function osc_is_writable($file)
{
if (strtolower(substr(PHP_OS, 0, 3)) === 'win') {
if (file_exists($file)) {
$file = realpath($file);
if (is_dir($file)) {
$result = @tempnam($file, 'osc');
if (is_string($result) && file_exists($result)) {
unlink($result);
return strpos($result, $file) === 0 ? true : false;
}
} else {
$handle = @fopen($file, 'r+');
if (is_resource($handle)) {
fclose($handle);
return true;
}
}
} else {
$dir = dirname($file);
if (file_exists($dir) && is_dir($dir) && osc_is_writable($dir)) {
return true;
}
}
return false;
} else {
return is_writable($file);
}
}
@unlink($dir_fs_document_root . 'includes/work/' . $filename);
}
}
closedir($handle);
}
$http_url = parse_url($_POST['HTTP_WWW_ADDRESS']);
$http_server = $http_url['scheme'] . '://' . $http_url['host'];
$http_catalog = $http_url['path'];
if (isset($http_url['port']) && !empty($http_url['port'])) {
$http_server .= ':' . $http_url['port'];
}
if (substr($http_catalog, -1) != '/') {
$http_catalog .= '/';
}
$admin_folder = 'admin';
if (isset($_POST['CFG_ADMIN_DIRECTORY']) && !empty($_POST['CFG_ADMIN_DIRECTORY']) && osc_is_writable($dir_fs_document_root) && osc_is_writable($dir_fs_document_root . 'admin')) {
$admin_folder = preg_replace('/[^a-zA-Z0-9]/', '', trim($_POST['CFG_ADMIN_DIRECTORY']));
if (empty($admin_folder)) {
$admin_folder = 'admin';
}
}
$file_contents = '<?php' . "\n" . ' define(\'HTTP_SERVER\', \'' . $http_server . '\');' . "\n" . ' define(\'HTTPS_SERVER\', \'' . $http_server . '\');' . "\n" . ' define(\'ENABLE_SSL\', false);' . "\n" . ' define(\'HTTP_COOKIE_DOMAIN\', \'\');' . "\n" . ' define(\'HTTPS_COOKIE_DOMAIN\', \'\');' . "\n" . ' define(\'HTTP_COOKIE_PATH\', \'' . $http_catalog . '\');' . "\n" . ' define(\'HTTPS_COOKIE_PATH\', \'' . $http_catalog . '\');' . "\n" . ' define(\'DIR_WS_HTTP_CATALOG\', \'' . $http_catalog . '\');' . "\n" . ' define(\'DIR_WS_HTTPS_CATALOG\', \'' . $http_catalog . '\');' . "\n" . ' define(\'DIR_WS_IMAGES\', \'images/\');' . "\n" . ' define(\'DIR_WS_ICONS\', DIR_WS_IMAGES . \'icons/\');' . "\n" . ' define(\'DIR_WS_INCLUDES\', \'includes/\');' . "\n" . ' define(\'DIR_WS_FUNCTIONS\', DIR_WS_INCLUDES . \'functions/\');' . "\n" . ' define(\'DIR_WS_CLASSES\', DIR_WS_INCLUDES . \'classes/\');' . "\n" . ' define(\'DIR_WS_MODULES\', DIR_WS_INCLUDES . \'modules/\');' . "\n" . ' define(\'DIR_WS_LANGUAGES\', DIR_WS_INCLUDES . \'languages/\');' . "\n\n" . ' define(\'DIR_WS_DOWNLOAD_PUBLIC\', \'pub/\');' . "\n" . ' define(\'DIR_FS_CATALOG\', \'' . $dir_fs_document_root . '\');' . "\n" . ' define(\'DIR_FS_DOWNLOAD\', DIR_FS_CATALOG . \'download/\');' . "\n" . ' define(\'DIR_FS_DOWNLOAD_PUBLIC\', DIR_FS_CATALOG . \'pub/\');' . "\n\n" . ' define(\'DB_SERVER\', \'' . trim($_POST['DB_SERVER']) . '\');' . "\n" . ' define(\'DB_SERVER_USERNAME\', \'' . trim($_POST['DB_SERVER_USERNAME']) . '\');' . "\n" . ' define(\'DB_SERVER_PASSWORD\', \'' . trim($_POST['DB_SERVER_PASSWORD']) . '\');' . "\n" . ' define(\'DB_DATABASE\', \'' . trim($_POST['DB_DATABASE']) . '\');' . "\n" . ' define(\'USE_PCONNECT\', \'false\');' . "\n" . ' define(\'STORE_SESSIONS\', \'mysql\');' . "\n";
if (isset($_POST['CFG_TIME_ZONE'])) {
$file_contents .= ' define(\'CFG_TIME_ZONE\', \'' . trim($_POST['CFG_TIME_ZONE']) . '\');' . "\n";
}
$file_contents .= '?>';
$fp = fopen($dir_fs_document_root . 'includes/configure.php', 'w');
fputs($fp, $file_contents);
fclose($fp);
@chmod($dir_fs_document_root . 'includes/configure.php', 0644);
$file_contents = '<?php' . "\n" . ' define(\'HTTP_SERVER\', \'' . $http_server . '\');' . "\n" . ' define(\'HTTPS_SERVER\', \'' . $http_server . '\');' . "\n" . ' define(\'ENABLE_SSL\', false);' . "\n" . ' define(\'HTTP_COOKIE_DOMAIN\', \'\');' . "\n" . ' define(\'HTTPS_COOKIE_DOMAIN\', \'\');' . "\n" . ' define(\'HTTP_COOKIE_PATH\', \'' . $http_catalog . $admin_folder . '\');' . "\n" . ' define(\'HTTPS_COOKIE_PATH\', \'' . $http_catalog . $admin_folder . '\');' . "\n" . ' define(\'HTTP_CATALOG_SERVER\', \'' . $http_server . '\');' . "\n" . ' define(\'HTTPS_CATALOG_SERVER\', \'' . $http_server . '\');' . "\n" . ' define(\'ENABLE_SSL_CATALOG\', \'false\');' . "\n" . ' define(\'DIR_FS_DOCUMENT_ROOT\', \'' . $dir_fs_document_root . '\');' . "\n" . ' define(\'DIR_WS_ADMIN\', \'' . $http_catalog . $admin_folder . '/\');' . "\n" . ' define(\'DIR_WS_HTTPS_ADMIN\', \'' . $http_catalog . $admin_folder . '/\');' . "\n" . ' define(\'DIR_FS_ADMIN\', \'' . $dir_fs_document_root . $admin_folder . '/\');' . "\n" . ' define(\'DIR_WS_CATALOG\', \'' . $http_catalog . '\');' . "\n" . ' define(\'DIR_WS_HTTPS_CATALOG\', \'' . $http_catalog . '\');' . "\n" . ' define(\'DIR_FS_CATALOG\', \'' . $dir_fs_document_root . '\');' . "\n" . ' define(\'DIR_WS_IMAGES\', \'images/\');' . "\n" . ' define(\'DIR_WS_ICONS\', DIR_WS_IMAGES . \'icons/\');' . "\n" . ' define(\'DIR_WS_CATALOG_IMAGES\', DIR_WS_CATALOG . \'images/\');' . "\n" . ' define(\'DIR_WS_INCLUDES\', \'includes/\');' . "\n" . ' define(\'DIR_WS_BOXES\', DIR_WS_INCLUDES . \'boxes/\');' . "\n" . ' define(\'DIR_WS_FUNCTIONS\', DIR_WS_INCLUDES . \'functions/\');' . "\n" . ' define(\'DIR_WS_CLASSES\', DIR_WS_INCLUDES . \'classes/\');' . "\n" . ' define(\'DIR_WS_MODULES\', DIR_WS_INCLUDES . \'modules/\');' . "\n" . ' define(\'DIR_WS_LANGUAGES\', DIR_WS_INCLUDES . \'languages/\');' . "\n" . ' define(\'DIR_WS_CATALOG_LANGUAGES\', DIR_WS_CATALOG . \'includes/languages/\');' . "\n" . ' define(\'DIR_FS_CATALOG_LANGUAGES\', DIR_FS_CATALOG . \'includes/languages/\');' . "\n" . ' define(\'DIR_FS_CATALOG_IMAGES\', DIR_FS_CATALOG . \'images/\');' . "\n" . ' define(\'DIR_FS_CATALOG_MODULES\', DIR_FS_CATALOG . \'includes/modules/\');' . "\n" . ' define(\'DIR_FS_BACKUP\', DIR_FS_ADMIN . \'backups/\');' . "\n" . ' define(\'DIR_FS_DOWNLOAD\', DIR_FS_CATALOG . \'download/\');' . "\n" . ' define(\'DIR_FS_DOWNLOAD_PUBLIC\', DIR_FS_CATALOG . \'pub/\');' . "\n\n" . ' define(\'DB_SERVER\', \'' . trim($_POST['DB_SERVER']) . '\');' . "\n" . ' define(\'DB_SERVER_USERNAME\', \'' . trim($_POST['DB_SERVER_USERNAME']) . '\');' . "\n" . ' define(\'DB_SERVER_PASSWORD\', \'' . trim($_POST['DB_SERVER_PASSWORD']) . '\');' . "\n" . ' define(\'DB_DATABASE\', \'' . trim($_POST['DB_DATABASE']) . '\');' . "\n" . ' define(\'USE_PCONNECT\', \'false\');' . "\n" . ' define(\'STORE_SESSIONS\', \'mysql\');' . "\n";
<td class="inputField"><?php
echo 'Name Administrator<br />' . osc_draw_input_field('CFG_ADMINISTRATOR_USERNAME', null, 'class="text"');
?>
</td>
<td class="inputDescription">Der Name des Administrators für das Anmelden an den Administrationsbereich.</td>
</tr>
<tr>
<td class="inputField"><?php
echo 'Passwort Administrator<br />' . osc_draw_input_field('CFG_ADMINISTRATOR_PASSWORD', null, 'class="text"');
?>
</td>
<td class="inputDescription">Das Passwort des Administrators für das Anmelden an den Administrationsbereich.</td>
</tr>
<?php
if (osc_is_writable($dir_fs_document_root) && osc_is_writable($dir_fs_document_root . 'admin')) {
?>
<tr>
<td class="inputField"><?php
echo 'Verzeichnis Administrationsbereich<br />' . osc_draw_input_field('CFG_ADMIN_DIRECTORY', 'admin', 'class="text"');
?>
</td>
<td class="inputDescription">Das Verzeichnis, in dem der Administrationsbereich installiert wird. Aus Sicherheitsgründen sollte das Verzeichnis unbedingt geändert werden.</td>
</tr>
<?php
}
if (PHP_VERSION >= '5.2') {
?>
<tr>
<td class="inputField"><?php
echo 'Zeitzone<br />' . osc_draw_time_zone_select_menu('CFG_TIME_ZONE');
?>
.</li>
<?php
}
if (file_exists($dir_fs_document_root . 'includes/configure.php') && osc_is_writable($dir_fs_document_root . 'includes/configure.php')) {
?>
<li>Set the permissions on <?php
echo $dir_fs_document_root . 'includes/configure.php';
?>
to 644 (or 444 if this file is still writable).</li>
<?php
}
if (file_exists($dir_fs_document_root . $admin_folder . '/includes/configure.php') && osc_is_writable($dir_fs_document_root . $admin_folder . '/includes/configure.php')) {
?>
<li>Set the permissions on <?php
echo $dir_fs_document_root . $admin_folder . '/includes/configure.php';
?>
to 644 (or 444 if this file is still writable).</li>
<?php
}
?>
<li>Review the directory permissions on the Administration Tool -> Tools -> Security Directory Permissions page.</li>
<li>The Administration Tool should be further protected using htaccess/htpasswd and can be set-up within the Configuration -> Administrators page.</li>
</ol>
</div>
<div class="page-header">
<h2>New Installation</h2>
</div>
<?php
$configfile_array = array();
if (file_exists(osc_realpath(dirname(__FILE__) . '/../../../includes') . '/configure.php') && !osc_is_writable(osc_realpath(dirname(__FILE__) . '/../../../includes') . '/configure.php')) {
@chmod(osc_realpath(dirname(__FILE__) . '/../../../includes') . '/configure.php', 0777);
}
if (file_exists(osc_realpath(dirname(__FILE__) . '/../../../admin/includes') . '/configure.php') && !osc_is_writable(osc_realpath(dirname(__FILE__) . '/../../../admin/includes') . '/configure.php')) {
@chmod(osc_realpath(dirname(__FILE__) . '/../../../admin/includes') . '/configure.php', 0777);
}
if (file_exists(osc_realpath(dirname(__FILE__) . '/../../../includes') . '/configure.php') && !osc_is_writable(osc_realpath(dirname(__FILE__) . '/../../../includes') . '/configure.php')) {
$configfile_array[] = osc_realpath(dirname(__FILE__) . '/../../../includes') . '/configure.php';
}
if (file_exists(osc_realpath(dirname(__FILE__) . '/../../../admin/includes') . '/configure.php') && !osc_is_writable(osc_realpath(dirname(__FILE__) . '/../../../admin/includes') . '/configure.php')) {
$configfile_array[] = osc_realpath(dirname(__FILE__) . '/../../../admin/includes') . '/configure.php';
}
$warning_array = array();
if (function_exists('ini_get')) {
if ($compat_register_globals == false) {
$warning_array['register_globals'] = 'Compatibility with register_globals is supported from PHP 4.3+. This setting <u>must be enabled</u> due to an older PHP version being used.';
}
}
if (!extension_loaded('mysql')) {
$warning_array['mysql'] = 'The MySQL extension is required but is not installed. Please enable it to continue installation.';
}
if (sizeof($configfile_array) > 0 || sizeof($warning_array) > 0) {
?>
<div class="noticeBox">