function doConfigureContent()
{
if (!isset($_SESSION['configureComplete'])) {
header('Location: install.php?action=configure');
return;
}
if (!isset($_POST['siteName'])) {
unset($_SESSION['configureComplete']);
header('Location: install.php?action=configure');
return;
}
if (!isset($_POST['siteEmail'])) {
unset($_SESSION['configureComplete']);
header('Location: install.php?action=configure');
return;
}
if (!isset($_POST['nonSecureURL'])) {
unset($_SESSION['configureComplete']);
header('Location: install.php?action=configure');
return;
}
if (!isset($_POST['secureURL'])) {
unset($_SESSION['configureComplete']);
header('Location: install.php?action=configure');
return;
}
if (!isset($_POST['webDirectory'])) {
unset($_SESSION['configureComplete']);
header('Location: install.php?action=configure');
return;
}
if (!isset($_POST['timeZone'])) {
unset($_SESSION['configureComplete']);
header('Location: install.php?action=configure');
return;
}
if (!isset($_POST['username'])) {
unset($_SESSION['configureComplete']);
header('Location: install.php?action=configure');
return;
}
if (!isset($_POST['firstName'])) {
unset($_SESSION['configureComplete']);
header('Location: install.php?action=configure');
return;
}
if (!isset($_POST['lastName'])) {
unset($_SESSION['configureComplete']);
header('Location: install.php?action=configure');
return;
}
if (!isset($_POST['email'])) {
unset($_SESSION['configureComplete']);
header('Location: install.php?action=configure');
return;
}
if (!isset($_POST['password1'])) {
unset($_SESSION['configureComplete']);
header('Location: install.php?action=configure');
return;
}
if (!isset($_POST['password2'])) {
unset($_SESSION['configureComplete']);
header('Location: install.php?action=configure');
return;
}
if ($_POST['password1'] != $_POST['password2']) {
unset($_SESSION['configureComplete']);
$_SESSION['errors'][] = 'The inputted passwords for the first account don\'t match.';
header('Location: install.php?action=configure');
return;
}
if (!isset($_POST['smtpServer'])) {
unset($_SESSION['configureComplete']);
header('Location: install.php?action=configure');
return;
}
if (!isset($_POST['smtpPort'])) {
unset($_SESSION['configureComplete']);
header('Location: install.php?action=configure');
return;
}
if (!is_numeric($_POST['smtpPort'])) {
unset($_SESSION['configureComplete']);
$_SESSION['errors'][] = 'Please enter a valid port for the SMTP Server.';
header('Location: install.php?action=configure');
return;
}
if (!isset($_POST['smtpUserName'])) {
unset($_SESSION['configureComplete']);
header('Location: install.php?action=configure');
return;
}
if (!isset($_POST['smtpPassword1'])) {
unset($_SESSION['configureComplete']);
header('Location: install.php?action=configure');
return;
}
if (!isset($_POST['smtpPassword2'])) {
unset($_SESSION['configureComplete']);
header('Location: install.php?action=configure');
return;
}
if ($_POST['smtpPassword1'] != $_POST['smtpPassword2']) {
unset($_SESSION['configureComplete']);
$_SESSION['errors'][] = 'The inputted passwords for the SMTP account don\'t match.';
header('Location: install.php?action=configure');
return;
}
$siteName = strip_tags(trim($_POST['siteName']));
$siteEmail = strip_tags(trim($_POST['siteEmail']));
$nonSecureURL = strip_tags(trim($_POST['nonSecureURL']));
$secureURL = strip_tags(trim($_POST['secureURL']));
$webDirectory = strip_tags(trim($_POST['webDirectory']));
$timeZone = strip_tags(trim($_POST['timeZone']));
$username = strip_tags(trim($_POST['username']));
$firstName = strip_tags(trim($_POST['firstName']));
$lastName = strip_tags(trim($_POST['lastName']));
$email = strip_tags(trim($_POST['email']));
$password = $_POST['password1'];
$smtpServers = strip_tags(trim($_POST['smtpServer']));
$smtpPort = intval($_POST['smtpPort']);
$smtpUserName = strip_tags(trim($_POST['smtpUserName']));
$enc = new Encrypter();
$smtpPassword = $enc->encrypt(trim($_POST['smtpPassword1']));
$smtpUseEncryption = isset($_POST['smtpUseEncryption']);
$emailValidator = new emailValidator();
if (!$emailValidator->validate($siteEmail)) {
unset($_SESSION['configureComplete']);
$_SESSION['errors'][] = 'The site email isn\'t a valid email address.';
header('Location: install.php?action=configure');
return;
}
if (!$emailValidator->validate($email)) {
unset($_SESSION['configureComplete']);
$_SESSION['errors'][] = 'The email address for the first user isn\'t valid.';
header('Location: install.php?action=configure');
return;
}
unset($emailValidator);
$urlValidator = new urlValidator();
$options = array('noDirectories', 'mightBeIP');
$nonSecureOptions = array_merge($options, array('httpOnly'));
$secureOptions = array_merge($options, array('httpsOnly'));
if (!$urlValidator->validate($nonSecureURL, $nonSecureOptions)) {
unset($_SESSION['configureComplete']);
$_SESSION['errors'][] = 'The non-secure URL isn\'t valid. Please try again.';
header('Location: install.php?action=configure');
return;
}
if (!$urlValidator->validate($secureURL, $secureOptions)) {
unset($_SESSION['configureComplete']);
$_SESSION['errors'][] = 'The secure URL isn\'t valid. Please try again.';
header('Location: install.php?action=configure');
return;
}
unset($urlValidator);
if ($webDirectory[0] != '/') {
unset($_SESSION['configureComplete']);
$_SESSION['errors'][] = 'I couldn\'t validate the web directory. Please try again.';
header('Location: install.php?action=configure');
return;
}
$timeZoneValidator = new phpTimeZoneValidator();
if (!$timeZoneValidator->validate($timeZone)) {
unset($_SESSION['configureComplete']);
$_SESSION['errors'][] = 'I couldn\'t validate the selected time zone. Please try again.';
header('Location: install.php?action=configure');
return;
}
unset($timeZoneValidator);
$password = Hasher::generateHash($password);
if ($password == false) {
unset($_SESSION['configureComplete']);
$_SESSION['errors'][] = 'I couldn\'t properly hash your password. Please try again.';
header('Location: install.php?action=configure');
return;
}
$database = Database::getInstance();
$database->connect();
if (!$database->isConnected()) {
unset($_SESSION['configureComplete']);
$_SESSION['errors'][] = 'I couldn\'t establish a connection to the database. Please try again. If you keep receiving this error, please delete the site/config.xml and start the installer again.';
header('Location: install.php?action=configure');
return;
}
if ($smtpUseEncryption == 'tls') {
$smtpEncryption = 'true';
} else {
$smtpEncryption = 'false';
}
if ($webDirectory !== "/") {
$webDirectory .= '/';
}
$variables = array('cleanURLsEnabled' => 'false', 'educaskVersion' => EDUCASK_VERSION, 'guestRoleID' => '1', 'maintenanceMode' => 'false', 'siteEmail' => $siteEmail, 'siteTheme' => 'default', 'siteTimeZone' => $timeZone, 'siteTitle' => $siteName, 'siteWebAddress' => $nonSecureURL, 'siteWebAddressSecure' => $secureURL, 'siteWebDirectory' => $webDirectory, 'smtpServer' => $smtpServers, 'smtpPort' => $smtpPort, 'smtpUserName' => $smtpUserName, 'smtpPassword' => $smtpPassword, 'smtpUseEncryption' => $smtpEncryption, 'lastCronRun' => '2015-01-01 21:15:53', 'cronRunning' => 'false', 'cronFrequency' => '10 minutes', 'minimumPasswordLength' => '5', 'lockoutPeriod' => '10', 'numberOfAttemptsBeforeLockout' => '3', 'maxSessionIdAge' => '600');
foreach ($variables as $name => $value) {
$name = $database->escapeString($name);
$value = $database->escapeString($value);
if (!$database->insertData('variable', 'variableName, variableValue', "'{$name}', '{$value}'")) {
$_SESSION['errors'][] = "I wasn't able to insert the variable {$name} with a value of {$value} into the variable table. You may want to manually add this row to the variable table in the database. For help on this, please see <a href=\"https://www.educask.com\" target=\"_blank\">this page</a>.";
//@ToDo: make the link point to actual help
continue;
}
}
$database->updateTable('variable', 'readOnly=1', "variableName='educaskVersion'");
$sqlScript = EDUCASK_ROOT . '/core/sql/defaultRolesInstallSafe.sql';
if (!is_file($sqlScript)) {
unset($_SESSION['configureComplete']);
$_SESSION['errors'][] = 'I couldn\'t find the SQL script to create the needed roles. Please make sure that ' . $sqlScript . ' exists and is readable by PHP.';
header('Location: install.php?action=configure');
return;
}
$sql = file_get_contents($sqlScript);
if (!$sql) {
unset($_SESSION['configureComplete']);
$_SESSION['errors'][] = 'I couldn\'t read the SQL script in order to create the needed roles. Please make sure PHP can read the file ' . $sqlScript;
header('Location: install.php?action=configure');
return;
}
$sqlStatements = explode(';', $sql);
foreach ($sqlStatements as $sqlStatement) {
$sqlStatement = trim($sqlStatement);
if ($sqlStatement == '') {
continue;
}
$database->makeCustomQuery($sqlStatement);
}
$username = $database->escapeString($username);
$firstName = $database->escapeString($firstName);
$lastName = $database->escapeString($lastName);
$email = $database->escapeString($email);
$password = $database->escapeString($password);
$success = $database->insertData('user', 'userID, userName, firstName, lastName, email, password, roleID', "0, 'anonGuest', 'Anonymous', 'Guest', '*****@*****.**', '', 1");
$success = $success && $database->updateTable("user", "userID=0", "userID=1");
$success = $success && $database->insertData('user', 'userID, userName, firstName, lastName, email, password, roleID', "1, '{$username}', '{$firstName}', '{$lastName}', '{$email}', '{$password}', 4");
if (!$success) {
unset($_SESSION['configureComplete']);
$_SESSION['errors'][] = 'I couldn\'t create the new user account. Please try again. For help on this, please see <a href="https://www.educask.com" target="_blank">this page</a>.';
//@ToDo: make the link point to actual help
header('Location: install.php?action=configure');
return;
}
$database->makeCustomQuery("ALTER TABLE user AUTO_INCREMENT=2");
header('Location: install.php?action=install');
}
public function setSecureWebAddress($inUrl)
{
$validator = new urlValidator();
if (!$validator->validate($inUrl, array('mightBeIP', 'noDirectories', 'httpsOnly'))) {
return false;
}
if (!$this->urlSecure->setValue($inUrl)) {
return false;
}
if (!$this->urlSecure->save()) {
return false;
}
self::setInstance($this);
}