmation.
if (!$this->errors && strcasecmp($vars['passwd'], $vars['passwd2'])) {
$this->errors['passwd2'] = 'passwords to not match!';
}
//Check table prefix underscore required at the end!
if ($vars['prefix'] && substr($vars['prefix'], -1) != '_') {
$this->errors['prefix'] = 'Bad prefix. Must have underscore (_) at the end. e.g \'ost_\'';
}
//Make sure admin username is not very predictable. XXX: feels dirty but necessary
if (!$this->errors['username'] && in_array(strtolower($vars['username']), array('admin', 'admins', 'username', 'osticket'))) {
$this->errors['username'] = '******';
}
//MYSQL: Connect to the DB and check the version & database (create database if it doesn't exist!)
if (!$this->errors) {
if (!db_connect($vars['dbhost'], $vars['dbuser'], $vars['dbpass'])) {
$this->errors['db'] = 'Unable to connect to MySQL server. Possibly invalid login info.';
} elseif (db_version() < $this->getMySQLVersion()) {
$this->errors['db'] = sprintf('osTicket requires MySQL %s or better!', $this->getMySQLVersion());
} elseif (!db_select_database($vars['dbname']) && !db_create_database($vars['dbname'])) {
$this->errors['dbname'] = 'Database doesn\'t exist';
$this->errors['db'] = 'Unable to create the database.';
} elseif (!db_select_database($vars['dbname'])) {
$this->errors['dbname'] = 'Unable to select the database';
}
}
//bailout on errors.
if ($this->errors) {
return false;
}
/*************** We're ready to install ************************/
define('ADMIN_EMAIL', $vars['admin_email']);
//Needed to report SQL errors during install.
define('PREFIX', $vars['prefix']);
//Table prefix
$schemaFile = INC_DIR . 'sql/osTicket-mysql.sql';
//DB dump.
$debug = true;
//XXX:Change it to true to show SQL errors.
//Last minute checks.
if (!file_exists($schemaFile)) {
$this->errors['err'] = 'Internal Error - please make sure your download is the latest (#1)';
} elseif (!($signature = trim(file_get_contents("{$schemaFile}.md5"))) || strcasecmp($signature, md5_file($schemaFile))) {
$this->errors['err'] = 'Unknown or invalid schema signature (' . $signature . ' .. ' . md5_file($schemaFile) . ')';
} elseif (!file_exists($this->getConfigFile()) || !($configFile = file_get_contents($this->getConfigFile()))) {
$this->errors['err'] = 'Unable to read config file. Permission denied! (#2)';
} elseif (!($fp = @fopen($this->getConfigFile(), 'r+'))) {
$this->errors['err'] = 'Unable to open config file for writing. Permission denied! (#3)';
} elseif (!$this->load_sql_file($schemaFile, $vars['prefix'], true, $debug)) {
$this->errors['err'] = 'Error parsing SQL schema! Get help from developers (#4)';
}
if (!$this->errors) {
//Create admin user.
$sql = 'INSERT INTO ' . PREFIX . 'staff SET created=NOW() ' . ', isactive=1, isadmin=1, group_id=1, dept_id=1, timezone_id=8, max_page_size=25 ' . ', email=' . db_input($_POST['admin_email']) . ', firstname=' . db_input($vars['fname']) . ', lastname=' . db_input($vars['lname']) . ', username='******'username']) . ', passwd=' . db_input(Passwd::hash($vars['passwd']));
if (!mysql_query($sql) || !($uid = mysql_insert_id())) {
$this->errors['err'] = 'Unable to create admin user (#6)';
}
}
if (!$this->errors) {
//Create config settings---default settings!
//XXX: rename ostversion helpdesk_* ??
$sql = 'INSERT INTO ' . PREFIX . 'config SET updated=NOW(), isonline=0 ' . ', default_email_id=1, alert_email_id=2, default_dept_id=1 ' . ', default_sla_id=1, default_timezone_id=8, default_template_id=1 ' . ', admin_email=' . db_input($vars['admin_email']) . ', schema_signature=' . db_input($signature) . ', helpdesk_url=' . db_input(URL) . ', helpdesk_title=' . db_input($vars['name']);
if (!mysql_query($sql) || !($cid = mysql_insert_id())) {
$this->errors['err'] = 'Unable to create config settings (#7)';
}
}
if ($this->errors) {
return false;
}
//Abort on internal errors.
//Rewrite the config file - MUST be done last to allow for installer recovery.
$configFile = str_replace("define('OSTINSTALLED',FALSE);", "define('OSTINSTALLED',TRUE);", $configFile);
$configFile = str_replace('%ADMIN-EMAIL', $vars['admin_email'], $configFile);
$configFile = str_replace('%CONFIG-DBHOST', $vars['dbhost'], $configFile);
$configFile = str_replace('%CONFIG-DBNAME', $vars['dbname'], $configFile);
$configFile = str_replace('%CONFIG-DBUSER', $vars['dbuser'], $configFile);
$configFile = str_replace('%CONFIG-DBPASS', $vars['dbpass'], $configFile);
$configFile = str_replace('%CONFIG-PREFIX', $vars['prefix'], $configFile);
$configFile = str_replace('%CONFIG-SIRI', Misc::randcode(32), $configFile);
if (!$fp || !ftruncate($fp, 0) || !fwrite($fp, $configFile)) {
$this->errors['err'] = 'Unable to write to config file. Permission denied! (#5)';
return false;
}
@fclose($fp);
/************* Make the system happy ***********************/
//Create default emails!
$email = $vars['email'];
list(, $domain) = explode('@', $vars['email']);
$sql = 'INSERT INTO ' . PREFIX . 'email (`email_id`, `dept_id`, `name`,`email`,`created`,`updated`) VALUES ' . " (1,1,'Support','{$email}',NOW(),NOW())" . ",(2,1,'osTicket Alerts','alerts@{$domain}',NOW(),NOW())" . ",(3,1,'','noreply@{$domain}',NOW(),NOW())";
@mysql_query($sql);
//Create a ticket to make the system warm and happy.
$sql = 'INSERT INTO ' . PREFIX . 'ticket SET created=NOW(), status="open", source="Web" ' . ' ,priority_id=2, dept_id=1, topic_id=1 ' . ' ,ticketID=' . db_input(Misc::randNumber(6)) . ' ,email="*****@*****.**" ' . ' ,name="osTicket Support" ' . ' ,subject="osTicket Installed!"';
if (mysql_query($sql) && ($tid = mysql_insert_id())) {
if (!($msg = file_get_contents(INC_DIR . 'msg/installed.txt'))) {
$msg = 'Congratulations and Thank you for choosing osTicket!';
}
$sql = 'INSERT INTO ' . PREFIX . 'ticket_thread SET created=NOW()' . ', source="Web" ' . ', thread_type="M" ' . ', ticket_id=' . db_input($tid) . ', title=' . db_input('osTicket Installed') . ', body=' . db_input($msg);
@mysql_query($sql);
}
//TODO: create another personalized ticket and assign to admin??
//Log a message.
$msg = "Congratulations osTicket basic installation completed!\n\nThank you for choosing osTicket!";
$sql = 'INSERT INTO ' . PREFIX . 'syslog SET created=NOW(), updated=NOW(), log_type="Debug" ' . ', title="osTicket installed!"' . ', log=' . db_input($msg) . ', ip_address=' . db_input($_SERVER['REMOTE_ADDR']);
@mysql_query($sql);
return true;
}
$show_create = "SHOW CREATE TABLE `" . mysql_escape_string($table) . "`";
}
if ($table == '') {
$table = 'q';
$force_names = true;
}
if ($query == '') {
$query = "SELECT * FROM `" . mysql_escape_string($db) . "`.`" . mysql_escape_string($table) . "`";
} else {
$out_query = $query;
}
$filename = read_var_get_or_post('filename', $db . '_' . $table . "_" . date("YmdHi") . '.xml');
header("Content-type: text/xml; charset=utf-8");
header("Content-Disposition: attachment; filename=" . $filename);
print '<?xml version="1.0" encoding="UTF-8" ?>' . "\n";
print "<table_dump version='1.1' software='mysql' software_version='" . htmlspecialchars(db_version(), ENT_QUOTES) . "'>\n";
print "<definition name='" . htmlspecialchars($table, ENT_QUOTES) . "'>\n";
if (isset($show_create)) {
output_create($show_create);
}
if (isset($show_columns)) {
output_columns($show_columns);
}
if (isset($show_indexes)) {
output_indexes($show_indexes);
}
if (isset($out_query)) {
output_query($out_query);
}
print "</definition>\n";
print "<rows name='" . htmlspecialchars($table, ENT_QUOTES) . "'>\n";
