function createUpgradedTicket()
{
global $cfg;
//Create a ticket to make the system warm and happy.
$dept_id = $cfg->getDefaultDeptId();
$prio_id = $cfg->getDefaultPriorityId();
$sql = 'INSERT INTO ' . TICKET_TABLE . ' SET created=NOW(), status="open", source="Web" ' . " ,priority_id={$prio_id}, dept_id={$dept_id}, topic_id=0 " . ' ,ticketID=' . db_input(Misc::randNumber(6)) . ' ,email="*****@*****.**" ' . ' ,name="osTicket Support" ' . ' ,subject="osTicket Upgraded!"';
if (db_query($sql, false) && ($tid = db_insert_id())) {
if (!($msg = file_get_contents(UPGRADE_DIR . 'msg/upgraded.txt'))) {
$msg = 'Congratulations and Thank you for choosing osTicket!';
}
$sql = 'INSERT INTO ' . TICKET_THREAD_TABLE . ' SET created=NOW()' . ', source="Web" ' . ', thread_type="M" ' . ', ticket_id=' . db_input($tid) . ', title=' . db_input('osTicket Upgraded') . ', body=' . db_input($msg);
db_query($sql, false);
}
}
function __next($digits = 6)
{
if ($digits < 6) {
$digits = 6;
}
return Misc::randNumber($digits);
}
db_query($sql);
}
//Update
$sql = 'UPDATE ' . PREFIX . 'email_template SET updated=NOW() ' . ',ticket_notice_subj = "[#%ticket] %subject"' . ',ticket_notice_body = "%name,\\r\\n\\r\\nOur customer care team personnel has created a ticket #%ticket on your behalf, with the following message;\\r\\n\\r\\n%message\\r\\n\\r\\nIf you wish to provide additional comments or information regarding this issue, please don\'t open a new ticket. You can update or view this ticket\'s progress online here: %url/view.php?e=%email&t=%ticket.\\r\\n\\r\\n%signature"';
db_query($sql);
}
}
}
if (!$errors) {
//upgrade went smooth!
//Log a message.
$log = sprintf("Congratulations osTicket upgraded to version %s by %s \n\nThank you for choosing osTicket!", VERSION, $thisuser->getName());
$sql = 'INSERT INTO ' . PREFIX . 'syslog SET created=NOW(),updated=NOW() ' . ',title="osTicket upgraded!",log_type="Debug" ' . ',log=' . db_input($log) . ',ip_address=' . db_input($_SERVER['REMOTE_ADDR']);
mysql_query($sql);
//Create a ticket
$sql = 'INSERT INTO ' . PREFIX . 'ticket SET created=NOW(),ticketID=' . db_input(Misc::randNumber(6)) . ',dept_id=' . db_input($deptId ? $deptId : $cfg->getDefaultDeptId()) . ",priority_id=2,email='*****@*****.**',name='osTicket Support' " . ",subject='osTicket Upgraded!',helptopic='osTicket Support',status='open',source='Web'";
if (db_query($sql) && ($id = db_insert_id())) {
$sql = 'INSERT INTO ' . PREFIX . 'ticket_message SET created=NOW(), updated=NOW(), source="Web" ' . ',ticket_id=' . db_input($id) . ',message=' . db_input(OSTICKET_UPGRADED);
db_query($sql);
}
//Report the good news.
$inc = 'upgradedone.inc.php';
$msg = 'osTicket upgraded to version ' . VERSION;
} else {
//errors....aborting.
$inc = 'abortedupgrade.inc.php';
$errors['err'] = $errors['err'] ? $errors['err'] : 'Yikes! upgrade error(s) occured';
$_SESSION['abort'] = true;
}
}
$title = sprintf('osTicket upgrade wizard v %s', '1.6 ST (stable)');
function genExtRandID()
{
global $cfg;
//We can allow collissions...extId and email must be unique ...so same id with diff emails is ok..
// But for clarity...we are going to make sure it is unique.
$id = Misc::randNumber(EXT_TICKET_ID_LEN);
if (db_num_rows(db_query('SELECT ticket_id FROM ' . TICKET_TABLE . ' WHERE ticketID=' . db_input($id)))) {
return Ticket::genExtRandID();
}
return $id;
}
mysql_query($sql);
//3 - noreply email
$sql='INSERT INTO '.PREFIX.'email SET created=NOW(),updated=NOW(),priority_id=1,dept_id=1'.
',name='.db_input('').',email='.db_input('noreply@'.$domain);
mysql_query($sql);
//config info
$sql='INSERT INTO '.PREFIX.'config SET updated=NOW() '.
',isonline=0,default_email_id=1,alert_email_id=2,default_dept_id=1,default_template_id=1'.
',timezone_offset='.db_input($tzoffset).
',ostversion='.db_input(VERSION).
',admin_email='.db_input($_POST['email']).
',helpdesk_url='.db_input(URL).
',helpdesk_title='.db_input($_POST['title']);
mysql_query($sql);
//Create a ticket to make the system warm and happy.
$sql='INSERT INTO '.PREFIX.'ticket SET created=NOW(),ticketID='.db_input(Misc::randNumber(6)).
",priority_id=2,dept_id=1,email='*****@*****.**',name='osTicket Support' ".
",subject='osTicket Installed!',helptopic='Commercial support',status='open',source='Web'";
if(db_query($sql) && ($id=db_insert_id())){
db_query('INSERT INTO '.PREFIX."ticket_message VALUES (1,$id,NULL,".db_input(OSTICKET_INSTALLED).",NULL,'Web','',NOW(),NULL)");
}
//Log a message.
$sql='INSERT INTO '.PREFIX.'syslog SET created=NOW(),updated=NOW() '.
',title="osTicket installed!",log_type="Debug" '.
',log='.db_input("Congratulations osTicket basic installation completed!\n\nThank you for choosing osTicket!").
',ip_address='.db_input($_SERVER['REMOTE_ADDR']);
mysql_query($sql);
$msg='Congratulations osTicket basic installation completed!';
$inc='done.inc.php';
}else{
$errors['err']='Unable to write to config file!';
$configfile = str_replace('%CONFIG-DBPASS', $_POST['dbpass'], $configfile);
$configfile = str_replace('%CONFIG-PREFIX', $_POST['prefix'], $configfile);
if (ftruncate($fp, 0) && fwrite($fp, $configfile)) {
$tzoffset = date("Z") / 3600;
//Server's offset.
list($uname, $domain) = explode('@', $_POST['sysemail']);
//Create admin user. Dummy last name.
$sql = 'INSERT INTO ' . PREFIX . 'staff SET created=NOW(), isadmin=1,change_passwd=0,group_id=1,dept_id=1 ' . ',email=' . db_input($_POST['email']) . ',lastname=' . db_input('Admin') . ',username='******'username']) . ',passwd=' . db_input(MD5($_POST['password'])) . ',timezone_offset=' . db_input($tzoffset);
db_query($sql);
//Add support email.
db_query('INSERT INTO ' . PREFIX . 'email VALUES (1,0,2,1,' . db_input($_POST['sysemail']) . ',"",NOW(),NOW())');
//Update config info
$sql = 'UPDATE ' . PREFIX . 'config SET default_email=1,default_dept=1,timezone_offset=' . db_input($tzoffset) . ',ostversion=' . db_input(VERSION) . ',admin_email=' . db_input($_POST['email']) . ',alert_email=' . db_input('alerts@' . $domain) . ',noreply_email=' . db_input('noreply@' . $domain) . ',helpdesk_url=' . db_input($_POST['url']) . ',helpdesk_title=' . db_input($_POST['title']);
db_query($sql);
//Create a ticket to make the system warm and happy.
$tid = Misc::randNumber(6);
$sql = 'INSERT INTO ' . PREFIX . 'ticket SET created=NOW(),ticketID=' . db_input($tid) . ",priority_id=2,dept_id=1,email='*****@*****.**',name='osTicket Support' " . ",subject='osTicket Installed!',status='open',source='Web'";
if (db_query($sql) && ($id = db_insert_id())) {
$intro = "\nThank you for choosing osTicket.\n\n Make sure you join osTicket forums http://osticket.com/forums to stay upto date on the latest news, security alerts and updates. osTicket forums is also a great place to get assistance, guidance and help. In addition to the forums, osTicket wiki provides useful collection of educational materials, documentation, and notes from the community.\n\n If you are looking for greater level of support, we provide professional services and custom commercial support with guaranteed response times and access to the core development team. We can also customize the system to meet your unique needs.\n\n For more information or to discuss your needs, please contact us today. Any feedback will be appreciated!\n \nosTicket Team";
db_query('INSERT INTO ' . PREFIX . "ticket_message VALUES (1,{$id}," . db_input($intro) . ",NULL,'Web','',NOW(),NULL)");
}
$msg = 'Congratulations osTicket basic installation completed!';
$inc = 'done.inc.php';
} else {
$errors['err'] = 'Unable to write to config file!';
}
}
@fclose($fp);
} else {
$errors['err'] = $errors['err'] ? $errors['err'] : 'Error(s) occured. Please correct them and try again';
}
function genRandTicketNumber($len = EXT_TICKET_ID_LEN)
{
//We can allow collissions...number and email must be unique ...so
// same number with diff emails is ok.. But for clarity...we are going to make sure it is unique.
$number = Misc::randNumber($len);
if (db_num_rows(db_query('SELECT ticket_id FROM ' . TICKET_TABLE . '
WHERE `number`=' . db_input($number)))) {
return Ticket::genRandTicketNumber($len);
}
return $number;
}
function install($vars)
{
$this->errors = $f = array();
$f['name'] = array('type' => 'string', 'required' => 1, 'error' => 'Name required');
$f['email'] = array('type' => 'email', 'required' => 1, 'error' => 'Valid email required');
$f['fname'] = array('type' => 'string', 'required' => 1, 'error' => 'First name required');
$f['lname'] = array('type' => 'string', 'required' => 1, 'error' => 'Last name required');
$f['admin_email'] = array('type' => 'email', 'required' => 1, 'error' => 'Valid email required');
$f['username'] = array('type' => 'username', 'required' => 1, 'error' => 'Username required');
$f['passwd'] = array('type' => 'password', 'required' => 1, 'error' => 'Password required');
$f['passwd2'] = array('type' => 'string', 'required' => 1, 'error' => 'Confirm password');
$f['prefix'] = array('type' => 'string', 'required' => 1, 'error' => 'Table prefix required');
$f['dbhost'] = array('type' => 'string', 'required' => 1, 'error' => 'Hostname required');
$f['dbname'] = array('type' => 'string', 'required' => 1, 'error' => 'Database name required');
$f['dbuser'] = array('type' => 'string', 'required' => 1, 'error' => 'Username required');
$f['dbpass'] = array('type' => 'string', 'required' => 1, 'error' => 'password required');
if (!Validator::process($f, $vars, $this->errors) && !$this->errors['err']) {
$this->errors['err'] = 'Missing or invalid data - correct the errors and try again.';
}
//Staff's email can't be same as system emails.
if ($vars['admin_email'] && $vars['email'] && !strcasecmp($vars['admin_email'], $vars['email'])) {
$this->errors['admin_email'] = 'Conflicts with system email above';
}
//Admin's pass confirmation.
if (!$this->errors && strcasecmp($vars['passwd'], $vars['passwd2'])) {
$this->errors['passwd2'] = 'passwords to not match!';
}
//Check table prefix underscore required at the end!
if ($vars['prefix'] && substr($vars['prefix'], -1) != '_') {
$this->errors['prefix'] = 'Bad prefix. Must have underscore (_) at the end. e.g \'ost_\'';
}
//Make sure admin username is not very predictable. XXX: feels dirty but necessary
if (!$this->errors['username'] && in_array(strtolower($vars['username']), array('admin', 'admins', 'username', 'osticket'))) {
$this->errors['username'] = '******';
}
// Support port number specified in the hostname with a colon (:)
list($host, $port) = explode(':', $vars['dbhost']);
if ($port && is_numeric($port) && ($port < 1 || $port > 65535)) {
$this->errors['db'] = 'Invalid database port number';
}
//MYSQL: Connect to the DB and check the version & database (create database if it doesn't exist!)
if (!$this->errors) {
if (!db_connect($vars['dbhost'], $vars['dbuser'], $vars['dbpass'])) {
$this->errors['db'] = 'Unable to connect to MySQL server. ' . db_connect_error();
} elseif (explode('.', db_version()) < explode('.', $this->getMySQLVersion())) {
$this->errors['db'] = sprintf('osTicket requires MySQL %s or better!', $this->getMySQLVersion());
} elseif (!db_select_database($vars['dbname']) && !db_create_database($vars['dbname'])) {
$this->errors['dbname'] = 'Database doesn\'t exist';
$this->errors['db'] = 'Unable to create the database.';
} elseif (!db_select_database($vars['dbname'])) {
$this->errors['dbname'] = 'Unable to select the database';
} else {
//Abort if we have another installation (or table) with same prefix.
$sql = 'SELECT * FROM `' . $vars['prefix'] . 'config` LIMIT 1';
if (db_query($sql, false)) {
$this->errors['err'] = 'We have a problem - another installation with same table prefix exists!';
$this->errors['prefix'] = 'Prefix already in-use';
} else {
//Try changing charset and collation of the DB - no bigie if we fail.
db_query('ALTER DATABASE ' . $vars['dbname'] . ' DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci', false);
}
}
}
//bailout on errors.
if ($this->errors) {
return false;
}
/*************** We're ready to install ************************/
define('ADMIN_EMAIL', $vars['admin_email']);
//Needed to report SQL errors during install.
define('PREFIX', $vars['prefix']);
//Table prefix
$debug = true;
// Change it to false to squelch SQL errors.
//Last minute checks.
if (!file_exists($this->getConfigFile()) || !($configFile = file_get_contents($this->getConfigFile()))) {
$this->errors['err'] = 'Unable to read config file. Permission denied! (#2)';
} elseif (!($fp = @fopen($this->getConfigFile(), 'r+'))) {
$this->errors['err'] = 'Unable to open config file for writing. Permission denied! (#3)';
} else {
$streams = DatabaseMigrater::getUpgradeStreams(INCLUDE_DIR . 'upgrader/streams/');
foreach ($streams as $stream => $signature) {
$schemaFile = INC_DIR . "streams/{$stream}/install-mysql.sql";
if (!file_exists($schemaFile) || !($fp2 = fopen($schemaFile, 'rb'))) {
$this->errors['err'] = $stream . ': Internal Error - please make sure your download is the latest (#1)';
} elseif (!($hash = md5(fread($fp2, filesize($schemaFile)))) || strcasecmp($signature, $hash)) {
$this->errors['err'] = $stream . ': Unknown or invalid schema signature (' . $signature . ' .. ' . $hash . ')';
} elseif (!$this->load_sql_file($schemaFile, $vars['prefix'], true, $debug)) {
$this->errors['err'] = $stream . ': Error parsing SQL schema! Get help from developers (#4)';
}
}
}
$sql = 'SELECT `id` FROM ' . PREFIX . 'sla ORDER BY `id` LIMIT 1';
$sla_id_1 = db_result(db_query($sql, false), 0);
$sql = 'SELECT `dept_id` FROM ' . PREFIX . 'department ORDER BY `dept_id` LIMIT 1';
$dept_id_1 = db_result(db_query($sql, false), 0);
$sql = 'SELECT `tpl_id` FROM ' . PREFIX . 'email_template_group ORDER BY `tpl_id` LIMIT 1';
$template_id_1 = db_result(db_query($sql, false), 0);
$sql = 'SELECT `group_id` FROM ' . PREFIX . 'groups ORDER BY `group_id` LIMIT 1';
$group_id_1 = db_result(db_query($sql, false), 0);
$sql = 'SELECT `id` FROM ' . PREFIX . 'timezone WHERE offset=-5.0 LIMIT 1';
$eastern_timezone = db_result(db_query($sql, false), 0);
if (!$this->errors) {
//Create admin user.
$sql = 'INSERT INTO ' . PREFIX . 'staff SET created=NOW() ' . ", isactive=1, isadmin=1, group_id={$group_id_1}, dept_id={$dept_id_1}" . ", timezone_id={$eastern_timezone}, max_page_size=25" . ', email=' . db_input($vars['admin_email']) . ', firstname=' . db_input($vars['fname']) . ', lastname=' . db_input($vars['lname']) . ', username='******'username']) . ', passwd=' . db_input(Passwd::hash($vars['passwd']));
if (!db_query($sql, false) || !($uid = db_insert_id())) {
$this->errors['err'] = 'Unable to create admin user (#6)';
}
}
if (!$this->errors) {
//Create default emails!
$email = $vars['email'];
list(, $domain) = explode('@', $vars['email']);
$sql = 'INSERT INTO ' . PREFIX . 'email (`name`,`email`,`created`,`updated`) VALUES ' . " ('Support','{$email}',NOW(),NOW())" . ",('osTicket Alerts','alerts@{$domain}',NOW(),NOW())" . ",('','noreply@{$domain}',NOW(),NOW())";
$support_email_id = db_query($sql, false) ? db_insert_id() : 0;
$sql = 'SELECT `email_id` FROM ' . PREFIX . "email WHERE `email`='alerts@{$domain}' LIMIT 1";
$alert_email_id = db_result(db_query($sql, false), 0);
//Create config settings---default settings!
//XXX: rename ostversion helpdesk_* ??
// XXX: Some of this can go to the core install file
$defaults = array('isonline' => '0', 'default_email_id' => $support_email_id, 'alert_email_id' => $alert_email_id, 'default_dept_id' => $dept_id_1, 'default_sla_id' => $sla_id_1, 'default_timezone_id' => $eastern_timezone, 'default_template_id' => $template_id_1, 'admin_email' => db_input($vars['admin_email']), 'schema_signature' => db_input($streams['core']), 'helpdesk_url' => db_input(URL), 'helpdesk_title' => db_input($vars['name']));
foreach ($defaults as $key => $value) {
$sql = 'UPDATE ' . PREFIX . 'config SET updated=NOW(), value=' . $value . ' WHERE namespace="core" AND `key`=' . db_input($key);
if (!db_query($sql, false)) {
$this->errors['err'] = 'Unable to create config settings (#7)';
}
}
foreach ($streams as $stream => $signature) {
if ($stream != 'core') {
$sql = 'INSERT INTO ' . PREFIX . 'config (`namespace`, `key`, `value`, `updated`) ' . 'VALUES (' . db_input($stream) . ', ' . db_input('schema_signature') . ', ' . db_input($signature) . ', NOW())';
if (!db_query($sql, false)) {
$this->errors['err'] = 'Unable to create config settings (#7)';
}
}
}
}
if ($this->errors) {
return false;
}
//Abort on internal errors.
//Rewrite the config file - MUST be done last to allow for installer recovery.
$configFile = str_replace("define('OSTINSTALLED',FALSE);", "define('OSTINSTALLED',TRUE);", $configFile);
$configFile = str_replace('%ADMIN-EMAIL', $vars['admin_email'], $configFile);
$configFile = str_replace('%CONFIG-DBHOST', $vars['dbhost'], $configFile);
$configFile = str_replace('%CONFIG-DBNAME', $vars['dbname'], $configFile);
$configFile = str_replace('%CONFIG-DBUSER', $vars['dbuser'], $configFile);
$configFile = str_replace('%CONFIG-DBPASS', $vars['dbpass'], $configFile);
$configFile = str_replace('%CONFIG-PREFIX', $vars['prefix'], $configFile);
$configFile = str_replace('%CONFIG-SIRI', Misc::randCode(32), $configFile);
if (!$fp || !ftruncate($fp, 0) || !fwrite($fp, $configFile)) {
$this->errors['err'] = 'Unable to write to config file. Permission denied! (#5)';
return false;
}
@fclose($fp);
/************* Make the system happy ***********************/
$sql = 'UPDATE ' . PREFIX . "email SET dept_id={$dept_id_1}";
db_query($sql, false);
$sql = 'UPDATE ' . PREFIX . "department SET email_id={$support_email_id}" . ", autoresp_email_id={$support_email_id}";
db_query($sql, false);
//Create a ticket to make the system warm and happy.
$sql = 'INSERT INTO ' . PREFIX . 'ticket SET created=NOW(), status="open", source="Web" ' . " ,priority_id=0, dept_id={$dept_id_1}, topic_id=0 " . ' ,ticketID=' . db_input(Misc::randNumber(6)) . ' ,email="*****@*****.**" ' . ' ,name="osTicket Support" ' . ' ,subject="osTicket Installed!"';
if (db_query($sql, false) && ($tid = db_insert_id())) {
if (!($msg = file_get_contents(INC_DIR . 'msg/installed.txt'))) {
$msg = 'Congratulations and Thank you for choosing osTicket!';
}
$sql = 'INSERT INTO ' . PREFIX . 'ticket_thread SET created=NOW()' . ', source="Web" ' . ', thread_type="M" ' . ', ticket_id=' . db_input($tid) . ', title=' . db_input('osTicket Installed') . ', body=' . db_input($msg);
db_query($sql, false);
}
//TODO: create another personalized ticket and assign to admin??
//Log a message.
$msg = "Congratulations osTicket basic installation completed!\n\nThank you for choosing osTicket!";
$sql = 'INSERT INTO ' . PREFIX . 'syslog SET created=NOW(), updated=NOW(), log_type="Debug" ' . ', title="osTicket installed!"' . ', log=' . db_input($msg) . ', ip_address=' . db_input($_SERVER['REMOTE_ADDR']);
db_query($sql, false);
return true;
}
//Add emails - hopefully the domain is actually valid
list($uname, $domain) = explode('@', $_POST['sysemail']);
//1 - main support email
$sql = 'INSERT INTO ' . PREFIX . 'email SET created=NOW(),updated=NOW(),priority_id=2,dept_id=1' . ',name=' . db_input('Katak-support') . ',email=' . db_input($_POST['sysemail']);
db_query($sql);
//2 - alert email
$sql = 'INSERT INTO ' . PREFIX . 'email SET created=NOW(),updated=NOW(),priority_id=1,dept_id=1' . ',name=' . db_input('Katak-support Alerts') . ',email=' . db_input('alerts@' . $domain);
db_query($sql);
//3 - noreply email
$sql = 'INSERT INTO ' . PREFIX . 'email SET created=NOW(),updated=NOW(),priority_id=1,dept_id=1' . ',name=' . db_input('') . ',email=' . db_input('noreply@' . $domain);
db_query($sql);
//config info
$sql = 'INSERT INTO ' . PREFIX . 'config SET updated=NOW() ' . ',isonline=0,default_email_id=1,alert_email_id=2,default_dept_id=1,default_template_id=1' . ',staff_language=' . db_input($_POST['language']) . ',user_language=' . db_input($_POST['language']) . ',timezone_offset=' . db_input($tzoffset) . ',ktsversion=' . db_input(VERSION) . ',helpdesk_url=' . db_input(URL) . ',helpdesk_title=' . db_input($_POST['title']);
db_query($sql);
//Create a first ticket as welcome and example.
$sql = 'INSERT INTO ' . PREFIX . 'ticket SET created=NOW(),ticketID=' . db_input(Misc::randNumber(6)) . ',priority_id=2,topic_id=1,dept_id=1,email="' . $_POST['sysemail'] . '",name="Katak-support" ' . ',subject="Katak-support installed!",status="open",source="Web"';
if (db_query($sql) && ($id = db_insert_id())) {
db_query('INSERT INTO ' . PREFIX . 'ticket_message SET ticket_id=1,msg_type="F",message="' . db_input(KATAK_INSTALLED) . '",source="web",created=NOW()');
}
//Log a message.
$sql = 'INSERT INTO ' . PREFIX . 'syslog SET created=NOW() ' . ',title="Katak-support installed",log_type="Debug" ' . ',log=' . db_input("Katak-support " . VERSION . " basic installation completed\n\nThank you for choosing Katak-support!") . ',ip_address=' . db_input($_SERVER['REMOTE_ADDR']);
db_query($sql);
$msg = 'Congratulations: Katak-support basic installation completed!';
$inc = 'done.inc.php';
} else {
$errors['err'] = 'Unable to write to config file!';
}
}
@fclose($fp);
} else {
$errors['err'] = $errors['err'] ? $errors['err'] : 'Error(s) occured. Please correct them and try again';
function install($vars)
{
$this->errors = $f = array();
$f['name'] = array('type' => 'string', 'required' => 1, 'error' => 'Name required');
$f['email'] = array('type' => 'email', 'required' => 1, 'error' => 'Valid email required');
$f['fname'] = array('type' => 'string', 'required' => 1, 'error' => 'First name required');
$f['lname'] = array('type' => 'string', 'required' => 1, 'error' => 'Last name required');
$f['admin_email'] = array('type' => 'email', 'required' => 1, 'error' => 'Valid email required');
$f['username'] = array('type' => 'username', 'required' => 1, 'error' => 'Username required');
$f['passwd'] = array('type' => 'password', 'required' => 1, 'error' => 'Password required');
$f['passwd2'] = array('type' => 'string', 'required' => 1, 'error' => 'Confirm password');
$f['prefix'] = array('type' => 'string', 'required' => 1, 'error' => 'Table prefix required');
$f['dbhost'] = array('type' => 'string', 'required' => 1, 'error' => 'Hostname required');
$f['dbname'] = array('type' => 'string', 'required' => 1, 'error' => 'Database name required');
$f['dbuser'] = array('type' => 'string', 'required' => 1, 'error' => 'Username required');
$f['dbpass'] = array('type' => 'string', 'required' => 1, 'error' => 'password required');
if (!Validator::process($f, $vars, $this->errors) && !$this->errors['err']) {
$this->errors['err'] = 'Missing or invalid data - correct the errors and try again.';
}
//Staff's email can't be same as system emails.
if ($vars['admin_email'] && $vars['email'] && !strcasecmp($vars['admin_email'], $vars['email'])) {
$this->errors['admin_email'] = 'Conflicts with system email above';
}
//Admin's pass confirmation.
if (!$this->errors && strcasecmp($vars['passwd'], $vars['passwd2'])) {
$this->errors['passwd2'] = 'passwords to not match!';
}
//Check table prefix underscore required at the end!
if ($vars['prefix'] && substr($vars['prefix'], -1) != '_') {
$this->errors['prefix'] = 'Bad prefix. Must have underscore (_) at the end. e.g \'ost_\'';
}
//Make sure admin username is not very predictable. XXX: feels dirty but necessary
if (!$this->errors['username'] && in_array(strtolower($vars['username']), array('admin', 'admins', 'username', 'osticket'))) {
$this->errors['username'] = '******';
}
//MYSQL: Connect to the DB and check the version & database (create database if it doesn't exist!)
if (!$this->errors) {
if (!db_connect($vars['dbhost'], $vars['dbuser'], $vars['dbpass'])) {
$this->errors['db'] = 'Unable to connect to MySQL server. Possibly invalid login info.';
} elseif (db_version() < $this->getMySQLVersion()) {
$this->errors['db'] = sprintf('osTicket requires MySQL %s or better!', $this->getMySQLVersion());
} elseif (!db_select_database($vars['dbname']) && !db_create_database($vars['dbname'])) {
$this->errors['dbname'] = 'Database doesn\'t exist';
$this->errors['db'] = 'Unable to create the database.';
} elseif (!db_select_database($vars['dbname'])) {
$this->errors['dbname'] = 'Unable to select the database';
}
}
//bailout on errors.
if ($this->errors) {
return false;
}
/*************** We're ready to install ************************/
define('ADMIN_EMAIL', $vars['admin_email']);
//Needed to report SQL errors during install.
define('PREFIX', $vars['prefix']);
//Table prefix
$schemaFile = INC_DIR . 'sql/osTicket-mysql.sql';
//DB dump.
$debug = true;
//XXX:Change it to true to show SQL errors.
//Last minute checks.
if (!file_exists($schemaFile)) {
$this->errors['err'] = 'Internal Error - please make sure your download is the latest (#1)';
} elseif (!($signature = trim(file_get_contents("{$schemaFile}.md5"))) || strcasecmp($signature, md5_file($schemaFile))) {
$this->errors['err'] = 'Unknown or invalid schema signature (' . $signature . ' .. ' . md5_file($schemaFile) . ')';
} elseif (!file_exists($this->getConfigFile()) || !($configFile = file_get_contents($this->getConfigFile()))) {
$this->errors['err'] = 'Unable to read config file. Permission denied! (#2)';
} elseif (!($fp = @fopen($this->getConfigFile(), 'r+'))) {
$this->errors['err'] = 'Unable to open config file for writing. Permission denied! (#3)';
} elseif (!$this->load_sql_file($schemaFile, $vars['prefix'], true, $debug)) {
$this->errors['err'] = 'Error parsing SQL schema! Get help from developers (#4)';
}
if (!$this->errors) {
//Create admin user.
$sql = 'INSERT INTO ' . PREFIX . 'staff SET created=NOW() ' . ', isactive=1, isadmin=1, group_id=1, dept_id=1, timezone_id=8, max_page_size=25 ' . ', email=' . db_input($_POST['admin_email']) . ', firstname=' . db_input($vars['fname']) . ', lastname=' . db_input($vars['lname']) . ', username='******'username']) . ', passwd=' . db_input(Passwd::hash($vars['passwd']));
if (!mysql_query($sql) || !($uid = mysql_insert_id())) {
$this->errors['err'] = 'Unable to create admin user (#6)';
}
}
if (!$this->errors) {
//Create config settings---default settings!
//XXX: rename ostversion helpdesk_* ??
$sql = 'INSERT INTO ' . PREFIX . 'config SET updated=NOW(), isonline=0 ' . ', default_email_id=1, alert_email_id=2, default_dept_id=1 ' . ', default_sla_id=1, default_timezone_id=8, default_template_id=1 ' . ', admin_email=' . db_input($vars['admin_email']) . ', schema_signature=' . db_input($signature) . ', helpdesk_url=' . db_input(URL) . ', helpdesk_title=' . db_input($vars['name']);
if (!mysql_query($sql) || !($cid = mysql_insert_id())) {
$this->errors['err'] = 'Unable to create config settings (#7)';
}
}
if ($this->errors) {
return false;
}
//Abort on internal errors.
//Rewrite the config file - MUST be done last to allow for installer recovery.
$configFile = str_replace("define('OSTINSTALLED',FALSE);", "define('OSTINSTALLED',TRUE);", $configFile);
$configFile = str_replace('%ADMIN-EMAIL', $vars['admin_email'], $configFile);
$configFile = str_replace('%CONFIG-DBHOST', $vars['dbhost'], $configFile);
$configFile = str_replace('%CONFIG-DBNAME', $vars['dbname'], $configFile);
$configFile = str_replace('%CONFIG-DBUSER', $vars['dbuser'], $configFile);
$configFile = str_replace('%CONFIG-DBPASS', $vars['dbpass'], $configFile);
$configFile = str_replace('%CONFIG-PREFIX', $vars['prefix'], $configFile);
$configFile = str_replace('%CONFIG-SIRI', Misc::randcode(32), $configFile);
if (!$fp || !ftruncate($fp, 0) || !fwrite($fp, $configFile)) {
$this->errors['err'] = 'Unable to write to config file. Permission denied! (#5)';
return false;
}
@fclose($fp);
/************* Make the system happy ***********************/
//Create default emails!
$email = $vars['email'];
list(, $domain) = explode('@', $vars['email']);
$sql = 'INSERT INTO ' . PREFIX . 'email (`email_id`, `dept_id`, `name`,`email`,`created`,`updated`) VALUES ' . " (1,1,'Support','{$email}',NOW(),NOW())" . ",(2,1,'osTicket Alerts','alerts@{$domain}',NOW(),NOW())" . ",(3,1,'','noreply@{$domain}',NOW(),NOW())";
@mysql_query($sql);
//Create a ticket to make the system warm and happy.
$sql = 'INSERT INTO ' . PREFIX . 'ticket SET created=NOW(), status="open", source="Web" ' . ' ,priority_id=2, dept_id=1, topic_id=1 ' . ' ,ticketID=' . db_input(Misc::randNumber(6)) . ' ,email="*****@*****.**" ' . ' ,name="osTicket Support" ' . ' ,subject="osTicket Installed!"';
if (mysql_query($sql) && ($tid = mysql_insert_id())) {
if (!($msg = file_get_contents(INC_DIR . 'msg/installed.txt'))) {
$msg = 'Congratulations and Thank you for choosing osTicket!';
}
$sql = 'INSERT INTO ' . PREFIX . 'ticket_thread SET created=NOW()' . ', source="Web" ' . ', thread_type="M" ' . ', ticket_id=' . db_input($tid) . ', title=' . db_input('osTicket Installed') . ', body=' . db_input($msg);
@mysql_query($sql);
}
//TODO: create another personalized ticket and assign to admin??
//Log a message.
$msg = "Congratulations osTicket basic installation completed!\n\nThank you for choosing osTicket!";
$sql = 'INSERT INTO ' . PREFIX . 'syslog SET created=NOW(), updated=NOW(), log_type="Debug" ' . ', title="osTicket installed!"' . ', log=' . db_input($msg) . ', ip_address=' . db_input($_SERVER['REMOTE_ADDR']);
@mysql_query($sql);
return true;
}
//Add emails - hopefully the domain is actually valid
list($uname, $domain) = explode('@', $_POST['sysemail']);
//1 - main support email
$sql = 'INSERT INTO ' . PREFIX . 'email SET created=NOW(),updated=NOW(),priority_id=2,dept_id=1' . ',name=' . db_input('Support') . ',email=' . db_input($_POST['sysemail']);
mysql_query($sql);
//2 - alert email
$sql = 'INSERT INTO ' . PREFIX . 'email SET created=NOW(),updated=NOW(),priority_id=1,dept_id=1' . ',name=' . db_input('osTicket Alerts') . ',email=' . db_input('alerts@' . $domain);
mysql_query($sql);
//3 - noreply email
$sql = 'INSERT INTO ' . PREFIX . 'email SET created=NOW(),updated=NOW(),priority_id=1,dept_id=1' . ',name=' . db_input('') . ',email=' . db_input('noreply@' . $domain);
mysql_query($sql);
//config info
$sql = 'INSERT INTO ' . PREFIX . 'config SET updated=NOW() ' . ',isonline=0,default_email_id=1,alert_email_id=2,default_dept_id=1,default_template_id=1' . ',timezone_offset=' . db_input($tzoffset) . ',ostversion=' . db_input(VERSION) . ',admin_email=' . db_input($_POST['email']) . ',helpdesk_url=' . db_input(URL) . ',helpdesk_title=' . db_input($_POST['title']);
mysql_query($sql);
//Create a ticket to make the system warm and happy.
$sql = 'INSERT INTO ' . PREFIX . 'ticket SET created=NOW(),ticketID=' . db_input(Misc::randNumber(6)) . ",priority_id=2,dept_id=1,email='*****@*****.**',name='osTicket Support' " . ",subject='osTicket Installed!',helptopic='Commercial support',status='open',source='Web'";
if (db_query($sql) && ($id = db_insert_id())) {
db_query('INSERT INTO ' . PREFIX . "ticket_message VALUES (1,{$id},NULL," . db_input(OSTICKET_INSTALLED) . ",NULL,'Web','',NOW(),NULL)");
}
//Log a message.
$sql = 'INSERT INTO ' . PREFIX . 'syslog SET created=NOW(),updated=NOW() ' . ',title="osTicket installed!",log_type="Debug" ' . ',log=' . db_input("Congratulations osTicket basic installation completed!\n\nThank you for choosing osTicket!") . ',ip_address=' . db_input($_SERVER['REMOTE_ADDR']);
mysql_query($sql);
$msg = 'Congratulations osTicket basic installation completed!';
$inc = 'done.inc.php';
} else {
$errors['err'] = 'Unable to write to config file!';
}
}
@fclose($fp);
} else {
$errors['err'] = $errors['err'] ? $errors['err'] : 'Error(s) occured. Please correct them and try again';
