install.php 88 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504150515061507150815091510151115121513151415151516151715181519152015211522152315241525152615271528152915301531153215331534153515361537153815391540154115421543154415451546154715481549155015511552155315541555155615571558155915601561156215631564156515661567156815691570157115721573157415751576157715781579158015811582158315841585158615871588158915901591159215931594159515961597159815991600160116021603160416051606160716081609161016111612161316141615161616171618161916201621162216231624162516261627162816291630163116321633163416351636163716381639164016411642164316441645164616471648164916501651165216531654165516561657165816591660166116621663166416651666166716681669167016711672167316741675167616771678167916801681168216831684168516861687168816891690169116921693169416951696169716981699170017011702170317041705170617071708170917101711171217131714171517161717171817191720172117221723172417251726172717281729173017311732173317341735173617371738173917401741174217431744174517461747174817491750175117521753175417551756175717581759176017611762176317641765176617671768176917701771177217731774177517761777177817791780178117821783178417851786178717881789179017911792179317941795179617971798179918001801180218031804180518061807180818091810181118121813181418151816181718181819182018211822182318241825182618271828182918301831183218331834183518361837183818391840184118421843184418451846184718481849185018511852185318541855185618571858185918601861186218631864186518661867186818691870187118721873187418751876187718781879188018811882188318841885188618871888188918901891189218931894189518961897189818991900190119021903190419051906190719081909191019111912191319141915191619171918191919201921192219231924192519261927192819291930193119321933193419351936193719381939194019411942194319441945194619471948194919501951195219531954195519561957195819591960196119621963196419651966196719681969197019711972197319741975197619771978197919801981198219831984198519861987198819891990199119921993199419951996199719981999200020012002200320042005200620072008200920102011201220132014201520162017201820192020202120222023202420252026202720282029203020312032203320342035203620372038203920402041204220432044204520462047204820492050205120522053205420552056205720582059206020612062206320642065206620672068206920702071207220732074207520762077207820792080208120822083208420852086208720882089209020912092209320942095209620972098209921002101210221032104210521062107210821092110211121122113211421152116211721182119212021212122212321242125212621272128212921302131213221332134213521362137213821392140214121422143214421452146214721482149215021512152215321542155215621572158215921602161216221632164216521662167216821692170217121722173217421752176217721782179218021812182218321842185218621872188218921902191219221932194219521962197219821992200220122022203220422052206220722082209221022112212221322142215221622172218221922202221222222232224222522262227222822292230223122322233223422352236223722382239224022412242224322442245224622472248224922502251225222532254225522562257225822592260226122622263226422652266226722682269227022712272227322742275227622772278227922802281228222832284228522862287228822892290229122922293229422952296229722982299230023012302230323042305230623072308230923102311231223132314231523162317231823192320232123222323232423252326232723282329233023312332233323342335233623372338233923402341234223432344234523462347234823492350235123522353235423552356235723582359236023612362236323642365236623672368236923702371237223732374237523762377237823792380238123822383238423852386238723882389239023912392239323942395239623972398239924002401240224032404240524062407240824092410241124122413241424152416241724182419242024212422242324242425242624272428242924302431243224332434243524362437243824392440244124422443244424452446244724482449245024512452245324542455245624572458245924602461246224632464246524662467246824692470247124722473247424752476247724782479248024812482248324842485248624872488248924902491249224932494249524962497249824992500250125022503250425052506250725082509251025112512251325142515251625172518251925202521252225232524252525262527252825292530253125322533253425352536253725382539254025412542254325442545254625472548254925502551255225532554255525562557255825592560256125622563256425652566256725682569257025712572257325742575257625772578257925802581258225832584258525862587258825892590259125922593259425952596259725982599260026012602260326042605260626072608260926102611261226132614261526162617261826192620262126222623262426252626262726282629263026312632263326342635263626372638263926402641264226432644264526462647264826492650265126522653265426552656
  1. <?php
  2. /**
  3. * Simple Machines Forum (SMF)
  4. *
  5. * @package SMF
  6. * @author Simple Machines http://www.simplemachines.org
  7. * @copyright 2013 Simple Machines and individual contributors
  8. * @license http://www.simplemachines.org/about/smf/license.php BSD
  9. *
  10. * @version 2.1 Alpha 1
  11. */
  12. $GLOBALS['current_smf_version'] = '2.1 Alpha 1';
  13. $GLOBALS['db_script_version'] = '2-1';
  14. $GLOBALS['required_php_version'] = '5.1.0';
  15. // Don't have PHP support, do you?
  16. // ><html dir="ltr"><head><title>Error!</title></head><body>Sorry, this installer requires PHP!<div style="display: none;">
  17. // Database info.
  18. $databases = array(
  19. 'mysqli' => array(
  20. 'name' => 'MySQLi',
  21. 'version' => '4.0.18',
  22. 'version_check' => 'return min(mysqli_get_server_info($db_connection), mysqli_get_client_info());',
  23. 'supported' => function_exists('mysqli_connect'),
  24. 'default_user' => 'mysql.default_user',
  25. 'default_password' => 'mysql.default_password',
  26. 'default_host' => 'mysql.default_host',
  27. 'default_port' => 'mysql.default_port',
  28. 'utf8_support' => true,
  29. 'utf8_version' => '4.1.0',
  30. 'utf8_version_check' => 'return mysqli_get_server_info($db_connection);',
  31. 'utf8_default' => true,
  32. 'utf8_required' => false,
  33. 'alter_support' => true,
  34. 'validate_prefix' => create_function('&$value', '
  35. $value = preg_replace(\'~[^A-Za-z0-9_\$]~\', \'\', $value);
  36. return true;
  37. '),
  38. ),
  39. 'mysql' => array(
  40. 'name' => 'MySQL',
  41. 'version' => '4.0.18',
  42. 'version_check' => 'return min(mysql_get_server_info(), mysql_get_client_info());',
  43. 'supported' => function_exists('mysql_connect'),
  44. 'default_user' => 'mysql.default_user',
  45. 'default_password' => 'mysql.default_password',
  46. 'default_host' => 'mysql.default_host',
  47. 'default_port' => 'mysql.default_port',
  48. 'utf8_support' => true,
  49. 'utf8_version' => '4.1.0',
  50. 'utf8_version_check' => 'return mysql_get_server_info();',
  51. 'utf8_default' => true,
  52. 'utf8_required' => false,
  53. 'alter_support' => true,
  54. 'validate_prefix' => create_function('&$value', '
  55. $value = preg_replace(\'~[^A-Za-z0-9_\$]~\', \'\', $value);
  56. return true;
  57. '),
  58. ),
  59. 'postgresql' => array(
  60. 'name' => 'PostgreSQL',
  61. 'version' => '8.0',
  62. 'function_check' => 'pg_connect',
  63. 'version_check' => '$request = pg_query(\'SELECT version()\'); list ($version) = pg_fetch_row($request); list($pgl, $version) = explode(" ", $version); return $version;',
  64. 'supported' => function_exists('pg_connect'),
  65. 'always_has_db' => true,
  66. 'utf8_default' => true,
  67. 'utf8_required' => true,
  68. 'utf8_support' => true,
  69. 'utf8_version' => '8.0',
  70. 'utf8_version_check' => '$request = pg_query(\'SELECT version()\'); list ($version) = pg_fetch_row($request); list($pgl, $version) = explode(" ", $version); return $version;',
  71. 'validate_prefix' => create_function('&$value', '
  72. $value = preg_replace(\'~[^A-Za-z0-9_\$]~\', \'\', $value);
  73. // Is it reserved?
  74. if ($value == \'pg_\')
  75. return $txt[\'error_db_prefix_reserved\'];
  76. // Is the prefix numeric?
  77. if (preg_match(\'~^\d~\', $value))
  78. return $txt[\'error_db_prefix_numeric\'];
  79. return true;
  80. '),
  81. ),
  82. 'sqlite' => array(
  83. 'name' => 'SQLite',
  84. 'version' => '1',
  85. 'function_check' => 'sqlite_open',
  86. 'version_check' => 'return 1;',
  87. 'supported' => function_exists('sqlite_open'),
  88. 'always_has_db' => true,
  89. 'utf8_default' => true,
  90. 'utf8_required' => true,
  91. 'utf8_support' => false,
  92. 'validate_prefix' => create_function('&$value', '
  93. global $incontext, $txt;
  94. $value = preg_replace(\'~[^A-Za-z0-9_\$]~\', \'\', $value);
  95. // Is it reserved?
  96. if ($value == \'sqlite_\')
  97. return $txt[\'error_db_prefix_reserved\'];
  98. // Is the prefix numeric?
  99. if (preg_match(\'~^\d~\', $value))
  100. return $txt[\'error_db_prefix_numeric\'];
  101. return true;
  102. '),
  103. ),
  104. );
  105. // Initialize everything and load the language files.
  106. initialize_inputs();
  107. load_lang_file();
  108. // This is what we are.
  109. $installurl = $_SERVER['PHP_SELF'];
  110. // This is where SMF is.
  111. $smfsite = 'http://www.simplemachines.org/smf';
  112. // All the steps in detail.
  113. // Number,Name,Function,Progress Weight.
  114. $incontext['steps'] = array(
  115. 0 => array(1, $txt['install_step_welcome'], 'Welcome', 0),
  116. 1 => array(2, $txt['install_step_writable'], 'CheckFilesWritable', 10),
  117. 2 => array(3, $txt['install_step_databaseset'], 'DatabaseSettings', 15),
  118. 3 => array(4, $txt['install_step_forum'], 'ForumSettings', 40),
  119. 4 => array(5, $txt['install_step_databasechange'], 'DatabasePopulation', 15),
  120. 5 => array(6, $txt['install_step_admin'], 'AdminAccount', 20),
  121. 6 => array(7, $txt['install_step_delete'], 'DeleteInstall', 0),
  122. );
  123. // Default title...
  124. $incontext['page_title'] = $txt['smf_installer'];
  125. // What step are we on?
  126. $incontext['current_step'] = isset($_GET['step']) ? (int) $_GET['step'] : 0;
  127. // Loop through all the steps doing each one as required.
  128. $incontext['overall_percent'] = 0;
  129. foreach ($incontext['steps'] as $num => $step)
  130. {
  131. if ($num >= $incontext['current_step'])
  132. {
  133. // The current weight of this step in terms of overall progress.
  134. $incontext['step_weight'] = $step[3];
  135. // Make sure we reset the skip button.
  136. $incontext['skip'] = false;
  137. // Call the step and if it returns false that means pause!
  138. if (function_exists($step[2]) && $step[2]() === false)
  139. break;
  140. elseif (function_exists($step[2]))
  141. $incontext['current_step']++;
  142. // No warnings pass on.
  143. $incontext['warning'] = '';
  144. }
  145. $incontext['overall_percent'] += $step[3];
  146. }
  147. // Actually do the template stuff.
  148. installExit();
  149. function initialize_inputs()
  150. {
  151. global $databases, $incontext;
  152. // Just so people using older versions of PHP aren't left in the cold.
  153. if (!isset($_SERVER['PHP_SELF']))
  154. $_SERVER['PHP_SELF'] = isset($GLOBALS['HTTP_SERVER_VARS']['PHP_SELF']) ? $GLOBALS['HTTP_SERVER_VARS']['PHP_SELF'] : 'install.php';
  155. // Turn off magic quotes runtime and enable error reporting.
  156. if (function_exists('set_magic_quotes_runtime'))
  157. @set_magic_quotes_runtime(0);
  158. error_reporting(E_ALL);
  159. // Fun. Low PHP version...
  160. if (!isset($_GET))
  161. {
  162. $GLOBALS['_GET']['step'] = 0;
  163. return;
  164. }
  165. if (!isset($_GET['obgz']))
  166. {
  167. ob_start();
  168. if (ini_get('session.save_handler') == 'user')
  169. @ini_set('session.save_handler', 'files');
  170. if (function_exists('session_start'))
  171. @session_start();
  172. }
  173. else
  174. {
  175. ob_start('ob_gzhandler');
  176. if (ini_get('session.save_handler') == 'user')
  177. @ini_set('session.save_handler', 'files');
  178. session_start();
  179. if (!headers_sent())
  180. echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
  181. <html xmlns="http://www.w3.org/1999/xhtml">
  182. <head>
  183. <title>', htmlspecialchars($_GET['pass_string']), '</title>
  184. </head>
  185. <body style="background-color: #d4d4d4; margin-top: 16%; text-align: center; font-size: 16pt;">
  186. <strong>', htmlspecialchars($_GET['pass_string']), '</strong>
  187. </body>
  188. </html>';
  189. exit;
  190. }
  191. // Are we calling the backup css file?
  192. if (isset($_GET['infile_css']))
  193. {
  194. header('Content-Type: text/css');
  195. template_css();
  196. exit;
  197. }
  198. // Anybody home?
  199. if (!isset($_GET['xml']))
  200. {
  201. $incontext['remote_files_available'] = false;
  202. $test = @fsockopen('www.simplemachines.org', 80, $errno, $errstr, 1);
  203. if ($test)
  204. $incontext['remote_files_available'] = true;
  205. @fclose($test);
  206. }
  207. // Add slashes, as long as they aren't already being added.
  208. if (!function_exists('get_magic_quotes_gpc') || @get_magic_quotes_gpc() == 0)
  209. foreach ($_POST as $k => $v)
  210. if (strpos($k, 'password') === false)
  211. $_POST[$k] = addslashes($v);
  212. // This is really quite simple; if ?delete is on the URL, delete the installer...
  213. if (isset($_GET['delete']))
  214. {
  215. if (isset($_SESSION['installer_temp_ftp']))
  216. {
  217. $ftp = new ftp_connection($_SESSION['installer_temp_ftp']['server'], $_SESSION['installer_temp_ftp']['port'], $_SESSION['installer_temp_ftp']['username'], $_SESSION['installer_temp_ftp']['password']);
  218. $ftp->chdir($_SESSION['installer_temp_ftp']['path']);
  219. $ftp->unlink('install.php');
  220. $ftp->unlink('webinstall.php');
  221. foreach ($databases as $key => $dummy)
  222. {
  223. $type = ($key == 'mysqli') ? 'mysql' : $key;
  224. $ftp->unlink('install_' . $GLOBALS['db_script_version'] . '_' . $type . '.sql');
  225. }
  226. $ftp->close();
  227. unset($_SESSION['installer_temp_ftp']);
  228. }
  229. else
  230. {
  231. @unlink(__FILE__);
  232. @unlink(dirname(__FILE__) . '/webinstall.php');
  233. foreach ($databases as $key => $dummy)
  234. {
  235. $type = ($key == 'mysqli') ? 'mysql' : $key;
  236. @unlink(dirname(__FILE__) . '/install_' . $GLOBALS['db_script_version'] . '_' . $type . '.sql');
  237. }
  238. }
  239. // Now just redirect to a blank.png...
  240. header('Location: http://' . (isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : $_SERVER['SERVER_NAME'] . ':' . $_SERVER['SERVER_PORT']) . dirname($_SERVER['PHP_SELF']) . '/Themes/default/images/blank.png');
  241. exit;
  242. }
  243. // PHP 5 might cry if we don't do this now.
  244. if (function_exists('date_default_timezone_set'))
  245. {
  246. $server_offset = @mktime(0, 0, 0, 1, 1, 1970);
  247. date_default_timezone_set('Etc/GMT' . ($server_offset > 0 ? '+' : '') . ($server_offset / 3600));
  248. }
  249. // Force an integer step, defaulting to 0.
  250. $_GET['step'] = (int) @$_GET['step'];
  251. }
  252. // Load the list of language files, and the current language file.
  253. function load_lang_file()
  254. {
  255. global $txt, $incontext;
  256. $incontext['detected_languages'] = array();
  257. // Make sure the languages directory actually exists.
  258. if (file_exists(dirname(__FILE__) . '/Themes/default/languages'))
  259. {
  260. // Find all the "Install" language files in the directory.
  261. $dir = dir(dirname(__FILE__) . '/Themes/default/languages');
  262. while ($entry = $dir->read())
  263. {
  264. if (substr($entry, 0, 8) == 'Install.' && substr($entry, -4) == '.php')
  265. $incontext['detected_languages'][$entry] = ucfirst(substr($entry, 8, strlen($entry) - 12));
  266. }
  267. $dir->close();
  268. }
  269. // Didn't find any, show an error message!
  270. if (empty($incontext['detected_languages']))
  271. {
  272. // Let's not cache this message, eh?
  273. header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
  274. header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
  275. header('Cache-Control: no-cache');
  276. echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
  277. <html xmlns="http://www.w3.org/1999/xhtml">
  278. <head>
  279. <title>SMF Installer: Error!</title>
  280. </head>
  281. <body style="font-family: sans-serif;"><div style="width: 600px;">
  282. <h1 style="font-size: 14pt;">A critical error has occurred.</h1>
  283. <p>This installer was unable to find the installer\'s language file or files. They should be found under:</p>
  284. <div style="margin: 1ex; font-family: monospace; font-weight: bold;">', dirname($_SERVER['PHP_SELF']) != '/' ? dirname($_SERVER['PHP_SELF']) : '', '/Themes/default/languages</div>
  285. <p>In some cases, FTP clients do not properly upload files with this many folders. Please double check to make sure you <span style="font-weight: 600;">have uploaded all the files in the distribution</span>.</p>
  286. <p>If that doesn\'t help, please make sure this install.php file is in the same place as the Themes folder.</p>
  287. <p>If you continue to get this error message, feel free to <a href="http://support.simplemachines.org/">look to us for support</a>.</p>
  288. </div></body>
  289. </html>';
  290. die;
  291. }
  292. // Override the language file?
  293. if (isset($_GET['lang_file']))
  294. $_SESSION['installer_temp_lang'] = $_GET['lang_file'];
  295. elseif (isset($GLOBALS['HTTP_GET_VARS']['lang_file']))
  296. $_SESSION['installer_temp_lang'] = $GLOBALS['HTTP_GET_VARS']['lang_file'];
  297. // Make sure it exists, if it doesn't reset it.
  298. if (!isset($_SESSION['installer_temp_lang']) || preg_match('~[^\\w_\\-.]~', $_SESSION['installer_temp_lang']) === 1 || !file_exists(dirname(__FILE__) . '/Themes/default/languages/' . $_SESSION['installer_temp_lang']))
  299. {
  300. // Use the first one...
  301. list ($_SESSION['installer_temp_lang']) = array_keys($incontext['detected_languages']);
  302. // If we have english and some other language, use the other language. We Americans hate english :P.
  303. if ($_SESSION['installer_temp_lang'] == 'Install.english.php' && count($incontext['detected_languages']) > 1)
  304. list (, $_SESSION['installer_temp_lang']) = array_keys($incontext['detected_languages']);
  305. }
  306. // And now include the actual language file itself.
  307. require_once(dirname(__FILE__) . '/Themes/default/languages/' . $_SESSION['installer_temp_lang']);
  308. }
  309. // This handy function loads some settings and the like.
  310. function load_database()
  311. {
  312. global $db_prefix, $db_connection, $db_character_set, $sourcedir, $language;
  313. global $smcFunc, $mbname, $scripturl, $boardurl, $modSettings, $db_type, $db_name, $db_user, $db_persist;
  314. if (empty($sourcedir))
  315. $sourcedir = dirname(__FILE__) . '/Sources';
  316. // Need this to check whether we need the database password.
  317. require(dirname(__FILE__) . '/Settings.php');
  318. if (!defined('SMF'))
  319. define('SMF', 1);
  320. if (empty($smcFunc))
  321. $smcFunc = array();
  322. $modSettings['disableQueryCheck'] = true;
  323. // Connect the database.
  324. if (!$db_connection)
  325. {
  326. require_once($sourcedir . '/Subs-Db-' . $db_type . '.php');
  327. if (version_compare(PHP_VERSION, '5', '<'))
  328. require_once($sourcedir . '/Subs-Compat.php');
  329. if (!$db_connection)
  330. $db_connection = smf_db_initiate($db_server, $db_name, $db_user, $db_passwd, $db_prefix, array('persist' => $db_persist));
  331. }
  332. }
  333. // This is called upon exiting the installer, for template etc.
  334. function installExit($fallThrough = false)
  335. {
  336. global $incontext, $installurl, $txt;
  337. // Send character set.
  338. header('Content-Type: text/html; charset=' . (isset($txt['lang_character_set']) ? $txt['lang_character_set'] : 'ISO-8859-1'));
  339. // We usually dump our templates out.
  340. if (!$fallThrough)
  341. {
  342. // The top install bit.
  343. template_install_above();
  344. // Call the template.
  345. if (isset($incontext['sub_template']))
  346. {
  347. $incontext['form_url'] = $installurl . '?step=' . $incontext['current_step'];
  348. call_user_func('template_' . $incontext['sub_template']);
  349. }
  350. // @todo REMOVE THIS!!
  351. else
  352. {
  353. if (function_exists('doStep' . $_GET['step']))
  354. call_user_func('doStep' . $_GET['step']);
  355. }
  356. // Show the footer.
  357. template_install_below();
  358. }
  359. // Bang - gone!
  360. die();
  361. }
  362. function Welcome()
  363. {
  364. global $incontext, $txt, $databases, $installurl;
  365. $incontext['page_title'] = $txt['install_welcome'];
  366. $incontext['sub_template'] = 'welcome_message';
  367. // Done the submission?
  368. if (isset($_POST['contbutt']))
  369. return true;
  370. // Check the PHP version.
  371. if ((!function_exists('version_compare') || version_compare($GLOBALS['required_php_version'], PHP_VERSION, '>')))
  372. {
  373. $incontext['warning'] = $txt['error_php_too_low'];
  374. }
  375. // See if we think they have already installed it?
  376. if (is_readable(dirname(__FILE__) . '/Settings.php'))
  377. {
  378. $probably_installed = 0;
  379. foreach (file(dirname(__FILE__) . '/Settings.php') as $line)
  380. {
  381. if (preg_match('~^\$db_passwd\s=\s\'([^\']+)\';$~', $line))
  382. $probably_installed++;
  383. if (preg_match('~^\$boardurl\s=\s\'([^\']+)\';~', $line) && !preg_match('~^\$boardurl\s=\s\'http://127\.0\.0\.1/smf\';~', $line))
  384. $probably_installed++;
  385. }
  386. if ($probably_installed == 2)
  387. $incontext['warning'] = $txt['error_already_installed'];
  388. }
  389. // Is some database support even compiled in?
  390. $incontext['supported_databases'] = array();
  391. foreach ($databases as $key => $db)
  392. {
  393. if ($db['supported'])
  394. {
  395. $type = ($key == 'mysqli') ? 'mysql' : $key;
  396. if (!file_exists(dirname(__FILE__) . '/install_' . $GLOBALS['db_script_version'] . '_' . $type . '.sql'))
  397. {
  398. $databases[$key]['supported'] = false;
  399. $notFoundSQLFile = true;
  400. $txt['error_db_script_missing'] = sprintf($txt['error_db_script_missing'], 'install_' . $GLOBALS['db_script_version'] . '_' . $type . '.sql');
  401. }
  402. else
  403. {
  404. $db_type = $key;
  405. $incontext['supported_databases'][] = $db;
  406. }
  407. }
  408. }
  409. if (empty($incontext['supported_databases']))
  410. $error = empty($notFoundSQLFile) ? 'error_db_missing' : 'error_db_script_missing';
  411. // How about session support? Some crazy sysadmin remove it?
  412. elseif (!function_exists('session_start'))
  413. $error = 'error_session_missing';
  414. // Make sure they uploaded all the files.
  415. elseif (!file_exists(dirname(__FILE__) . '/index.php'))
  416. $error = 'error_missing_files';
  417. // Very simple check on the session.save_path for Windows.
  418. // @todo Move this down later if they don't use database-driven sessions?
  419. elseif (@ini_get('session.save_path') == '/tmp' && substr(__FILE__, 1, 2) == ':\\')
  420. $error = 'error_session_save_path';
  421. // Since each of the three messages would look the same, anyway...
  422. if (isset($error))
  423. $incontext['error'] = $txt[$error];
  424. // Mod_security blocks everything that smells funny. Let SMF handle security.
  425. if (!fixModSecurity() && !isset($_GET['overmodsecurity']))
  426. $incontext['error'] = $txt['error_mod_security'] . '<br /><br /><a href="' . $installurl . '?overmodsecurity=true">' . $txt['error_message_click'] . '</a> ' . $txt['error_message_bad_try_again'];
  427. return false;
  428. }
  429. function CheckFilesWritable()
  430. {
  431. global $txt, $incontext;
  432. $incontext['page_title'] = $txt['ftp_checking_writable'];
  433. $incontext['sub_template'] = 'chmod_files';
  434. $writable_files = array(
  435. 'attachments',
  436. 'avatars',
  437. 'cache',
  438. 'Packages',
  439. 'Packages/installed.list',
  440. 'Smileys',
  441. 'Themes',
  442. 'agreement.txt',
  443. 'Settings.php',
  444. 'Settings_bak.php'
  445. );
  446. foreach ($incontext['detected_languages'] as $lang => $temp)
  447. $extra_files[] = 'Themes/default/languages/' . $lang;
  448. // With mod_security installed, we could attempt to fix it with .htaccess.
  449. if (function_exists('apache_get_modules') && in_array('mod_security', apache_get_modules()))
  450. $writable_files[] = file_exists(dirname(__FILE__) . '/.htaccess') ? '.htaccess' : '.';
  451. $failed_files = array();
  452. // On linux, it's easy - just use is_writable!
  453. if (substr(__FILE__, 1, 2) != ':\\')
  454. {
  455. foreach ($writable_files as $file)
  456. {
  457. if (!is_writable(dirname(__FILE__) . '/' . $file))
  458. {
  459. @chmod(dirname(__FILE__) . '/' . $file, 0755);
  460. // Well, 755 hopefully worked... if not, try 777.
  461. if (!is_writable(dirname(__FILE__) . '/' . $file) && !@chmod(dirname(__FILE__) . '/' . $file, 0777))
  462. $failed_files[] = $file;
  463. }
  464. }
  465. foreach ($extra_files as $file)
  466. @chmod(dirname(__FILE__) . (empty($file) ? '' : '/' . $file), 0777);
  467. }
  468. // Windows is trickier. Let's try opening for r+...
  469. else
  470. {
  471. foreach ($writable_files as $file)
  472. {
  473. // Folders can't be opened for write... but the index.php in them can ;)
  474. if (is_dir(dirname(__FILE__) . '/' . $file))
  475. $file .= '/index.php';
  476. // Funny enough, chmod actually does do something on windows - it removes the read only attribute.
  477. @chmod(dirname(__FILE__) . '/' . $file, 0777);
  478. $fp = @fopen(dirname(__FILE__) . '/' . $file, 'r+');
  479. // Hmm, okay, try just for write in that case...
  480. if (!is_resource($fp))
  481. $fp = @fopen(dirname(__FILE__) . '/' . $file, 'w');
  482. if (!is_resource($fp))
  483. $failed_files[] = $file;
  484. @fclose($fp);
  485. }
  486. foreach ($extra_files as $file)
  487. @chmod(dirname(__FILE__) . (empty($file) ? '' : '/' . $file), 0777);
  488. }
  489. $failure = count($failed_files) >= 1;
  490. if (!isset($_SERVER))
  491. return !$failure;
  492. // Put the list into context.
  493. $incontext['failed_files'] = $failed_files;
  494. // It's not going to be possible to use FTP on windows to solve the problem...
  495. if ($failure && substr(__FILE__, 1, 2) == ':\\')
  496. {
  497. $incontext['error'] = $txt['error_windows_chmod'] . '
  498. <ul style="margin: 2.5ex; font-family: monospace;">
  499. <li>' . implode('</li>
  500. <li>', $failed_files) . '</li>
  501. </ul>';
  502. return false;
  503. }
  504. // We're going to have to use... FTP!
  505. elseif ($failure)
  506. {
  507. // Load any session data we might have...
  508. if (!isset($_POST['ftp_username']) && isset($_SESSION['installer_temp_ftp']))
  509. {
  510. $_POST['ftp_server'] = $_SESSION['installer_temp_ftp']['server'];
  511. $_POST['ftp_port'] = $_SESSION['installer_temp_ftp']['port'];
  512. $_POST['ftp_username'] = $_SESSION['installer_temp_ftp']['username'];
  513. $_POST['ftp_password'] = $_SESSION['installer_temp_ftp']['password'];
  514. $_POST['ftp_path'] = $_SESSION['installer_temp_ftp']['path'];
  515. }
  516. $incontext['ftp_errors'] = array();
  517. if (isset($_POST['ftp_username']))
  518. {
  519. $ftp = new ftp_connection($_POST['ftp_server'], $_POST['ftp_port'], $_POST['ftp_username'], $_POST['ftp_password']);
  520. if ($ftp->error === false)
  521. {
  522. // Try it without /home/abc just in case they messed up.
  523. if (!$ftp->chdir($_POST['ftp_path']))
  524. {
  525. $incontext['ftp_errors'][] = $ftp->last_message;
  526. $ftp->chdir(preg_replace('~^/home[2]?/[^/]+?~', '', $_POST['ftp_path']));
  527. }
  528. }
  529. }
  530. if (!isset($ftp) || $ftp->error !== false)
  531. {
  532. if (!isset($ftp))
  533. $ftp = new ftp_connection(null);
  534. // Save the error so we can mess with listing...
  535. elseif ($ftp->error !== false && empty($incontext['ftp_errors']) && !empty($ftp->last_message))
  536. $incontext['ftp_errors'][] = $ftp->last_message;
  537. list ($username, $detect_path, $found_path) = $ftp->detect_path(dirname(__FILE__));
  538. if (empty($_POST['ftp_path']) && $found_path)
  539. $_POST['ftp_path'] = $detect_path;
  540. if (!isset($_POST['ftp_username']))
  541. $_POST['ftp_username'] = $username;
  542. // Set the username etc, into context.
  543. $incontext['ftp'] = array(
  544. 'server' => isset($_POST['ftp_server']) ? $_POST['ftp_server'] : 'localhost',
  545. 'port' => isset($_POST['ftp_port']) ? $_POST['ftp_port'] : '21',
  546. 'username' => isset($_POST['ftp_username']) ? $_POST['ftp_username'] : '',
  547. 'path' => isset($_POST['ftp_path']) ? $_POST['ftp_path'] : '/',
  548. 'path_msg' => !empty($found_path) ? $txt['ftp_path_found_info'] : $txt['ftp_path_info'],
  549. );
  550. return false;
  551. }
  552. else
  553. {
  554. $_SESSION['installer_temp_ftp'] = array(
  555. 'server' => $_POST['ftp_server'],
  556. 'port' => $_POST['ftp_port'],
  557. 'username' => $_POST['ftp_username'],
  558. 'password' => $_POST['ftp_password'],
  559. 'path' => $_POST['ftp_path']
  560. );
  561. $failed_files_updated = array();
  562. foreach ($failed_files as $file)
  563. {
  564. if (!is_writable(dirname(__FILE__) . '/' . $file))
  565. $ftp->chmod($file, 0755);
  566. if (!is_writable(dirname(__FILE__) . '/' . $file))
  567. $ftp->chmod($file, 0777);
  568. if (!is_writable(dirname(__FILE__) . '/' . $file))
  569. {
  570. $failed_files_updated[] = $file;
  571. $incontext['ftp_errors'][] = rtrim($ftp->last_message) . ' -> ' . $file . "\n";
  572. }
  573. }
  574. $ftp->close();
  575. // Are there any errors left?
  576. if (count($failed_files_updated) >= 1)
  577. {
  578. // Guess there are...
  579. $incontext['failed_files'] = $failed_files_updated;
  580. // Set the username etc, into context.
  581. $incontext['ftp'] = $_SESSION['installer_temp_ftp'] += array(
  582. 'path_msg' => $txt['ftp_path_info'],
  583. );
  584. return false;
  585. }
  586. }
  587. }
  588. return true;
  589. }
  590. function DatabaseSettings()
  591. {
  592. global $txt, $databases, $incontext, $smcFunc, $sourcedir;
  593. $incontext['sub_template'] = 'database_settings';
  594. $incontext['page_title'] = $txt['db_settings'];
  595. $incontext['continue'] = 1;
  596. // Set up the defaults.
  597. $incontext['db']['server'] = 'localhost';
  598. $incontext['db']['user'] = '';
  599. $incontext['db']['name'] = '';
  600. $incontext['db']['pass'] = '';
  601. $incontext['db']['type'] = '';
  602. $incontext['supported_databases'] = array();
  603. $foundOne = false;
  604. foreach ($databases as $key => $db)
  605. {
  606. // Override with the defaults for this DB if appropriate.
  607. if ($db['supported'])
  608. {
  609. $incontext['supported_databases'][$key] = $db;
  610. if (!$foundOne)
  611. {
  612. if (isset($db['default_host']))
  613. $incontext['db']['server'] = ini_get($db['default_host']) or $incontext['db']['server'] = 'localhost';
  614. if (isset($db['default_user']))
  615. {
  616. $incontext['db']['user'] = ini_get($db['default_user']);
  617. $incontext['db']['name'] = ini_get($db['default_user']);
  618. }
  619. if (isset($db['default_password']))
  620. $incontext['db']['pass'] = ini_get($db['default_password']);
  621. if (isset($db['default_port']))
  622. $db_port = ini_get($db['default_port']);
  623. $incontext['db']['type'] = $key;
  624. $foundOne = true;
  625. }
  626. }
  627. }
  628. // Override for repost.
  629. if (isset($_POST['db_user']))
  630. {
  631. $incontext['db']['user'] = $_POST['db_user'];
  632. $incontext['db']['name'] = $_POST['db_type'] == 'sqlite' && isset($_POST['db_filename']) ? $_POST['db_filename'] : $_POST['db_name'];
  633. $incontext['db']['server'] = $_POST['db_server'];
  634. $incontext['db']['prefix'] = $_POST['db_prefix'];
  635. }
  636. else
  637. {
  638. $incontext['db']['prefix'] = 'smf_';
  639. // Should we use a non standard port?
  640. if (!empty($db_port))
  641. $incontext['db']['server'] .= ':' . $db_port;
  642. }
  643. // Are we submitting?
  644. if (isset($_POST['db_type']))
  645. {
  646. if (isset($_POST['db_filename']))
  647. {
  648. // You better enter enter a database name for SQLite.
  649. if (trim($_POST['db_filename']) == '')
  650. {
  651. $incontext['error'] = $txt['error_db_filename'];
  652. return false;
  653. }
  654. // Duplicate name in the same dir? Can't do that with SQLite. Weird things happen.
  655. if (file_exists($_POST['db_filename'] . (substr($_POST['db_filename'], -3) != '.db' ? '.db' : '')))
  656. {
  657. $incontext['error'] = $txt['error_db_filename_exists'];
  658. return false;
  659. }
  660. }
  661. // What type are they trying?
  662. $db_type = preg_replace('~[^A-Za-z0-9]~', '', $_POST['db_type']);
  663. $db_prefix = $_POST['db_prefix'];
  664. // Validate the prefix.
  665. $valid_prefix = $databases[$db_type]['validate_prefix']($db_prefix);
  666. if ($valid_prefix !== true)
  667. {
  668. $incontext['error'] = $valid_prefix;
  669. return false;
  670. }
  671. // Take care of these variables...
  672. $vars = array(
  673. 'db_type' => $db_type,
  674. 'db_name' => $_POST['db_type'] == 'sqlite' && isset($_POST['db_filename']) ? $_POST['db_filename'] : $_POST['db_name'],
  675. 'db_user' => $_POST['db_user'],
  676. 'db_passwd' => isset($_POST['db_passwd']) ? $_POST['db_passwd'] : '',
  677. 'db_server' => $_POST['db_server'],
  678. 'db_prefix' => $db_prefix,
  679. // The cookiename is special; we want it to be the same if it ever needs to be reinstalled with the same info.
  680. 'cookiename' => 'SMFCookie' . abs(crc32($_POST['db_name'] . preg_replace('~[^A-Za-z0-9_$]~', '', $_POST['db_prefix'])) % 1000),
  681. );
  682. // God I hope it saved!
  683. if (!updateSettingsFile($vars) && substr(__FILE__, 1, 2) == ':\\')
  684. {
  685. $incontext['error'] = $txt['error_windows_chmod'];
  686. return false;
  687. }
  688. // Make sure it works.
  689. require(dirname(__FILE__) . '/Settings.php');
  690. if (empty($sourcedir))
  691. $sourcedir = dirname(__FILE__) . '/Sources';
  692. // Better find the database file!
  693. if (!file_exists($sourcedir . '/Subs-Db-' . $db_type . '.php'))
  694. {
  695. $incontext['error'] = sprintf($txt['error_db_file'], 'Subs-Db-' . $db_type . '.php');
  696. return false;
  697. }
  698. // Now include it for database functions!
  699. define('SMF', 1);
  700. $modSettings['disableQueryCheck'] = true;
  701. if (empty($smcFunc))
  702. $smcFunc = array();
  703. require_once($sourcedir . '/Subs-Db-' . $db_type . '.php');
  704. // What - running PHP4? The shame!
  705. if (version_compare(PHP_VERSION, '5', '<'))
  706. require_once($sourcedir . '/Subs-Compat.php');
  707. // Attempt a connection.
  708. $needsDB = !empty($databases[$db_type]['always_has_db']);
  709. $db_connection = smf_db_initiate($db_server, $db_name, $db_user, $db_passwd, $db_prefix, array('non_fatal' => true, 'dont_select_db' => !$needsDB));
  710. // No dice? Let's try adding the prefix they specified, just in case they misread the instructions ;)
  711. if ($db_connection == null)
  712. {
  713. $db_error = @$smcFunc['db_error']();
  714. $db_connection = smf_db_initiate($db_server, $db_name, $_POST['db_prefix'] . $db_user, $db_passwd, $db_prefix, array('non_fatal' => true, 'dont_select_db' => !$needsDB));
  715. if ($db_connection != null)
  716. {
  717. $db_user = $_POST['db_prefix'] . $db_user;
  718. updateSettingsFile(array('db_user' => $db_user));
  719. }
  720. }
  721. // Still no connection? Big fat error message :P.
  722. if (!$db_connection)
  723. {
  724. $incontext['error'] = $txt['error_db_connect'] . '<div style="margin: 2.5ex; font-family: monospace;"><strong>' . $db_error . '</strong></div>';
  725. return false;
  726. }
  727. // Do they meet the install requirements?
  728. // @todo Old client, new server?
  729. if (version_compare($databases[$db_type]['version'], preg_replace('~^\D*|\-.+?$~', '', eval($databases[$db_type]['version_check']))) > 0)
  730. {
  731. $incontext['error'] = $txt['error_db_too_low'];
  732. return false;
  733. }
  734. // Let's try that database on for size... assuming we haven't already lost the opportunity.
  735. if ($db_name != '' && !$needsDB)
  736. {
  737. $smcFunc['db_query']('', "
  738. CREATE DATABASE IF NOT EXISTS `$db_name`",
  739. array(
  740. 'security_override' => true,
  741. 'db_error_skip' => true,
  742. ),
  743. $db_connection
  744. );
  745. // Okay, let's try the prefix if it didn't work...
  746. if (!$smcFunc['db_select_db']($db_name, $db_connection) && $db_name != '')
  747. {
  748. $smcFunc['db_query']('', "
  749. CREATE DATABASE IF NOT EXISTS `$_POST[db_prefix]$db_name`",
  750. array(
  751. 'security_override' => true,
  752. 'db_error_skip' => true,
  753. ),
  754. $db_connection
  755. );
  756. if ($smcFunc['db_select_db']($_POST['db_prefix'] . $db_name, $db_connection))
  757. {
  758. $db_name = $_POST['db_prefix'] . $db_name;
  759. updateSettingsFile(array('db_name' => $db_name));
  760. }
  761. }
  762. // Okay, now let's try to connect...
  763. if (!$smcFunc['db_select_db']($db_name, $db_connection))
  764. {
  765. $incontext['error'] = sprintf($txt['error_db_database'], $db_name);
  766. return false;
  767. }
  768. }
  769. return true;
  770. }
  771. return false;
  772. }
  773. // Let's start with basic forum type settings.
  774. function ForumSettings()
  775. {
  776. global $txt, $incontext, $databases, $smcFunc, $db_connection, $db_type;
  777. $incontext['sub_template'] = 'forum_settings';
  778. $incontext['page_title'] = $txt['install_settings'];
  779. // Let's see if we got the database type correct.
  780. if (isset($_POST['db_type'], $databases[$_POST['db_type']]))
  781. $db_type = $_POST['db_type'];
  782. // Else we'd better be able to get the connection.
  783. else
  784. load_database();
  785. $db_type = isset($_POST['db_type']) ? $_POST['db_type'] : $db_type;
  786. // What host and port are we on?
  787. $host = empty($_SERVER['HTTP_HOST']) ? $_SERVER['SERVER_NAME'] . (empty($_SERVER['SERVER_PORT']) || $_SERVER['SERVER_PORT'] == '80' ? '' : ':' . $_SERVER['SERVER_PORT']) : $_SERVER['HTTP_HOST'];
  788. // Now, to put what we've learned together... and add a path.
  789. $incontext['detected_url'] = 'http' . (!empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on' ? 's' : '') . '://' . $host . substr($_SERVER['PHP_SELF'], 0, strrpos($_SERVER['PHP_SELF'], '/'));
  790. // Check if the database sessions will even work.
  791. $incontext['test_dbsession'] = ini_get('session.auto_start') != 1;
  792. $incontext['utf8_default'] = $databases[$db_type]['utf8_default'];
  793. $incontext['utf8_required'] = $databases[$db_type]['utf8_required'];
  794. $incontext['continue'] = 1;
  795. // Submitting?
  796. if (isset($_POST['boardurl']))
  797. {
  798. if (substr($_POST['boardurl'], -10) == '/index.php')
  799. $_POST['boardurl'] = substr($_POST['boardurl'], 0, -10);
  800. elseif (substr($_POST['boardurl'], -1) == '/')
  801. $_POST['boardurl'] = substr($_POST['boardurl'], 0, -1);
  802. if (substr($_POST['boardurl'], 0, 7) != 'http://' && substr($_POST['boardurl'], 0, 7) != 'file://' && substr($_POST['boardurl'], 0, 8) != 'https://')
  803. $_POST['boardurl'] = 'http://' . $_POST['boardurl'];
  804. // Save these variables.
  805. $vars = array(
  806. 'boardurl' => $_POST['boardurl'],
  807. 'boarddir' => addslashes(dirname(__FILE__)),
  808. 'sourcedir' => addslashes(dirname(__FILE__)) . '/Sources',
  809. 'cachedir' => addslashes(dirname(__FILE__)) . '/cache',
  810. 'mbname' => strtr($_POST['mbname'], array('\"' => '"')),
  811. 'language' => substr($_SESSION['installer_temp_lang'], 8, -4),
  812. );
  813. // Must save!
  814. if (!updateSettingsFile($vars) && substr(__FILE__, 1, 2) == ':\\')
  815. {
  816. $incontext['error'] = $txt['error_windows_chmod'];
  817. return false;
  818. }
  819. // Make sure it works.
  820. require(dirname(__FILE__) . '/Settings.php');
  821. // UTF-8 requires a setting to override the language charset.
  822. if ((!empty($databases[$db_type]['utf8_support']) && !empty($databases[$db_type]['utf8_required'])) || (empty($databases[$db_type]['utf8_required']) && !empty($databases[$db_type]['utf8_support']) && isset($_POST['utf8'])))
  823. {
  824. if (!empty($databases[$db_type]['utf8_version_check']) && version_compare($databases[$db_type]['utf8_version'], preg_replace('~\-.+?$~', '', eval($databases[$db_type]['utf8_version_check'])), '>'))
  825. {
  826. $incontext['error'] = sprintf($txt['error_utf8_version'], $databases[$db_type]['utf8_version']);
  827. return false;
  828. }
  829. else
  830. // Set the character set here.
  831. updateSettingsFile(array('db_character_set' => 'utf8'));
  832. }
  833. // Good, skip on.
  834. return true;
  835. }
  836. return false;
  837. }
  838. // Step one: Do the SQL thang.
  839. function DatabasePopulation()
  840. {
  841. global $db_character_set, $txt, $db_connection, $smcFunc, $databases, $modSettings, $db_type, $sourcedir, $db_prefix, $incontext, $db_name, $boardurl;
  842. $incontext['sub_template'] = 'populate_database';
  843. $incontext['page_title'] = $txt['db_populate'];
  844. $incontext['continue'] = 1;
  845. // Already done?
  846. if (isset($_POST['pop_done']))
  847. return true;
  848. // Reload settings.
  849. require(dirname(__FILE__) . '/Settings.php');
  850. load_database();
  851. // Before running any of the queries, let's make sure another version isn't already installed.
  852. $result = $smcFunc['db_query']('', '
  853. SELECT variable, value
  854. FROM {db_prefix}settings',
  855. array(
  856. 'db_error_skip' => true,
  857. )
  858. );
  859. $modSettings = array();
  860. if ($result !== false)
  861. {
  862. while ($row = $smcFunc['db_fetch_assoc']($result))
  863. $modSettings[$row['variable']] = $row['value'];
  864. $smcFunc['db_free_result']($result);
  865. // Do they match? If so, this is just a refresh so charge on!
  866. if (!isset($modSettings['smfVersion']) || $modSettings['smfVersion'] != $GLOBALS['current_smf_version'])
  867. {
  868. $incontext['error'] = $txt['error_versions_do_not_match'];
  869. return false;
  870. }
  871. }
  872. $modSettings['disableQueryCheck'] = true;
  873. // If doing UTF8, select it. PostgreSQL requires passing it as a string...
  874. if (!empty($db_character_set) && $db_character_set == 'utf8' && !empty($databases[$db_type]['utf8_support']))
  875. $smcFunc['db_query']('', '
  876. SET NAMES {'. ($db_type == 'postgresql' ? 'string' : 'raw') . ':utf8}',
  877. array(
  878. 'db_error_skip' => true,
  879. 'utf8' => 'utf8',
  880. )
  881. );
  882. $replaces = array(
  883. '{$db_prefix}' => $db_prefix,
  884. '{$boarddir}' => $smcFunc['db_escape_string'](dirname(__FILE__)),
  885. '{$boardurl}' => $boardurl,
  886. '{$enableCompressedOutput}' => isset($_POST['compress']) ? '1' : '0',
  887. '{$databaseSession_enable}' => isset($_POST['dbsession']) ? '1' : '0',
  888. '{$smf_version}' => $GLOBALS['current_smf_version'],
  889. '{$current_time}' => time(),
  890. '{$sched_task_offset}' => 82800 + mt_rand(0, 86399),
  891. '{$registration_method}' => isset($_POST['reg_mode']) ? $_POST['reg_mode'] : 0,
  892. );
  893. foreach ($txt as $key => $value)
  894. {
  895. if (substr($key, 0, 8) == 'default_')
  896. $replaces['{$' . $key . '}'] = $smcFunc['db_escape_string']($value);
  897. }
  898. $replaces['{$default_reserved_names}'] = strtr($replaces['{$default_reserved_names}'], array('\\\\n' => '\\n'));
  899. // If the UTF-8 setting was enabled, add it to the table definitions.
  900. if (empty($databases[$db_type]['utf8_required']) && isset($_POST['utf8']) && !empty($databases[$db_type]['utf8_support']))
  901. $replaces[') ENGINE=MyISAM;'] = ') ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_general_ci;';
  902. // Read in the SQL. Turn this on and that off... internationalize... etc.
  903. $type = ($db_type == 'mysqli') ? 'mysql' : $db_type;
  904. $sql_lines = explode("\n", strtr(implode(' ', file(dirname(__FILE__) . '/install_' . $GLOBALS['db_script_version'] . '_' . $type . '.sql')), $replaces));
  905. // Execute the SQL.
  906. $current_statement = '';
  907. $exists = array();
  908. $incontext['failures'] = array();
  909. $incontext['sql_results'] = array(
  910. 'tables' => 0,
  911. 'inserts' => 0,
  912. 'table_dups' => 0,
  913. 'insert_dups' => 0,
  914. );
  915. foreach ($sql_lines as $count => $line)
  916. {
  917. // No comments allowed!
  918. if (substr(trim($line), 0, 1) != '#')
  919. $current_statement .= "\n" . rtrim($line);
  920. // Is this the end of the query string?
  921. if (empty($current_statement) || (preg_match('~;[\s]*$~s', $line) == 0 && $count != count($sql_lines)))
  922. continue;
  923. // Does this table already exist? If so, don't insert more data into it!
  924. if (preg_match('~^\s*INSERT INTO ([^\s\n\r]+?)~', $current_statement, $match) != 0 && in_array($match[1], $exists))
  925. {
  926. $incontext['sql_results']['insert_dups']++;
  927. $current_statement = '';
  928. continue;
  929. }
  930. if ($smcFunc['db_query']('', $current_statement, array('security_override' => true, 'db_error_skip' => true), $db_connection) === false)
  931. {
  932. // Use the appropriate function based on the DB type
  933. if ($db_type == 'mysql' || $db_type =='mysqli')
  934. $db_errorno = $db_type . '_errno';
  935. // Error 1050: Table already exists!
  936. // @todo Needs to be made better!
  937. if ((($db_type != 'mysql' && $db_type != 'mysqli') || $db_errno($db_connection) == 1050) && preg_match('~^\s*CREATE TABLE ([^\s\n\r]+?)~', $current_statement, $match) == 1)
  938. {
  939. $exists[] = $match[1];
  940. $incontext['sql_results']['table_dups']++;
  941. }
  942. // Don't error on duplicate indexes (or duplicate operators in PostgreSQL.)
  943. elseif (!preg_match('~^\s*CREATE( UNIQUE)? INDEX ([^\n\r]+?)~', $current_statement, $match) && !($db_type == 'postgresql' && preg_match('~^\s*CREATE OPERATOR (^\n\r]+?)~', $current_statement, $match)))
  944. {
  945. // MySQLi requires a connection object. It's optional with MySQL, Postgres and sqlite
  946. $incontext['failures'][$count] = $smcFunc['db_error']($db_connection);
  947. }
  948. }
  949. else
  950. {
  951. if (preg_match('~^\s*CREATE TABLE ([^\s\n\r]+?)~', $current_statement, $match) == 1)
  952. $incontext['sql_results']['tables']++;
  953. else
  954. {
  955. preg_match_all('~\)[,;]~', $current_statement, $matches);
  956. if (!empty($matches[0]))
  957. $incontext['sql_results']['inserts'] += count($matches[0]);
  958. else
  959. $incontext['sql_results']['inserts']++;
  960. }
  961. }
  962. $current_statement = '';
  963. }
  964. // Sort out the context for the SQL.
  965. foreach ($incontext['sql_results'] as $key => $number)
  966. {
  967. if ($number == 0)
  968. unset($incontext['sql_results'][$key]);
  969. else
  970. $incontext['sql_results'][$key] = sprintf($txt['db_populate_' . $key], $number);
  971. }
  972. // Make sure UTF will be used globally.
  973. if ((!empty($databases[$db_type]['utf8_support']) && !empty($databases[$db_type]['utf8_required'])) || (empty($databases[$db_type]['utf8_required']) && !empty($databases[$db_type]['utf8_support']) && isset($_POST['utf8'])))
  974. $smcFunc['db_insert']('replace',
  975. $db_prefix . 'settings',
  976. array(
  977. 'variable' => 'string-255', 'value' => 'string-65534',
  978. ),
  979. array(
  980. 'global_character_set', 'UTF-8',
  981. ),
  982. array('variable')
  983. );
  984. // Maybe we can auto-detect better cookie settings?
  985. preg_match('~^http[s]?://([^\.]+?)([^/]*?)(/.*)?$~', $boardurl, $matches);
  986. if (!empty($matches))
  987. {
  988. // Default = both off.
  989. $localCookies = false;
  990. $globalCookies = false;
  991. // Okay... let's see. Using a subdomain other than www.? (not a perfect check.)
  992. if ($matches[2] != '' && (strpos(substr($matches[2], 1), '.') === false || in_array($matches[1], array('forum', 'board', 'community', 'forums', 'support', 'chat', 'help', 'talk', 'boards', 'www'))))
  993. $globalCookies = true;
  994. // If there's a / in the middle of the path, or it starts with ~... we want local.
  995. if (isset($matches[3]) && strlen($matches[3]) > 3 && (substr($matches[3], 0, 2) == '/~' || strpos(substr($matches[3], 1), '/') !== false))
  996. $localCookies = true;
  997. if ($globalCookies)
  998. $rows[] = array('globalCookies', '1');
  999. if ($localCookies)
  1000. $rows[] = array('localCookies', '1');
  1001. if (!empty($rows))
  1002. {
  1003. $smcFunc['db_insert']('replace',
  1004. $db_prefix . 'settings',
  1005. array('variable' => 'string-255', 'value' => 'string-65534'),
  1006. $rows,
  1007. array('variable')
  1008. );
  1009. }
  1010. }
  1011. // Are we allowing stat collection?
  1012. if (isset($_POST['stats']) && strpos($_POST['boardurl'], 'http://localhost') !== 0)
  1013. {
  1014. // Attempt to register the site etc.
  1015. $fp = @fsockopen("www.simplemachines.org", 80, $errno, $errstr);
  1016. if ($fp)
  1017. {
  1018. $out = "GET /smf/stats/register_stats.php?site=" . base64_encode($_POST['boardurl']) . " HTTP/1.1\r\n";
  1019. $out .= "Host: www.simplemachines.org\r\n";
  1020. $out .= "Connection: Close\r\n\r\n";
  1021. fwrite($fp, $out);
  1022. $return_data = '';
  1023. while (!feof($fp))
  1024. $return_data .= fgets($fp, 128);
  1025. fclose($fp);
  1026. // Get the unique site ID.
  1027. preg_match('~SITE-ID:\s(\w{10})~', $return_data, $ID);
  1028. if (!empty($ID[1]))
  1029. $smcFunc['db_insert']('',
  1030. $db_prefix . 'settings',
  1031. array(
  1032. 'variable' => 'string-255', 'value' => 'string-65534',
  1033. ),
  1034. array(
  1035. 'allow_sm_stats', $ID[1],
  1036. ),
  1037. array('variable')
  1038. );
  1039. }
  1040. }
  1041. // As of PHP 5.1, setting a timezone is required.
  1042. if (!isset($modSettings['default_timezone']) && function_exists('date_default_timezone_set'))
  1043. {
  1044. $server_offset = mktime(0, 0, 0, 1, 1, 1970);
  1045. $timezone_id = 'Etc/GMT' . ($server_offset > 0 ? '+' : '') . ($server_offset / 3600);
  1046. if (date_default_timezone_set($timezone_id))
  1047. $smcFunc['db_insert']('',
  1048. $db_prefix . 'settings',
  1049. array(
  1050. 'variable' => 'string-255', 'value' => 'string-65534',
  1051. ),
  1052. array(
  1053. 'default_timezone', $timezone_id,
  1054. ),
  1055. array('variable')
  1056. );
  1057. }
  1058. // Let's optimize those new tables.
  1059. db_extend();
  1060. $tables = $smcFunc['db_list_tables']($db_name, $db_prefix . '%');
  1061. foreach ($tables as $table)
  1062. {
  1063. $smcFunc['db_optimize_table']($table) != -1 or $db_messed = true;
  1064. // Optimizing one sqlite table, optimizes them all
  1065. if ($db_type == 'sqlite')
  1066. break;
  1067. if (!empty($db_messed))
  1068. {
  1069. $incontext['failures'][-1] = $smcFunc['db_error']();
  1070. break;
  1071. }
  1072. }
  1073. // Check for the ALTER privilege.
  1074. if (!empty($databases[$db_type]['alter_support']) && $smcFunc['db_query']('', "ALTER TABLE {$db_prefix}boards ORDER BY id_board", array('security_override' => true, 'db_error_skip' => true)) === false)
  1075. {
  1076. $incontext['error'] = $txt['error_db_alter_priv'];
  1077. return false;
  1078. }
  1079. if (!empty($exists))
  1080. {
  1081. $incontext['page_title'] = $txt['user_refresh_install'];
  1082. $incontext['was_refresh'] = true;
  1083. }
  1084. return false;
  1085. }
  1086. // Ask for the administrator login information.
  1087. function AdminAccount()
  1088. {
  1089. global $txt, $db_type, $db_connection, $databases, $smcFunc, $incontext, $db_prefix, $db_passwd, $sourcedir;
  1090. $incontext['sub_template'] = 'admin_account';
  1091. $incontext['page_title'] = $txt['user_settings'];
  1092. $incontext['continue'] = 1;
  1093. // Skipping?
  1094. if (!empty($_POST['skip']))
  1095. return true;
  1096. // Need this to check whether we need the database password.
  1097. require(dirname(__FILE__) . '/Settings.php');
  1098. load_database();
  1099. // Define the sha1 function, if it doesn't exist.
  1100. if (!function_exists('sha1') || version_compare(PHP_VERSION, '5', '<'))
  1101. require_once($sourcedir . '/Subs-Compat.php');
  1102. if (!isset($_POST['username']))
  1103. $_POST['username'] = '';
  1104. if (!isset($_POST['email']))
  1105. $_POST['email'] = '';
  1106. $incontext['username'] = htmlspecialchars(stripslashes($_POST['username']));
  1107. $incontext['email'] = htmlspecialchars(stripslashes($_POST['email']));
  1108. $incontext['require_db_confirm'] = empty($db_type) || $db_type != 'sqlite';
  1109. // Only allow skipping if we think they already have an account setup.
  1110. $request = $smcFunc['db_query']('', '
  1111. SELECT id_member
  1112. FROM {db_prefix}members
  1113. WHERE id_group = {int:admin_group} OR FIND_IN_SET({int:admin_group}, additional_groups) != 0
  1114. LIMIT 1',
  1115. array(
  1116. 'db_error_skip' => true,
  1117. 'admin_group' => 1,
  1118. )
  1119. );
  1120. if ($smcFunc['db_num_rows']($request) != 0)
  1121. $incontext['skip'] = 1;
  1122. $smcFunc['db_free_result']($request);
  1123. // Trying to create an account?
  1124. if (isset($_POST['password1']) && !empty($_POST['contbutt']))
  1125. {
  1126. // Wrong password?
  1127. if ($incontext['require_db_confirm'] && $_POST['password3'] != $db_passwd)
  1128. {
  1129. $incontext['error'] = $txt['error_db_connect'];
  1130. return false;
  1131. }
  1132. // Not matching passwords?
  1133. if ($_POST['password1'] != $_POST['password2'])
  1134. {
  1135. $incontext['error'] = $txt['error_user_settings_again_match'];
  1136. return false;
  1137. }
  1138. // No password?
  1139. if (strlen($_POST['password1']) < 4)
  1140. {
  1141. $incontext['error'] = $txt['error_user_settings_no_password'];
  1142. return false;
  1143. }
  1144. if (!file_exists($sourcedir . '/Subs.php'))
  1145. {
  1146. $incontext['error'] = $txt['error_subs_missing'];
  1147. return false;
  1148. }
  1149. // Update the main contact email?
  1150. if (!empty($_POST['email']) && (empty($webmaster_email) || $webmaster_email == '[email protected]'))
  1151. updateSettingsFile(array('webmaster_email' => $_POST['email']));
  1152. // Work out whether we're going to have dodgy characters and remove them.
  1153. $invalid_characters = preg_match('~[<>&"\'=\\\]~', $_POST['username']) != 0;
  1154. $_POST['username'] = preg_replace('~[<>&"\'=\\\]~', '', $_POST['username']);
  1155. $result = $smcFunc['db_query']('', '
  1156. SELECT id_member, password_salt
  1157. FROM {db_prefix}members
  1158. WHERE member_name = {string:username} OR email_address = {string:email}
  1159. LIMIT 1',
  1160. array(
  1161. 'username' => stripslashes($_POST['username']),
  1162. 'email' => stripslashes($_POST['email']),
  1163. 'db_error_skip' => true,
  1164. )
  1165. );
  1166. if ($smcFunc['db_num_rows']($result) != 0)
  1167. {
  1168. list ($incontext['member_id'], $incontext['member_salt']) = $smcFunc['db_fetch_row']($result);
  1169. $smcFunc['db_free_result']($result);
  1170. $incontext['account_existed'] = $txt['error_user_settings_taken'];
  1171. }
  1172. elseif ($_POST['username'] == '' || strlen($_POST['username']) > 25)
  1173. {
  1174. // Try the previous step again.
  1175. $incontext['error'] = $_POST['username'] == '' ? $txt['error_username_left_empty'] : $txt['error_username_too_long'];
  1176. return false;
  1177. }
  1178. elseif ($invalid_characters || $_POST['username'] == '_' || $_POST['username'] == '|' || strpos($_POST['username'], '[code') !== false || strpos($_POST['username'], '[/code') !== false)
  1179. {
  1180. // Try the previous step again.
  1181. $incontext['error'] = $txt['error_invalid_characters_username'];
  1182. return false;
  1183. }
  1184. elseif (empty($_POST['email']) || preg_match('~^[0-9A-Za-z=_+\-/][0-9A-Za-z=_\'+\-/\.]*@[\w\-]+(\.[\w\-]+)*(\.[\w]{2,6})$~', stripslashes($_POST['email'])) === 0 || strlen(stripslashes($_POST['email'])) > 255)
  1185. {
  1186. // One step back, this time fill out a proper email address.
  1187. $incontext['error'] = sprintf($txt['error_valid_email_needed'], $_POST['username']);
  1188. return false;
  1189. }
  1190. elseif ($_POST['username'] != '')
  1191. {
  1192. $incontext['member_salt'] = substr(md5(mt_rand()), 0, 4);
  1193. // Format the username properly.
  1194. $_POST['username'] = preg_replace('~[\t\n\r\x0B\0\xA0]+~', ' ', $_POST['username']);
  1195. $ip = isset($_SERVER['REMOTE_ADDR']) ? substr($_SERVER['REMOTE_ADDR'], 0, 255) : '';
  1196. $request = $smcFunc['db_insert']('',
  1197. $db_prefix . 'members',
  1198. array(
  1199. 'member_name' => 'string-25', 'real_name' => 'string-25', 'passwd' => 'string', 'email_address' => 'string',
  1200. 'id_group' => 'int', 'posts' => 'int', 'date_registered' => 'int', 'hide_email' => 'int',
  1201. 'password_salt' => 'string', 'lngfile' => 'string', 'personal_text' => 'string', 'avatar' => 'string',
  1202. 'member_ip' => 'string', 'member_ip2' => 'string', 'buddy_list' => 'string', 'pm_ignore_list' => 'string',
  1203. 'message_labels' => 'string', 'website_title' => 'string', 'website_url' => 'string', 'location' => 'string',
  1204. 'aim' => 'string', 'icq' => 'string', 'skype' => 'string', 'signature' => 'string', 'usertitle' => 'string', 'secret_question' => 'string',
  1205. 'additional_groups' => 'string', 'ignore_boards' => 'string', 'openid_uri' => 'string',
  1206. ),
  1207. array(
  1208. stripslashes($_POST['username']), stripslashes($_POST['username']), sha1(strtolower(stripslashes($_POST['username'])) . stripslashes($_POST['password1'])), stripslashes($_POST['email']),
  1209. 1, 0, time(), 0,
  1210. $incontext['member_salt'], '', '', '',
  1211. $ip, $ip, '', '',
  1212. '', '', '', '',
  1213. '', '', '', '', '', '',
  1214. '', '', '',
  1215. ),
  1216. array('id_member')
  1217. );
  1218. // Awww, crud!
  1219. if ($request === false)
  1220. {
  1221. $incontext['error'] = $txt['error_user_settings_query'] . '<br />
  1222. <div style="margin: 2ex;">' . nl2br(htmlspecialchars($smcFunc['db_error']($db_connection))) . '</div>';
  1223. return false;
  1224. }
  1225. $incontext['member_id'] = $smcFunc['db_insert_id']("{$db_prefix}members", 'id_member');
  1226. }
  1227. // If we're here we're good.
  1228. return true;
  1229. }
  1230. return false;
  1231. }
  1232. // Final step, clean up and a complete message!
  1233. function DeleteInstall()
  1234. {
  1235. global $txt, $db_prefix, $db_connection, $HTTP_SESSION_VARS, $cookiename, $incontext;
  1236. global $smcFunc, $db_character_set, $mbname, $context, $scripturl, $boardurl;
  1237. global $current_smf_version, $databases, $sourcedir, $forum_version, $modSettings, $user_info, $language, $db_type;
  1238. $incontext['page_title'] = $txt['congratulations'];
  1239. $incontext['sub_template'] = 'delete_install';
  1240. $incontext['continue'] = 0;
  1241. require(dirname(__FILE__) . '/Settings.php');
  1242. load_database();
  1243. chdir(dirname(__FILE__));
  1244. require_once($sourcedir . '/Errors.php');
  1245. require_once($sourcedir . '/Logging.php');
  1246. require_once($sourcedir . '/Subs.php');
  1247. require_once($sourcedir . '/Load.php');
  1248. require_once($sourcedir . '/Security.php');
  1249. require_once($sourcedir . '/Subs-Auth.php');
  1250. // Bring a warning over.
  1251. if (!empty($incontext['account_existed']))
  1252. $incontext['warning'] = $incontext['account_existed'];
  1253. if (!empty($db_character_set) && !empty($databases[$db_type]['utf8_support']))
  1254. $smcFunc['db_query']('', '
  1255. SET NAMES {raw:db_character_set}',
  1256. array(
  1257. 'db_character_set' => $db_character_set,
  1258. 'db_error_skip' => true,
  1259. )
  1260. );
  1261. // As track stats is by default enabled let's add some activity.
  1262. $smcFunc['db_insert']('ignore',
  1263. '{db_prefix}log_activity',
  1264. array('date' => 'date', 'topics' => 'int', 'posts' => 'int', 'registers' => 'int'),
  1265. array(strftime('%Y-%m-%d', time()), 1, 1, (!empty($incontext['member_id']) ? 1 : 0)),
  1266. array('date')
  1267. );
  1268. // We're going to want our lovely $modSettings now.
  1269. $request = $smcFunc['db_query']('', '
  1270. SELECT variable, value
  1271. FROM {db_prefix}settings',
  1272. array(
  1273. 'db_error_skip' => true,
  1274. )
  1275. );
  1276. // Only proceed if we can load the data.
  1277. if ($request)
  1278. {
  1279. while ($row = $smcFunc['db_fetch_row']($request))
  1280. $modSettings[$row[0]] = $row[1];
  1281. $smcFunc['db_free_result']($request);
  1282. }
  1283. // Automatically log them in ;)
  1284. if (isset($incontext['member_id']) && isset($incontext['member_salt']))
  1285. setLoginCookie(3153600 * 60, $incontext['member_id'], sha1(sha1(strtolower($_POST['username']) . $_POST['password1']) . $incontext['member_salt']));
  1286. $result = $smcFunc['db_query']('', '
  1287. SELECT value
  1288. FROM {db_prefix}settings
  1289. WHERE variable = {string:db_sessions}',
  1290. array(
  1291. 'db_sessions' => 'databaseSession_enable',
  1292. 'db_error_skip' => true,
  1293. )
  1294. );
  1295. if ($smcFunc['db_num_rows']($result) != 0)
  1296. list ($db_sessions) = $smcFunc['db_fetch_row']($result);
  1297. $smcFunc['db_free_result']($result);
  1298. if (empty($db_sessions))
  1299. $_SESSION['admin_time'] = time();
  1300. else
  1301. {
  1302. $_SERVER['HTTP_USER_AGENT'] = substr($_SERVER['HTTP_USER_AGENT'], 0, 211);
  1303. $smcFunc['db_insert']('replace',
  1304. '{db_prefix}sessions',
  1305. array(
  1306. 'session_id' => 'string', 'last_update' => 'int', 'data' => 'string',
  1307. ),
  1308. array(
  1309. session_id(), time(), 'USER_AGENT|s:' . strlen($_SERVER['HTTP_USER_AGENT']) . ':"' . $_SERVER['HTTP_USER_AGENT'] . '";admin_time|i:' . time() . ';',
  1310. ),
  1311. array('session_id')
  1312. );
  1313. }
  1314. updateStats('member');
  1315. updateStats('message');
  1316. updateStats('topic');
  1317. // This function is needed to do the updateStats('subject') call.
  1318. $smcFunc['strtolower'] = $db_character_set === 'utf8' || $txt['lang_character_set'] === 'UTF-8' ? create_function('$string', '
  1319. return $string;') : 'strtolower';
  1320. $request = $smcFunc['db_query']('', '
  1321. SELECT id_msg
  1322. FROM {db_prefix}messages
  1323. WHERE id_msg = 1
  1324. AND modified_time = 0
  1325. LIMIT 1',
  1326. array(
  1327. 'db_error_skip' => true,
  1328. )
  1329. );
  1330. if ($smcFunc['db_num_rows']($request) > 0)
  1331. updateStats('subject', 1, htmlspecialchars($txt['default_topic_subject']));
  1332. $smcFunc['db_free_result']($request);
  1333. // Now is the perfect time to fetch the SM files.
  1334. require_once($sourcedir . '/ScheduledTasks.php');
  1335. // Sanity check that they loaded earlier!
  1336. if (isset($modSettings['recycle_board']))
  1337. {
  1338. $forum_version = $current_smf_version; // The variable is usually defined in index.php so lets just use our variable to do it for us.
  1339. scheduled_fetchSMfiles(); // Now go get those files!
  1340. // We've just installed!
  1341. $user_info['ip'] = $_SERVER['REMOTE_ADDR'];
  1342. $user_info['id'] = isset($incontext['member_id']) ? $incontext['member_id'] : 0;
  1343. logAction('install', array('version' => $forum_version), 'admin');
  1344. }
  1345. // Check if we need some stupid MySQL fix.
  1346. $server_version = $smcFunc['db_server_info']();
  1347. if (($db_type == 'mysql' || $db_type == 'mysqli') && in_array(substr($server_version, 0, 6), array('5.0.50', '5.0.51')))
  1348. updateSettings(array('db_mysql_group_by_fix' => '1'));
  1349. // Some final context for the template.
  1350. $incontext['dir_still_writable'] = is_writable(dirname(__FILE__)) && substr(__FILE__, 1, 2) != ':\\';
  1351. $incontext['probably_delete_install'] = isset($_SESSION['installer_temp_ftp']) || is_writable(dirname(__FILE__)) || is_writable(__FILE__);
  1352. return false;
  1353. }
  1354. // http://www.faqs.org/rfcs/rfc959.html
  1355. class ftp_connection
  1356. {
  1357. var $connection = 'no_connection', $error = false, $last_message, $pasv = array();
  1358. // Create a new FTP connection...
  1359. function ftp_connection($ftp_server, $ftp_port = 21, $ftp_user = 'anonymous', $ftp_pass = '[email protected]')
  1360. {
  1361. if ($ftp_server !== null)
  1362. $this->connect($ftp_server, $ftp_port, $ftp_user, $ftp_pass);
  1363. }
  1364. function connect($ftp_server, $ftp_port = 21, $ftp_user = 'anonymous', $ftp_pass = '[email protected]')
  1365. {
  1366. if (substr($ftp_server, 0, 6) == 'ftp://')
  1367. $ftp_server = substr($ftp_server, 6);
  1368. elseif (substr($ftp_server, 0, 7) == 'ftps://')
  1369. $ftp_server = 'ssl://' . substr($ftp_server, 7);
  1370. if (substr($ftp_server, 0, 7) == 'http://')
  1371. $ftp_server = substr($ftp_server, 7);
  1372. $ftp_server = strtr($ftp_server, array('/' => '', ':' => '', '@' => ''));
  1373. // Connect to the FTP server.
  1374. $this->connection = @fsockopen($ftp_server, $ftp_port, $err, $err, 5);
  1375. if (!$this->connection)
  1376. {
  1377. $this->error = 'bad_server';
  1378. return;
  1379. }
  1380. // Get the welcome message...
  1381. if (!$this->check_response(220))
  1382. {
  1383. $this->error = 'bad_response';
  1384. return;
  1385. }
  1386. // Send the username, it should ask for a password.
  1387. fwrite($this->connection, 'USER ' . $ftp_user . "\r\n");
  1388. if (!$this->check_response(331))
  1389. {
  1390. $this->error = 'bad_username';
  1391. return;
  1392. }
  1393. // Now send the password... and hope it goes okay.
  1394. fwrite($this->connection, 'PASS ' . $ftp_pass . "\r\n");
  1395. if (!$this->check_response(230))
  1396. {
  1397. $this->error = 'bad_password';
  1398. return;
  1399. }
  1400. }
  1401. function chdir($ftp_path)
  1402. {
  1403. if (!is_resource($this->connection))
  1404. return false;
  1405. // No slash on the end, please...
  1406. if (substr($ftp_path, -1) == '/')
  1407. $ftp_path = substr($ftp_path, 0, -1);
  1408. fwrite($this->connection, 'CWD ' . $ftp_path . "\r\n");
  1409. if (!$this->check_response(250))
  1410. {
  1411. $this->error = 'bad_path';
  1412. return false;
  1413. }
  1414. return true;
  1415. }
  1416. function chmod($ftp_file, $chmod)
  1417. {
  1418. if (!is_resource($this->connection))
  1419. return false;
  1420. // Convert the chmod value from octal (0777) to text ("777")
  1421. fwrite($this->connection, 'SITE CHMOD ' . decoct($chmod) . ' ' . $ftp_file . "\r\n");
  1422. if (!$this->check_response(200))
  1423. {
  1424. $this->error = 'bad_file';
  1425. return false;
  1426. }
  1427. return true;
  1428. }
  1429. function unlink($ftp_file)
  1430. {
  1431. // We are actually connected, right?
  1432. if (!is_resource($this->connection))
  1433. return false;
  1434. // Delete file X.
  1435. fwrite($this->connection, 'DELE ' . $ftp_file . "\r\n");
  1436. if (!$this->check_response(250))
  1437. {
  1438. fwrite($this->connection, 'RMD ' . $ftp_file . "\r\n");
  1439. // Still no love?
  1440. if (!$this->check_response(250))
  1441. {
  1442. $this->error = 'bad_file';
  1443. return false;
  1444. }
  1445. }
  1446. return true;
  1447. }
  1448. function check_response($desired)
  1449. {
  1450. // Wait for a response that isn't continued with -, but don't wait too long.
  1451. $time = time();
  1452. do
  1453. $this->last_message = fgets($this->connection, 1024);
  1454. while (substr($this->last_message, 3, 1) != ' ' && time() - $time < 5);
  1455. // Was the desired response returned?
  1456. return is_array($desired) ? in_array(substr($this->last_message, 0, 3), $desired) : substr($this->last_message, 0, 3) == $desired;
  1457. }
  1458. function passive()
  1459. {
  1460. // We can't create a passive data connection without a primary one first being there.
  1461. if (!is_resource($this->connection))
  1462. return false;
  1463. // Request a passive connection - this means, we'll talk to you, you don't talk to us.
  1464. @fwrite($this->connection, "PASV\r\n");
  1465. $time = time();
  1466. do
  1467. $response = fgets($this->connection, 1024);
  1468. while (substr($response, 3, 1) != ' ' && time() - $time < 5);
  1469. // If it's not 227, we weren't given an IP and port, which means it failed.
  1470. if (substr($response, 0, 4) != '227 ')
  1471. {
  1472. $this->error = 'bad_response';
  1473. return false;
  1474. }
  1475. // Snatch the IP and port information, or die horribly trying...
  1476. if (preg_match('~\((\d+),\s*(\d+),\s*(\d+),\s*(\d+),\s*(\d+)(?:,\s*(\d+))\)~', $response, $match) == 0)
  1477. {
  1478. $this->error = 'bad_response';
  1479. return false;
  1480. }
  1481. // This is pretty simple - store it for later use ;)
  1482. $this->pasv = array('ip' => $match[1] . '.' . $match[2] . '.' . $match[3] . '.' . $match[4], 'port' => $match[5] * 256 + $match[6]);
  1483. return true;
  1484. }
  1485. function create_file($ftp_file)
  1486. {
  1487. // First, we have to be connected... very important.
  1488. if (!is_resource($this->connection))
  1489. return false;
  1490. // I'd like one passive mode, please!
  1491. if (!$this->passive())
  1492. return false;
  1493. // Seems logical enough, so far...
  1494. fwrite($this->connection, 'STOR ' . $ftp_file . "\r\n");
  1495. // Okay, now we connect to the data port. If it doesn't work out, it's probably "file already exists", etc.
  1496. $fp = @fsockopen($this->pasv['ip'], $this->pasv['port'], $err, $err, 5);
  1497. if (!$fp || !$this->check_response(150))
  1498. {
  1499. $this->error = 'bad_file';
  1500. @fclose($fp);
  1501. return false;
  1502. }
  1503. // This may look strange, but we're just closing it to indicate a zero-byte upload.
  1504. fclose($fp);
  1505. if (!$this->check_response(226))
  1506. {
  1507. $this->error = 'bad_response';
  1508. return false;
  1509. }
  1510. return true;
  1511. }
  1512. function list_dir($ftp_path = '', $search = false)
  1513. {
  1514. // Are we even connected...?
  1515. if (!is_resource($this->connection))
  1516. return false;
  1517. // Passive... non-agressive...
  1518. if (!$this->passive())
  1519. return false;
  1520. // Get the listing!
  1521. fwrite($this->connection, 'LIST -1' . ($search ? 'R' : '') . ($ftp_path == '' ? '' : ' ' . $ftp_path) . "\r\n");
  1522. // Connect, assuming we've got a connection.
  1523. $fp = @fsockopen($this->pasv['ip'], $this->pasv['port'], $err, $err, 5);
  1524. if (!$fp || !$this->check_response(array(150, 125)))
  1525. {
  1526. $this->error = 'bad_response';
  1527. @fclose($fp);
  1528. return false;
  1529. }
  1530. // Read in the file listing.
  1531. $data = '';
  1532. while (!feof($fp))
  1533. $data .= fread($fp, 4096);
  1534. fclose($fp);
  1535. // Everything go okay?
  1536. if (!$this->check_response(226))
  1537. {
  1538. $this->error = 'bad_response';
  1539. return false;
  1540. }
  1541. return $data;
  1542. }
  1543. function locate($file, $listing = null)
  1544. {
  1545. if ($listing === null)
  1546. $listing = $this->list_dir('', true);
  1547. $listing = explode("\n", $listing);
  1548. @fwrite($this->connection, "PWD\r\n");
  1549. $time = time();
  1550. do
  1551. $response = fgets($this->connection, 1024);
  1552. while (substr($response, 3, 1) != ' ' && time() - $time < 5);
  1553. // Check for 257!
  1554. if (preg_match('~^257 "(.+?)" ~', $response, $match) != 0)
  1555. $current_dir = strtr($match[1], array('""' => '"'));
  1556. else
  1557. $current_dir = '';
  1558. for ($i = 0, $n = count($listing); $i < $n; $i++)
  1559. {
  1560. if (trim($listing[$i]) == '' && isset($listing[$i + 1]))
  1561. {
  1562. $current_dir = substr(trim($listing[++$i]), 0, -1);
  1563. $i++;
  1564. }
  1565. // Okay, this file's name is:
  1566. $listing[$i] = $current_dir . '/' . trim(strlen($listing[$i]) > 30 ? strrchr($listing[$i], ' ') : $listing[$i]);
  1567. if (substr($file, 0, 1) == '*' && substr($listing[$i], -(strlen($file) - 1)) == substr($file, 1))
  1568. return $listing[$i];
  1569. if (substr($file, -1) == '*' && substr($listing[$i], 0, strlen($file) - 1) == substr($file, 0, -1))
  1570. return $listing[$i];
  1571. if (basename($listing[$i]) == $file || $listing[$i] == $file)
  1572. return $listing[$i];
  1573. }
  1574. return false;
  1575. }
  1576. function create_dir($ftp_dir)
  1577. {
  1578. // We must be connected to the server to do something.
  1579. if (!is_resource($this->connection))
  1580. return false;
  1581. // Make this new beautiful directory!
  1582. fwrite($this->connection, 'MKD ' . $ftp_dir . "\r\n");
  1583. if (!$this->check_response(257))
  1584. {
  1585. $this->error = 'bad_file';
  1586. return false;
  1587. }
  1588. return true;
  1589. }
  1590. function detect_path($filesystem_path, $lookup_file = null)
  1591. {
  1592. $username = '';
  1593. if (isset($_SERVER['DOCUMENT_ROOT']))
  1594. {
  1595. if (preg_match('~^/home[2]?/([^/]+?)/public_html~', $_SERVER['DOCUMENT_ROOT'], $match))
  1596. {
  1597. $username = $match[1];
  1598. $path = strtr($_SERVER['DOCUMENT_ROOT'], array('/home/' . $match[1] . '/' => '', '/home2/' . $match[1] . '/' => ''));
  1599. if (substr($path, -1) == '/')
  1600. $path = substr($path, 0, -1);
  1601. if (strlen(dirname($_SERVER['PHP_SELF'])) > 1)
  1602. $path .= dirname($_SERVER['PHP_SELF']);
  1603. }
  1604. elseif (substr($filesystem_path, 0, 9) == '/var/www/')
  1605. $path = substr($filesystem_path, 8);
  1606. else
  1607. $path = strtr(strtr($filesystem_path, array('\\' => '/')), array($_SERVER['DOCUMENT_ROOT'] => ''));
  1608. }
  1609. else
  1610. $path = '';
  1611. if (is_resource($this->connection) && $this->list_dir($path) == '')
  1612. {
  1613. $data = $this->list_dir('', true);
  1614. if ($lookup_file === null)
  1615. $lookup_file = $_SERVER['PHP_SELF'];
  1616. $found_path = dirname($this->locate('*' . basename(dirname($lookup_file)) . '/' . basename($lookup_file), $data));
  1617. if ($found_path == false)
  1618. $found_path = dirname($this->locate(basename($lookup_file)));
  1619. if ($found_path != false)
  1620. $path = $found_path;
  1621. }
  1622. elseif (is_resource($this->connection))
  1623. $found_path = true;
  1624. return array($username, $path, isset($found_path));
  1625. }
  1626. function close()
  1627. {
  1628. // Goodbye!
  1629. fwrite($this->connection, "QUIT\r\n");
  1630. fclose($this->connection);
  1631. return true;
  1632. }
  1633. }
  1634. function updateSettingsFile($vars)
  1635. {
  1636. // Modify Settings.php.
  1637. $settingsArray = file(dirname(__FILE__) . '/Settings.php');
  1638. // @todo Do we just want to read the file in clean, and split it this way always?
  1639. if (count($settingsArray) == 1)
  1640. $settingsArray = preg_split('~[\r\n]~', $settingsArray[0]);
  1641. for ($i = 0, $n = count($settingsArray); $i < $n; $i++)
  1642. {
  1643. // Remove the redirect...
  1644. if (trim($settingsArray[$i]) == 'if (file_exists(dirname(__FILE__) . \'/install.php\'))' && trim($settingsArray[$i + 1]) == '{' && trim($settingsArray[$i + 3]) == '}')
  1645. {
  1646. // Get the four lines to nothing.
  1647. $settingsArray[$i] = '';
  1648. $settingsArray[++$i] = '';
  1649. $settingsArray[++$i] = '';
  1650. $settingsArray[++$i] = '';
  1651. continue;
  1652. }
  1653. if (trim($settingsArray[$i]) == '?' . '>')
  1654. $settingsArray[$i] = '';
  1655. // Don't trim or bother with it if it's not a variable.
  1656. if (substr($settingsArray[$i], 0, 1) != '$')
  1657. continue;
  1658. $settingsArray[$i] = rtrim($settingsArray[$i]) . "\n";
  1659. foreach ($vars as $var => $val)
  1660. if (strncasecmp($settingsArray[$i], '$' . $var, 1 + strlen($var)) == 0)
  1661. {
  1662. $comment = strstr($settingsArray[$i], '#');
  1663. $settingsArray[$i] = '$' . $var . ' = \'' . $val . '\';' . ($comment != '' ? "\t\t" . $comment : "\n");
  1664. unset($vars[$var]);
  1665. }
  1666. }
  1667. // Uh oh... the file wasn't empty... was it?
  1668. if (!empty($vars))
  1669. {
  1670. $settingsArray[$i++] = '';
  1671. foreach ($vars as $var => $val)
  1672. $settingsArray[$i++] = '$' . $var . ' = \'' . $val . '\';' . "\n";
  1673. }
  1674. // Blank out the file - done to fix a oddity with some servers.
  1675. $fp = @fopen(dirname(__FILE__) . '/Settings.php', 'w');
  1676. if (!$fp)
  1677. return false;
  1678. fclose($fp);
  1679. $fp = fopen(dirname(__FILE__) . '/Settings.php', 'r+');
  1680. // Gotta have one of these ;)
  1681. if (trim($settingsArray[0]) != '<?php')
  1682. fwrite($fp, "<?php\n");
  1683. $lines = count($settingsArray);
  1684. for ($i = 0; $i < $lines - 1; $i++)
  1685. {
  1686. // Don't just write a bunch of blank lines.
  1687. if ($settingsArray[$i] != '' || @$settingsArray[$i - 1] != '')
  1688. fwrite($fp, strtr($settingsArray[$i], "\r", ''));
  1689. }
  1690. fwrite($fp, $settingsArray[$i] . '?' . '>');
  1691. fclose($fp);
  1692. return true;
  1693. }
  1694. function updateDbLastError()
  1695. {
  1696. // Write out the db_last_error file with the error timestamp
  1697. file_put_contents(dirname(__FILE__) . '/db_last_error.php', '<' . '?' . "php\n" . '$db_last_error = 0;' . "\n" . '?' . '>');
  1698. return true;
  1699. }
  1700. // Create an .htaccess file to prevent mod_security. SMF has filtering built-in.
  1701. function fixModSecurity()
  1702. {
  1703. $htaccess_addition = '
  1704. <IfModule mod_security.c>
  1705. # Turn off mod_security filtering. SMF is a big boy, it doesn\'t need its hands held.
  1706. SecFilterEngine Off
  1707. # The below probably isn\'t needed, but better safe than sorry.
  1708. SecFilterScanPOST Off
  1709. </IfModule>';
  1710. if (!function_exists('apache_get_modules') || !in_array('mod_security', apache_get_modules()))
  1711. return true;
  1712. elseif (file_exists(dirname(__FILE__) . '/.htaccess') && is_writable(dirname(__FILE__) . '/.htaccess'))
  1713. {
  1714. $current_htaccess = implode('', file(dirname(__FILE__) . '/.htaccess'));
  1715. // Only change something if mod_security hasn't been addressed yet.
  1716. if (strpos($current_htaccess, '<IfModule mod_security.c>') === false)
  1717. {
  1718. if ($ht_handle = fopen(dirname(__FILE__) . '/.htaccess', 'a'))
  1719. {
  1720. fwrite($ht_handle, $htaccess_addition);
  1721. fclose($ht_handle);
  1722. return true;
  1723. }
  1724. else
  1725. return false;
  1726. }
  1727. else
  1728. return true;
  1729. }
  1730. elseif (file_exists(dirname(__FILE__) . '/.htaccess'))
  1731. return strpos(implode('', file(dirname(__FILE__) . '/.htaccess')), '<IfModule mod_security.c>') !== false;
  1732. elseif (is_writable(dirname(__FILE__)))
  1733. {
  1734. if ($ht_handle = fopen(dirname(__FILE__) . '/.htaccess', 'w'))
  1735. {
  1736. fwrite($ht_handle, $htaccess_addition);
  1737. fclose($ht_handle);
  1738. return true;
  1739. }
  1740. else
  1741. return false;
  1742. }
  1743. else
  1744. return false;
  1745. }
  1746. function template_install_above()
  1747. {
  1748. global $incontext, $txt, $smfsite, $installurl;
  1749. echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
  1750. <html xmlns="http://www.w3.org/1999/xhtml"', !empty($txt['lang_rtl']) ? ' dir="rtl"' : '', '>
  1751. <head>
  1752. <meta http-equiv="Content-Type" content="text/html; charset=', isset($txt['lang_character_set']) ? $txt['lang_character_set'] : 'ISO-8859-1', '" />
  1753. <meta name="robots" content="noindex" />
  1754. <title>', $txt['smf_installer'], '</title>
  1755. <link rel="stylesheet" type="text/css" href="Themes/default/css/index.css?alp21" />
  1756. <link rel="stylesheet" type="text/css" href="Themes/default/css/install.css?alp21" />
  1757. <script type="text/javascript" src="Themes/default/scripts/script.js"></script>
  1758. </head>
  1759. <body>
  1760. <div id="header">
  1761. <div class="frame">
  1762. <h1 class="forumtitle">', $txt['smf_installer'], '</h1>
  1763. <img id="smflogo" src="Themes/default/images/smflogo.png" alt="Simple Machines Forum" title="Simple Machines Forum" />
  1764. </div>
  1765. </div>
  1766. <div id="wrapper">
  1767. <div id="upper_section">
  1768. <div id="inner_section">
  1769. <div id="inner_wrap">';
  1770. // Have we got a language drop down - if so do it on the first step only.
  1771. if (!empty($incontext['detected_languages']) && count($incontext['detected_languages']) > 1 && $incontext['current_step'] == 0)
  1772. {
  1773. echo '
  1774. <div class="news">
  1775. <form action="', $installurl, '" method="get">
  1776. <label for="installer_language">', $txt['installer_language'], ':</label>
  1777. <select id="installer_language" name="lang_file" onchange="location.href = \'', $installurl, '?lang_file=\' + this.options[this.selectedIndex].value;">';
  1778. foreach ($incontext['detected_languages'] as $lang => $name)
  1779. echo '
  1780. <option', isset($_SESSION['installer_temp_lang']) && $_SESSION['installer_temp_lang'] == $lang ? ' selected="selected"' : '', ' value="', $lang, '">', $name, '</option>';
  1781. echo '
  1782. </select>
  1783. <noscript><input type="submit" value="', $txt['installer_language_set'], '" class="button_submit" /></noscript>
  1784. </form>
  1785. </div>
  1786. <hr class="clear" />';
  1787. }
  1788. echo '
  1789. </div>
  1790. </div>
  1791. </div>
  1792. <div id="content_section">
  1793. <div id="main_content_section">
  1794. <div id="main_steps">
  1795. <h2>', $txt['upgrade_progress'], '</h2>
  1796. <ul>';
  1797. foreach ($incontext['steps'] as $num => $step)
  1798. echo '
  1799. <li class="', $num < $incontext['current_step'] ? 'stepdone' : ($num == $incontext['current_step'] ? 'stepcurrent' : 'stepwaiting'), '">', $txt['upgrade_step'], ' ', $step[0], ': ', $step[1], '</li>';
  1800. echo '
  1801. </ul>
  1802. </div>
  1803. <div id="progress_bar">
  1804. <div id="overall_text">', $incontext['overall_percent'], '%</div>
  1805. <div id="overall_progress" style="width: ', $incontext['overall_percent'], '%;">&nbsp;</div>
  1806. <div class="overall_progress">', $txt['upgrade_overall_progress'], '</div>
  1807. </div>
  1808. <div id="main_screen" class="clear">
  1809. <h2>', $incontext['page_title'], '</h2>
  1810. <div class="panel">';
  1811. }
  1812. function template_install_below()
  1813. {
  1814. global $incontext, $txt;
  1815. if (!empty($incontext['continue']) || !empty($incontext['skip']))
  1816. {
  1817. echo '
  1818. <div>';
  1819. if (!empty($incontext['continue']))
  1820. echo '
  1821. <input type="submit" id="contbutt" name="contbutt" value="', $txt['upgrade_continue'], '" onclick="return submitThisOnce(this);" class="button_submit" />';
  1822. if (!empty($incontext['skip']))
  1823. echo '
  1824. <input type="submit" id="skip" name="skip" value="', $txt['upgrade_skip'], '" onclick="return submitThisOnce(this);" class="button_submit" />';
  1825. echo '
  1826. </div>';
  1827. }
  1828. // Show the closing form tag and other data only if not in the last step
  1829. if (count($incontext['steps']) - 1 !== (int) $incontext['current_step'])
  1830. echo '
  1831. </form>';
  1832. echo '
  1833. </div>
  1834. </div>
  1835. </div>
  1836. </div>
  1837. </div>
  1838. <div id="footer_section">
  1839. <div class="frame">
  1840. <ul class="reset">
  1841. <li class="copyright"><a href="http://www.simplemachines.org/" title="Simple Machines Forum" target="_blank" class="new_win">SMF &copy; 2013, Simple Machines</a></li>
  1842. </ul>
  1843. </div>
  1844. </div>
  1845. </body>
  1846. </html>';
  1847. }
  1848. // Welcome them to the wonderful world of SMF!
  1849. function template_welcome_message()
  1850. {
  1851. global $incontext, $installurl, $txt;
  1852. echo '
  1853. <script type="text/javascript" src="http://www.simplemachines.org/smf/current-version.js?version=' . $GLOBALS['current_smf_version'] . '"></script>
  1854. <form action="', $incontext['form_url'], '" method="post">
  1855. <p>', sprintf($txt['install_welcome_desc'], $GLOBALS['current_smf_version']), '</p>
  1856. <div id="version_warning" style="margin: 2ex; padding: 2ex; border: 2px dashed #a92174; color: black; background-color: #fbbbe2; display: none;">
  1857. <div style="float: left; width: 2ex; font-size: 2em; color: red;">!!</div>
  1858. <strong style="text-decoration: underline;">', $txt['error_warning_notice'], '</strong><br />
  1859. <div style="padding-left: 6ex;">
  1860. ', sprintf($txt['error_script_outdated'], '<em id="smfVersion" style="white-space: nowrap;">??</em>', '<em id="yourVersion" style="white-space: nowrap;">' . $GLOBALS['current_smf_version'] . '</em>'), '
  1861. </div>
  1862. </div>';
  1863. // Show the warnings, or not.
  1864. if (template_warning_divs())
  1865. echo '
  1866. <h3>', $txt['install_all_lovely'], '</h3>';
  1867. // Say we want the continue button!
  1868. if (empty($incontext['error']))
  1869. $incontext['continue'] = 1;
  1870. // For the latest version stuff.
  1871. echo '
  1872. <script type="text/javascript"><!-- // --><![CDATA[
  1873. // Latest version?
  1874. function smfCurrentVersion()
  1875. {
  1876. var smfVer, yourVer;
  1877. if (!(\'smfVersion\' in window))
  1878. return;
  1879. window.smfVersion = window.smfVersion.replace(/SMF\s?/g, \'\');
  1880. smfVer = document.getElementById("smfVersion");
  1881. yourVer = document.getElementById("yourVersion");
  1882. setInnerHTML(smfVer, window.smfVersion);
  1883. var currentVersion = getInnerHTML(yourVer);
  1884. if (currentVersion < window.smfVersion)
  1885. document.getElementById(\'version_warning\').style.display = \'\';
  1886. }
  1887. addLoadEvent(smfCurrentVersion);
  1888. // ]]></script>';
  1889. }
  1890. // A shortcut for any warning stuff.
  1891. function template_warning_divs()
  1892. {
  1893. global $txt, $incontext;
  1894. // Errors are very serious..
  1895. if (!empty($incontext['error']))
  1896. echo '
  1897. <div style="margin: 2ex; padding: 2ex; border: 2px dashed #cc3344; color: black; background-color: #ffe4e9;">
  1898. <div style="float: left; width: 2ex; font-size: 2em; color: red;">!!</div>
  1899. <strong style="text-decoration: underline;">', $txt['upgrade_critical_error'], '</strong><br />
  1900. <div style="padding-left: 6ex;">
  1901. ', $incontext['error'], '
  1902. </div>
  1903. </div>';
  1904. // A warning message?
  1905. elseif (!empty($incontext['warning']))
  1906. echo '
  1907. <div style="margin: 2ex; padding: 2ex; border: 2px dashed #cc3344; color: black; background-color: #ffe4e9;">
  1908. <div style="float: left; width: 2ex; font-size: 2em; color: red;">!!</div>
  1909. <strong style="text-decoration: underline;">', $txt['upgrade_warning'], '</strong><br />
  1910. <div style="padding-left: 6ex;">
  1911. ', $incontext['warning'], '
  1912. </div>
  1913. </div>';
  1914. return empty($incontext['error']) && empty($incontext['warning']);
  1915. }
  1916. function template_chmod_files()
  1917. {
  1918. global $txt, $incontext;
  1919. echo '
  1920. <p>', $txt['ftp_setup_why_info'], '</p>
  1921. <ul style="margin: 2.5ex; font-family: monospace;">
  1922. <li>', implode('</li>
  1923. <li>', $incontext['failed_files']), '</li>
  1924. </ul>';
  1925. // This is serious!
  1926. if (!template_warning_divs())
  1927. return;
  1928. echo '
  1929. <hr />
  1930. <p>', $txt['ftp_setup_info'], '</p>';
  1931. if (!empty($incontext['ftp_errors']))
  1932. echo '
  1933. <div class="error_message">
  1934. <div style="color: red;">
  1935. ', $txt['error_ftp_no_connect'], '<br />
  1936. <br />
  1937. <code>', implode('<br />', $incontext['ftp_errors']), '</code>
  1938. </div>
  1939. </div>
  1940. <br />';
  1941. echo '
  1942. <form action="', $incontext['form_url'], '" method="post">
  1943. <table width="520" cellspacing="0" cellpadding="0" border="0" align="center" style="margin: 1em 0;">
  1944. <tr>
  1945. <td width="26%" valign="top" class="textbox"><label for="ftp_server">', $txt['ftp_server'], ':</label></td>
  1946. <td>
  1947. <div style="float: ', empty($txt['lang_rtl']) ? 'right' : 'left', '; margin-', empty($txt['lang_rtl']) ? 'right' : 'left', ': 1px;"><label for="ftp_port" class="textbox"><strong>', $txt['ftp_port'], ':&nbsp;</strong></label> <input type="text" size="3" name="ftp_port" id="ftp_port" value="', $incontext['ftp']['port'], '" class="input_text" /></div>
  1948. <input type="text" size="30" name="ftp_server" id="ftp_server" value="', $incontext['ftp']['server'], '" style="width: 70%;" class="input_text" />
  1949. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['ftp_server_info'], '</div>
  1950. </td>
  1951. </tr><tr>
  1952. <td width="26%" valign="top" class="textbox"><label for="ftp_username">', $txt['ftp_username'], ':</label></td>
  1953. <td>
  1954. <input type="text" size="50" name="ftp_username" id="ftp_username" value="', $incontext['ftp']['username'], '" style="width: 99%;" class="input_text" />
  1955. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['ftp_username_info'], '</div>
  1956. </td>
  1957. </tr><tr>
  1958. <td width="26%" valign="top" class="textbox"><label for="ftp_password">', $txt['ftp_password'], ':</label></td>
  1959. <td>
  1960. <input type="password" size="50" name="ftp_password" id="ftp_password" style="width: 99%;" class="input_password" />
  1961. <div style="font-size: smaller; margin-bottom: 3ex;">', $txt['ftp_password_info'], '</div>
  1962. </td>
  1963. </tr><tr>
  1964. <td width="26%" valign="top" class="textbox"><label for="ftp_path">', $txt['ftp_path'], ':</label></td>
  1965. <td style="padding-bottom: 1ex;">
  1966. <input type="text" size="50" name="ftp_path" id="ftp_path" value="', $incontext['ftp']['path'], '" style="width: 99%;" class="input_text" />
  1967. <div style="font-size: smaller; margin-bottom: 2ex;">', $incontext['ftp']['path_msg'], '</div>
  1968. </td>
  1969. </tr>
  1970. </table>
  1971. <div style="margin: 1ex; margin-top: 1ex; text-align: ', empty($txt['lang_rtl']) ? 'right' : 'left', ';"><input type="submit" value="', $txt['ftp_connect'], '" onclick="return submitThisOnce(this);" class="button_submit" /></div>
  1972. </form>
  1973. <a href="', $incontext['form_url'], '">', $txt['error_message_click'], '</a> ', $txt['ftp_setup_again'];
  1974. }
  1975. // Get the database settings prepared.
  1976. function template_database_settings()
  1977. {
  1978. global $incontext, $installurl, $txt;
  1979. echo '
  1980. <form action="', $incontext['form_url'], '" method="post">
  1981. <p>', $txt['db_settings_info'], '</p>';
  1982. template_warning_divs();
  1983. echo '
  1984. <table width="100%" cellpadding="0" cellspacing="0" border="0" style="margin: 1em 0;">';
  1985. // More than one database type?
  1986. if (count($incontext['supported_databases']) > 1)
  1987. {
  1988. echo '
  1989. <tr>
  1990. <td width="20%" valign="top" class="textbox"><label for="db_type_input">', $txt['db_settings_type'], ':</label></td>
  1991. <td>
  1992. <select name="db_type" id="db_type_input" onchange="toggleDBInput();">';
  1993. foreach ($incontext['supported_databases'] as $key => $db)
  1994. echo '
  1995. <option value="', $key, '"', isset($_POST['db_type']) && $_POST['db_type'] == $key ? ' selected="selected"' : '', '>', $db['name'], '</option>';
  1996. echo '
  1997. </select><div id="db_sqlite_warning" style="color: blue; display: none;" class="smalltext">', $txt['db_sqlite_warning'], '</div>
  1998. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['db_settings_type_info'], '</div>
  1999. </td>
  2000. </tr>';
  2001. }
  2002. else
  2003. {
  2004. echo '
  2005. <tr style="display: none;">
  2006. <td>
  2007. <input type="hidden" name="db_type" value="', $incontext['db']['type'], '" />
  2008. </td>
  2009. </tr>';
  2010. }
  2011. echo '
  2012. <tr id="db_server_contain">
  2013. <td width="20%" valign="top" class="textbox"><label for="db_server_input">', $txt['db_settings_server'], ':</label></td>
  2014. <td>
  2015. <input type="text" name="db_server" id="db_server_input" value="', $incontext['db']['server'], '" size="30" class="input_text" /><br />
  2016. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['db_settings_server_info'], '</div>
  2017. </td>
  2018. </tr><tr id="db_user_contain">
  2019. <td valign="top" class="textbox"><label for="db_user_input">', $txt['db_settings_username'], ':</label></td>
  2020. <td>
  2021. <input type="text" name="db_user" id="db_user_input" value="', $incontext['db']['user'], '" size="30" class="input_text" /><br />
  2022. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['db_settings_username_info'], '</div>
  2023. </td>
  2024. </tr><tr id="db_passwd_contain">
  2025. <td valign="top" class="textbox"><label for="db_passwd_input">', $txt['db_settings_password'], ':</label></td>
  2026. <td>
  2027. <input type="password" name="db_passwd" id="db_passwd_input" value="', $incontext['db']['pass'], '" size="30" class="input_password" /><br />
  2028. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['db_settings_password_info'], '</div>
  2029. </td>
  2030. </tr><tr id="db_name_contain">
  2031. <td valign="top" class="textbox"><label for="db_name_input">', $txt['db_settings_database'], ':</label></td>
  2032. <td>
  2033. <input type="text" name="db_name" id="db_name_input" value="', empty($incontext['db']['name']) ? 'smf' : $incontext['db']['name'], '" size="30" class="input_text" /><br />
  2034. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['db_settings_database_info'], '
  2035. <span id="db_name_info_warning">', $txt['db_settings_database_info_note'], '</span></div>
  2036. </td>
  2037. </tr><tr id="db_filename_contain" style="display: none;">
  2038. <td valign="top" class="textbox"><label for="db_filename_input">', $txt['db_settings_database_file'], ':</label></td>
  2039. <td>
  2040. <input type="text" name="db_filename" id="db_filename_input" value="', empty($incontext['db']['name']) ? dirname(__FILE__) . '/smf_' . substr(md5(microtime()), 0, 10) : stripslashes($incontext['db']['name']), '" size="30" class="input_text" /><br />
  2041. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['db_settings_database_file_info'], '</div>
  2042. </td>
  2043. </tr><tr>
  2044. <td valign="top" class="textbox"><label for="db_prefix_input">', $txt['db_settings_prefix'], ':</label></td>
  2045. <td>
  2046. <input type="text" name="db_prefix" id="db_prefix_input" value="', $incontext['db']['prefix'], '" size="30" class="input_text" /><br />
  2047. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['db_settings_prefix_info'], '</div>
  2048. </td>
  2049. </tr>
  2050. </table>';
  2051. // Allow the toggling of input boxes for SQLite etc.
  2052. echo '
  2053. <script type="text/javascript"><!-- // --><![CDATA[
  2054. function toggleDBInput()
  2055. {
  2056. // What state is it?';
  2057. if (!isset($incontext['supported_databases']['sqlite']))
  2058. echo '
  2059. var showAll = true;';
  2060. elseif (count($incontext['supported_databases']) < 2)
  2061. echo '
  2062. var showAll = false;';
  2063. // If we have more than one DB including SQLite, what should we be doing?
  2064. else
  2065. echo '
  2066. var showAll = document.getElementById(\'db_type_input\').value == \'sqlite\' ? false : true;';
  2067. echo '
  2068. document.getElementById(\'db_passwd_contain\').style.display = showAll ? \'\' : \'none\';
  2069. document.getElementById(\'db_server_contain\').style.display = showAll ? \'\' : \'none\';
  2070. document.getElementById(\'db_user_contain\').style.display = showAll ? \'\' : \'none\';
  2071. document.getElementById(\'db_name_contain\').style.display = showAll ? \'\' : \'none\';
  2072. document.getElementById(\'db_filename_contain\').style.display = !showAll ? \'\' : \'none\';
  2073. document.getElementById(\'db_sqlite_warning\').style.display = !showAll ? \'\' : \'none\';
  2074. if (document.getElementById(\'db_type_input\').value == \'postgresql\')
  2075. document.getElementById(\'db_name_info_warning\').style.display = \'none\';
  2076. else
  2077. document.getElementById(\'db_name_info_warning\').style.display = \'\';
  2078. }
  2079. toggleDBInput();
  2080. // ]]></script>';
  2081. }
  2082. // Stick in their forum settings.
  2083. function template_forum_settings()
  2084. {
  2085. global $incontext, $installurl, $txt;
  2086. echo '
  2087. <form action="', $incontext['form_url'], '" method="post">
  2088. <h3>', $txt['install_settings_info'], '</h3>';
  2089. template_warning_divs();
  2090. echo '
  2091. <table style="width: 100%; margin: 1em 0;">
  2092. <tr>
  2093. <td class="textbox" style="width: 20%; vertical-align: top;">
  2094. <label for="mbname_input">', $txt['install_settings_name'], ':</label>
  2095. </td>
  2096. <td>
  2097. <input type="text" name="mbname" id="mbname_input" value="', $txt['install_settings_name_default'], '" size="65" class="input_text" />
  2098. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['install_settings_name_info'], '</div>
  2099. </td>
  2100. </tr>
  2101. <tr>
  2102. <td class="textbox" style="vertical-align: top;">
  2103. <label for="boardurl_input">', $txt['install_settings_url'], ':</label>
  2104. </td>
  2105. <td>
  2106. <input type="text" name="boardurl" id="boardurl_input" value="', $incontext['detected_url'], '" size="65" class="input_text" />
  2107. <br />
  2108. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['install_settings_url_info'], '</div>
  2109. </td>
  2110. </tr>
  2111. <tr>
  2112. <td class="textbox" style="vertical-align: top;">
  2113. <label for="reg_mode">', $txt['install_settings_reg_mode'], ':</label>
  2114. </td>
  2115. <td>
  2116. <select name="reg_mode" id="reg_mode">
  2117. <optgroup label="', $txt['install_settings_reg_modes'], ':">
  2118. <option value="0" selected="selected">', $txt['install_settings_reg_immediate'], '</option>
  2119. <option value="1">', $txt['install_settings_reg_email'], '</option>
  2120. <option value="2">', $txt['install_settings_reg_admin'], '</option>
  2121. <option value="3">', $txt['install_settings_reg_disabled'], '</option>
  2122. </optgroup>
  2123. </select>
  2124. <br />
  2125. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['install_settings_reg_mode_info'], '</div>
  2126. </td>
  2127. </tr>
  2128. <tr>
  2129. <td class="textbox" style="vertical-align: top;">', $txt['install_settings_compress'], ':</td>
  2130. <td>
  2131. <input type="checkbox" name="compress" id="compress_check" checked="checked" class="input_check" />&nbsp;
  2132. <label for="compress_check">', $txt['install_settings_compress_title'], '</label>
  2133. <br />
  2134. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['install_settings_compress_info'], '</div>
  2135. </td>
  2136. </tr>
  2137. <tr>
  2138. <td class="textbox" style="vertical-align: top;">', $txt['install_settings_dbsession'], ':</td>
  2139. <td>
  2140. <input type="checkbox" name="dbsession" id="dbsession_check" checked="checked" class="input_check" />&nbsp;
  2141. <label for="dbsession_check">', $txt['install_settings_dbsession_title'], '</label>
  2142. <br />
  2143. <div style="font-size: smaller; margin-bottom: 2ex;">', $incontext['test_dbsession'] ? $txt['install_settings_dbsession_info1'] : $txt['install_settings_dbsession_info2'], '</div>
  2144. </td>
  2145. </tr>
  2146. <tr>
  2147. <td class="textbox" style="vertical-align: top;">', $txt['install_settings_utf8'], ':</td>
  2148. <td>
  2149. <input type="checkbox" name="utf8" id="utf8_check"', $incontext['utf8_default'] ? ' checked="checked"' : '', ' class="input_check"', $incontext['utf8_required'] ? ' disabled="disabled"' : '', ' />&nbsp;
  2150. <label for="utf8_check">', $txt['install_settings_utf8_title'], '</label>
  2151. <br />
  2152. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['install_settings_utf8_info'], '</div>
  2153. </td>
  2154. </tr>
  2155. <tr>
  2156. <td class="textbox" style="vertical-align: top;">', $txt['install_settings_stats'], ':</td>
  2157. <td>
  2158. <input type="checkbox" name="stats" id="stats_check" class="input_check" />&nbsp;
  2159. <label for="stats_check">', $txt['install_settings_stats_title'], '</label>
  2160. <br />
  2161. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['install_settings_stats_info'], '</div>
  2162. </td>
  2163. </tr>
  2164. </table>
  2165. ';
  2166. }
  2167. // Show results of the database population.
  2168. function template_populate_database()
  2169. {
  2170. global $incontext, $installurl, $txt;
  2171. echo '
  2172. <form action="', $incontext['form_url'], '" method="post">
  2173. <p>', !empty($incontext['was_refresh']) ? $txt['user_refresh_install_desc'] : $txt['db_populate_info'], '</p>';
  2174. if (!empty($incontext['sql_results']))
  2175. {
  2176. echo '
  2177. <ul>
  2178. <li>', implode('</li><li>', $incontext['sql_results']), '</li>
  2179. </ul>';
  2180. }
  2181. if (!empty($incontext['failures']))
  2182. {
  2183. echo '
  2184. <div style="color: red;">', $txt['error_db_queries'], '</div>
  2185. <ul>';
  2186. foreach ($incontext['failures'] as $line => $fail)
  2187. echo '
  2188. <li><strong>', $txt['error_db_queries_line'], $line + 1, ':</strong> ', nl2br(htmlspecialchars($fail)), '</li>';
  2189. echo '
  2190. </ul>';
  2191. }
  2192. echo '
  2193. <p>', $txt['db_populate_info2'], '</p>';
  2194. template_warning_divs();
  2195. echo '
  2196. <input type="hidden" name="pop_done" value="1" />';
  2197. }
  2198. // Create the admin account.
  2199. function template_admin_account()
  2200. {
  2201. global $incontext, $installurl, $txt;
  2202. echo '
  2203. <form action="', $incontext['form_url'], '" method="post">
  2204. <p>', $txt['user_settings_info'], '</p>';
  2205. template_warning_divs();
  2206. echo '
  2207. <table width="100%" cellspacing="0" cellpadding="0" border="0" style="margin: 2em 0;">
  2208. <tr>
  2209. <td width="18%" valign="top" class="textbox"><label for="username">', $txt['user_settings_username'], ':</label></td>
  2210. <td>
  2211. <input type="text" name="username" id="username" value="', $incontext['username'], '" size="40" class="input_text" />
  2212. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['user_settings_username_info'], '</div>
  2213. </td>
  2214. </tr><tr>
  2215. <td valign="top" class="textbox"><label for="password1">', $txt['user_settings_password'], ':</label></td>
  2216. <td>
  2217. <input type="password" name="password1" id="password1" size="40" class="input_password" />
  2218. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['user_settings_password_info'], '</div>
  2219. </td>
  2220. </tr><tr>
  2221. <td valign="top" class="textbox"><label for="password2">', $txt['user_settings_again'], ':</label></td>
  2222. <td>
  2223. <input type="password" name="password2" id="password2" size="40" class="input_password" />
  2224. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['user_settings_again_info'], '</div>
  2225. </td>
  2226. </tr><tr>
  2227. <td valign="top" class="textbox"><label for="email">', $txt['user_settings_email'], ':</label></td>
  2228. <td>
  2229. <input type="text" name="email" id="email" value="', $incontext['email'], '" size="40" class="input_text" />
  2230. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['user_settings_email_info'], '</div>
  2231. </td>
  2232. </tr>
  2233. </table>';
  2234. if ($incontext['require_db_confirm'])
  2235. echo '
  2236. <h2>', $txt['user_settings_database'], '</h2>
  2237. <p>', $txt['user_settings_database_info'], '</p>
  2238. <div style="margin-bottom: 2ex; padding-', empty($txt['lang_rtl']) ? 'left' : 'right', ': 50px;">
  2239. <input type="password" name="password3" size="30" class="input_password" />
  2240. </div>';
  2241. }
  2242. // Tell them it's done, and to delete.
  2243. function template_delete_install()
  2244. {
  2245. global $incontext, $installurl, $txt, $boardurl;
  2246. echo '
  2247. <p>', $txt['congratulations_help'], '</p>';
  2248. template_warning_divs();
  2249. // Install directory still writable?
  2250. if ($incontext['dir_still_writable'])
  2251. echo '
  2252. <em>', $txt['still_writable'], '</em><br />
  2253. <br />';
  2254. // Don't show the box if it's like 99% sure it won't work :P.
  2255. if ($incontext['probably_delete_install'])
  2256. echo '
  2257. <div style="margin: 1ex; font-weight: bold;">
  2258. <label for="delete_self"><input type="checkbox" id="delete_self" onclick="doTheDelete();" class="input_check" /> ', $txt['delete_installer'], !isset($_SESSION['installer_temp_ftp']) ? ' ' . $txt['delete_installer_maybe'] : '', '</label>
  2259. </div>
  2260. <script type="text/javascript"><!-- // --><![CDATA[
  2261. function doTheDelete()
  2262. {
  2263. var theCheck = document.getElementById ? document.getElementById("delete_self") : document.all.delete_self;
  2264. var tempImage = new Image();
  2265. tempImage.src = "', $installurl, '?delete=1&ts_" + (new Date().getTime());
  2266. tempImage.width = 0;
  2267. theCheck.disabled = true;
  2268. }
  2269. // ]]></script>
  2270. <br />';
  2271. echo '
  2272. ', sprintf($txt['go_to_your_forum'], $boardurl . '/index.php'), '<br />
  2273. <br />
  2274. ', $txt['good_luck'];
  2275. }
  2276. ?>