/** * Step 3 - Populate database and finish */ private function step3() { $this->setViewTemplate('install.step3.tpl'); $config_file_exists = false; $config_file = THINKUP_WEBAPP_PATH . 'config.inc.php'; // make sure we are here with posted data if (empty($_POST)) { $this->step1(); return; } // check if we have made config.inc.php if (file_exists($config_file) && filesize($config_file) > 0) { // this is could be from step 2 is not able writing // to webapp dir $config_file_exists = true; require $config_file; $db_config['db_type'] = $THINKUP_CFG['db_type']; $db_config['db_name'] = $THINKUP_CFG['db_name']; $db_config['db_user'] = $THINKUP_CFG['db_user']; $db_config['db_password'] = $THINKUP_CFG['db_password']; $db_config['db_host'] = $THINKUP_CFG['db_host']; $db_config['db_socket'] = $THINKUP_CFG['db_socket']; $db_config['db_port'] = $THINKUP_CFG['db_port']; $db_config['table_prefix'] = $THINKUP_CFG['table_prefix']; $db_config['timezone'] = $THINKUP_CFG['timezone']; $email = trim($_POST['site_email']); } else { // make sure we're not from error or couldn't write config.inc.php if (!isset($_POST['db_user']) && !isset($_POST['db_passwd']) && !isset($_POST['db_name']) && !isset($_POST['db_host'])) { $this->addErrorMessage("Missing database credentials"); $this->step2(); return; } // trim each posted value $db_config['db_type'] = trim(@$_POST['db_type']); $db_config['db_name'] = trim($_POST['db_name']); $db_config['db_user'] = trim($_POST['db_user']); $db_config['db_password'] = trim($_POST['db_passwd']); $db_config['db_host'] = trim($_POST['db_host']); $db_config['db_socket'] = trim($_POST['db_socket']); $db_config['db_port'] = trim($_POST['db_port']); $db_config['table_prefix'] = trim($_POST['db_prefix']); $db_config['timezone'] = trim($_POST['timezone']); $email = trim($_POST['site_email']); } $db_config['db_type'] = 'mysql'; //default for now $password = $_POST['password']; $confirm_password = $_POST['confirm_password']; $full_name = $_POST['full_name']; $display_errors = false; // check email if (!Utils::validateEmail($email)) { $this->addErrorMessage("Please enter a valid email address.", "email"); $display_errors = true; } if ($password != $confirm_password || $password == '' || !preg_match("/(?=.{8,})(?=.*[a-zA-Z])(?=.*[0-9])/", $password)) { //check password if ($password != $confirm_password) { $this->addErrorMessage("Your passwords did not match.", "password"); } else { if ($password == '') { $this->addErrorMessage("Please choose a password.", "password"); } else { if (!preg_match("/(?=.{8,})(?=.*[a-zA-Z])(?=.*[0-9])/", $password)) { $this->addErrorMessage("Password must be at least 8 characters and contain both numbers and letters.", "password"); } } } $display_errors = true; } if ($_POST['db_name'] == '') { $this->addErrorMessage("Please enter a database name.", "database_name"); $display_errors = true; } if ($_POST['db_host'] == '') { $this->addErrorMessage("Please enter a database host.", "database_host"); $display_errors = true; } if ($_POST['timezone'] == '') { $this->addErrorMessage("Please select a time zone.", "timezone"); $display_errors = true; } if (($error = $this->installer->checkDb($db_config)) !== true) { //check db if (($p = strpos($error->getMessage(), "Unknown MySQL server host")) !== false || ($p = strpos($error->getMessage(), "Can't connect to MySQL server")) !== false || ($p = strpos($error->getMessage(), "Can't connect to local MySQL server through socket")) !== false || ($p = strpos($error->getMessage(), "Access denied for user")) !== false) { $db_error = substr($error->getMessage(), $p); } else { $db_error = $error->getMessage(); } $disable_xss = true; $db_error = filter_var($db_error, FILTER_SANITIZE_SPECIAL_CHARS); $this->addErrorMessage("ThinkUp couldn't connect to your database. The error message is:<br /> " . " <strong>{$db_error}</strong><br />Please correct your database information and try again.", "database", $disable_xss); $display_errors = true; } if ($display_errors) { $this->setViewTemplate('install.step2.tpl'); $this->addToView('db_name', $db_config['db_name']); $this->addToView('db_user', $db_config['db_user']); $this->addToView('db_passwd', $db_config['db_password']); $this->addToView('db_host', $db_config['db_host']); $this->addToView('db_prefix', $db_config['table_prefix']); $this->addToView('db_socket', $db_config['db_socket']); $this->addToView('db_port', $db_config['db_port']); $this->addToView('db_type', $db_config['db_type']); $this->addToView('current_tz', $_POST['timezone']); $this->addToView('tz_list', $this->getTimeZoneList()); $this->addToView('site_email', $email); $this->addToView('full_name', $full_name); return; } $admin_user = array('email' => $email, 'password' => $password, 'confirm_password' => $confirm_password); // trying to create config file if (!$config_file_exists && !$this->installer->createConfigFile($db_config, $admin_user)) { $config_file_contents_arr = $this->installer->generateConfigFile($db_config, $admin_user); $config_file_contents_str = ''; foreach ($config_file_contents_arr as $line) { $config_file_contents_str .= htmlentities($line); } $whoami = @exec('whoami'); $disable_xss = true; if (!empty($whoami)) { $whoami = filter_var($whoami, FILTER_SANITIZE_SPECIAL_CHARS); $this->addErrorMessage("ThinkUp couldn't write the <code>config.inc.php</code> file.<br /><br />" . "Use root (or sudo) to create the file manually, and allow PHP to write to it, by executing the " . "following commands:<br /><code>sudo touch " . escapeshellcmd(THINKUP_WEBAPP_PATH . "config.inc.php") . "</code><br /><code>sudo chown {$whoami} " . escapeshellcmd(THINKUP_WEBAPP_PATH . "config.inc.php") . "</code><br /><br />If you don't have root access, create the <code>" . THINKUP_WEBAPP_PATH . "config.inc.php</code> file, show the contents of your config file below," . " and copy and paste the text into the <code>config.inc.php</code> file.", null, $disable_xss); } else { $this->addErrorMessage("ThinkUp couldn't write the <code>config.inc.php</code> file.<br /><br />" . "You will need to create the <code>" . THINKUP_WEBAPP_PATH . "config.inc.php</code> file manually, and paste the following text into it.", null, $disable_xss); } $this->addToView('config_file_contents', $config_file_contents_str); $this->addToView('_POST', $_POST); $this->setViewTemplate('install.config.tpl'); return; } unset($admin_user['confirm_password']); // check tables $this->installer->checkTable($db_config); // if empty, we're ready to populate the database with ThinkUp tables $this->installer->populateTables($db_config); //Set the application server name in app settings for access by command-line scripts Installer::storeServerName(); $owner_dao = DAOFactory::getDAO('OwnerDAO', $db_config); if (!$owner_dao->doesAdminExist() && !$owner_dao->doesOwnerExist($email)) { // create admin if not exists $activation_code = $owner_dao->createAdmin($email, $password, $full_name); // view for email $cfg_array = array('site_root_path' => Utils::getSiteRootPathFromFileSystem(), 'source_root_path' => THINKUP_ROOT_PATH, 'debug' => false, 'app_title_prefix' => "", 'cache_pages' => false); $email_view = new ViewManager($cfg_array); $email_view->caching = false; $email_view->assign('application_url', Utils::getApplicationURL()); $email_view->assign('email', urlencode($email)); $email_view->assign('activ_code', $activation_code); $message = $email_view->fetch('_email.registration.tpl'); Mailer::mail($email, "Activate Your New ThinkUp Account", $message); } else { $email = 'Use your old email admin'; $password = '******'; } unset($THINKUP_CFG); $this->addToView('errors', $this->installer->getErrorMessages()); $this->addToView('username', $email); $this->addToView('password', $password); $this->addToView('login_url', Utils::getSiteRootPathFromFileSystem() . 'session/login.php'); }
/** * Step 3 - Populate database and finish */ private function step3() { $this->setViewTemplate('install.step3.tpl'); $config_file_exists = false; $config_file = THINKUP_WEBAPP_PATH . 'config.inc.php'; // make sure we are here with posted data if (empty($_POST)) { $this->step1(); return; } // check if we have made config.inc.php if (file_exists($config_file) && filesize($config_file) > 0) { // this is could be from step 2 is not able writing // to webapp dir $config_file_exists = true; require $config_file; $db_config['db_type'] = $THINKUP_CFG['db_type']; $db_config['db_name'] = $THINKUP_CFG['db_name']; $db_config['db_user'] = $THINKUP_CFG['db_user']; $db_config['db_password'] = $THINKUP_CFG['db_password']; $db_config['db_host'] = $THINKUP_CFG['db_host']; $db_config['db_socket'] = $THINKUP_CFG['db_socket']; $db_config['db_port'] = $THINKUP_CFG['db_port']; $db_config['table_prefix'] = $THINKUP_CFG['table_prefix']; $db_config['GMT_offset'] = $THINKUP_CFG['GMT_offset']; $db_config['timezone'] = $THINKUP_CFG['timezone']; $email = trim($_POST['site_email']); } else { // make sure we're not from error of couldn't write config.inc.php if (!isset($_POST['db_user']) && !isset($_POST['db_passwd']) && !isset($_POST['db_name']) && !isset($_POST['db_host'])) { $this->addErrorMessage("Missing database credentials"); $this->step2(); return; } // trim each posted value $db_config['db_type'] = trim(@$_POST['db_type']); $db_config['db_name'] = trim($_POST['db_name']); $db_config['db_user'] = trim($_POST['db_user']); $db_config['db_password'] = trim($_POST['db_passwd']); $db_config['db_host'] = trim($_POST['db_host']); $db_config['db_socket'] = trim($_POST['db_socket']); $db_config['db_port'] = trim($_POST['db_port']); $db_config['table_prefix'] = trim($_POST['db_prefix']); $db_config['timezone'] = trim($_POST['timezone']); $email = trim($_POST['site_email']); // get GMT offset in hours $db_config['GMT_offset'] = timezone_offset_get(new DateTimeZone($_POST['timezone']), new DateTime('now')) / 3600; } $db_config['db_type'] = 'mysql'; //default for now $password = $_POST['password']; $confirm_password = $_POST['confirm_password']; $full_name = $_POST['full_name']; $display_errors = false; // check email if (!Utils::validateEmail($email)) { $this->addErrorMessage("Please enter a valid email address."); $this->setViewTemplate('install.step2.tpl'); $display_errors = true; } else { if ($password != $confirm_password || $password == '') { //check password if ($password != $confirm_password) { $this->addErrorMessage("Your passwords did not match."); } else { $this->addErrorMessage("Please choose a password."); } $this->setViewTemplate('install.step2.tpl'); $display_errors = true; } elseif (($error = $this->installer->checkDb($db_config)) !== true) { //check db if (($p = strpos($error->getMessage(), "Unknown MySQL server host")) !== false || ($p = strpos($error->getMessage(), "Can't connect to MySQL server")) !== false || ($p = strpos($error->getMessage(), "Can't connect to local MySQL server through socket")) !== false || ($p = strpos($error->getMessage(), "Access denied for user")) !== false) { $db_error = substr($error->getMessage(), $p); } else { $db_error = $error->getMessage(); } $this->addErrorMessage("ThinkUp couldn't connect to your database. The error message is:<br /> " . " <strong>{$db_error}</strong><br />Please correct your database information and try again."); $this->setViewTemplate('install.step2.tpl'); $display_errors = true; } } if ($display_errors) { $this->addToView('db_name', $db_config['db_name']); $this->addToView('db_user', $db_config['db_user']); $this->addToView('db_passwd', $db_config['db_password']); $this->addToView('db_host', $db_config['db_host']); $this->addToView('db_prefix', $db_config['table_prefix']); $this->addToView('db_socket', $db_config['db_socket']); $this->addToView('db_port', $db_config['db_port']); $this->addToView('db_type', $db_config['db_type']); $this->addToView('current_tz', $_POST['timezone']); $this->addToView('tz_list', $this->getTimeZoneList()); $this->addToView('site_email', $email); $this->addToView('full_name', $full_name); return; } $admin_user = array('email' => $email, 'password' => $password, 'confirm_password' => $confirm_password); // trying to create config file if (!$config_file_exists && !$this->installer->createConfigFile($db_config, $admin_user)) { $config_file_contents_arr = $this->installer->generateConfigFile($db_config, $admin_user); $config_file_contents_str = ''; foreach ($config_file_contents_arr as $line) { $config_file_contents_str .= htmlentities($line); } $whoami = exec('whoami'); if (!empty($whoami)) { $this->addErrorMessage("ThinkUp couldn't write the <code>config.inc.php</code> file.<br /><br />" . "Use root (or sudo) to create the file manually, and allow PHP to write to it, by executing the " . "following commands:<br /><code>touch " . escapeshellcmd(THINKUP_WEBAPP_PATH . "config.inc.php") . "</code><br /><code>chown {$whoami} " . escapeshellcmd(THINKUP_WEBAPP_PATH . "config.inc.php") . "</code><br /><br />If you don't have root access, create the <code>" . THINKUP_WEBAPP_PATH . "config.inc.php</code> file manually, and paste the following text into it." . "<br /><br />Click the <strong>Next Step</strong> button below once you did either."); } else { $this->addErrorMessage("ThinkUp couldn't write the <code>config.inc.php</code> file.<br /><br />" . "You will need to create the <code>" . THINKUP_WEBAPP_PATH . "config.inc.php</code> file manually, and paste the following text into it." . "<br /><br />Click the <strong>Next Step</strong> button once this is done."); } $this->addToView('config_file_contents', $config_file_contents_str); $this->addToView('_POST', $_POST); $this->setViewTemplate('install.config.tpl'); return; } unset($admin_user['confirm_password']); // check tables $this->installer->checkTable($db_config); // if empty, we're ready to populate the database with ThinkUp tables $this->installer->populateTables($db_config); $owner_dao = DAOFactory::getDAO('OwnerDAO', $db_config); if (!$owner_dao->doesAdminExist() && !$owner_dao->doesOwnerExist($email)) { // create admin if not exists $session = new Session(); $activation_code = rand(1000, 9999); $crypt_pass = $session->pwdcrypt($password); //$owner_dao->insertActivatedAdmin($email, $crypt_pass, $full_name); $owner_dao->createAdmin($email, $crypt_pass, $activation_code, $full_name); // view for email $cfg_array = array('site_root_path' => THINKUP_BASE_URL, 'source_root_path' => THINKUP_ROOT_PATH, 'debug' => false, 'app_title' => "ThinkUp", 'cache_pages' => false); $email_view = new SmartyThinkUp($cfg_array); $email_view->caching = false; $email_view->assign('server', $_SERVER['HTTP_HOST']); $email_view->assign('email', urlencode($email)); $email_view->assign('activ_code', $activation_code); $message = $email_view->fetch('_email.registration.tpl'); Mailer::mail($email, "Activate Your New ThinkUp Account", $message); } else { $email = 'Use your old email admin'; $password = '******'; } unset($THINKUP_CFG); $this->addToView('errors', $this->installer->getErrorMessages()); $this->addToView('username', $email); $this->addToView('password', $password); $this->addToView('login_url', THINKUP_BASE_URL . 'session/login.php'); }