install.php 88 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701170217031704170517061707170817091710171117121713171417151716171717181719172017211722172317241725172617271728172917301731173217331734173517361737173817391740174117421743174417451746174717481749175017511752175317541755175617571758175917601761176217631764176517661767176817691770177117721773177417751776177717781779178017811782178317841785178617871788178917901791179217931794179517961797179817991800180118021803180418051806180718081809181018111812181318141815181618171818181918201821182218231824182518261827182818291830183118321833183418351836183718381839184018411842184318441845184618471848184918501851185218531854185518561857185818591860186118621863186418651866186718681869187018711872187318741875187618771878187918801881188218831884188518861887188818891890189118921893189418951896189718981899190019011902190319041905190619071908190919101911191219131914191519161917191819191920192119221923192419251926192719281929193019311932193319341935193619371938193919401941194219431944194519461947194819491950195119521953195419551956195719581959196019611962196319641965196619671968196919701971197219731974197519761977197819791980198119821983198419851986198719881989199019911992199319941995199619971998199920002001200220032004200520062007200820092010201120122013201420152016201720182019202020212022202320242025202620272028202920302031203220332034203520362037203820392040204120422043204420452046204720482049205020512052205320542055205620572058205920602061206220632064206520662067206820692070207120722073207420752076207720782079208020812082208320842085208620872088208920902091209220932094209520962097209820992100210121022103210421052106210721082109211021112112211321142115211621172118211921202121212221232124212521262127212821292130213121322133213421352136213721382139214021412142214321442145214621472148214921502151215221532154215521562157215821592160216121622163216421652166216721682169217021712172217321742175217621772178217921802181218221832184218521862187218821892190219121922193219421952196219721982199220022012202220322042205220622072208220922102211221222132214221522162217221822192220222122222223222422252226222722282229223022312232223322342235223622372238223922402241224222432244224522462247224822492250225122522253225422552256225722582259226022612262226322642265226622672268226922702271227222732274227522762277227822792280228122822283228422852286228722882289229022912292229322942295229622972298229923002301230223032304230523062307230823092310231123122313231423152316231723182319232023212322232323242325232623272328232923302331233223332334233523362337233823392340234123422343234423452346234723482349235023512352235323542355235623572358235923602361236223632364236523662367236823692370237123722373237423752376237723782379238023812382238323842385238623872388238923902391239223932394239523962397239823992400240124022403240424052406240724082409241024112412241324142415241624172418241924202421242224232424242524262427242824292430243124322433243424352436243724382439244024412442244324442445244624472448244924502451245224532454245524562457245824592460246124622463246424652466246724682469247024712472247324742475247624772478247924802481248224832484248524862487248824892490249124922493249424952496249724982499250025012502250325042505250625072508250925102511251225132514251525162517251825192520252125222523252425252526252725282529253025312532253325342535253625372538253925402541254225432544254525462547254825492550255125522553255425552556255725582559256025612562256325642565256625672568256925702571257225732574257525762577257825792580258125822583258425852586258725882589259025912592259325942595259625972598259926002601260226032604260526062607260826092610261126122613261426152616261726182619262026212622262326242625262626272628262926302631263226332634263526362637263826392640264126422643264426452646264726482649265026512652265326542655265626572658265926602661266226632664266526662667266826692670267126722673267426752676267726782679268026812682
  1. <?php
  2. /**
  3. * Simple Machines Forum (SMF)
  4. *
  5. * @package SMF
  6. * @author Simple Machines http://www.simplemachines.org
  7. * @copyright 2014 Simple Machines and individual contributors
  8. * @license http://www.simplemachines.org/about/smf/license.php BSD
  9. *
  10. * @version 2.1 Alpha 1
  11. */
  12. $GLOBALS['current_smf_version'] = '2.1 Alpha 1';
  13. $GLOBALS['db_script_version'] = '2-1';
  14. $GLOBALS['required_php_version'] = '5.1.0';
  15. // Don't have PHP support, do you?
  16. // ><html dir="ltr"><head><title>Error!</title></head><body>Sorry, this installer requires PHP!<div style="display: none;">
  17. // Database info.
  18. $databases = array(
  19. 'mysqli' => array(
  20. 'name' => 'MySQLi',
  21. 'version' => '5.0.3',
  22. 'version_check' => 'return min(mysqli_get_server_info($db_connection), mysqli_get_client_info());',
  23. 'supported' => function_exists('mysqli_connect'),
  24. 'default_user' => 'mysql.default_user',
  25. 'default_password' => 'mysql.default_password',
  26. 'default_host' => 'mysql.default_host',
  27. 'default_port' => 'mysql.default_port',
  28. 'utf8_support' => true,
  29. 'utf8_version' => '5.0.3',
  30. 'utf8_version_check' => 'return mysqli_get_server_info($db_connection);',
  31. 'utf8_default' => true,
  32. 'utf8_required' => true,
  33. 'alter_support' => true,
  34. 'validate_prefix' => create_function('&$value', '
  35. $value = preg_replace(\'~[^A-Za-z0-9_\$]~\', \'\', $value);
  36. return true;
  37. '),
  38. ),
  39. 'mysql' => array(
  40. 'name' => 'MySQL',
  41. 'version' => '5.0.3',
  42. 'version_check' => 'return min(mysql_get_server_info(), mysql_get_client_info());',
  43. 'supported' => function_exists('mysql_connect'),
  44. 'default_user' => 'mysql.default_user',
  45. 'default_password' => 'mysql.default_password',
  46. 'default_host' => 'mysql.default_host',
  47. 'default_port' => 'mysql.default_port',
  48. 'utf8_support' => true,
  49. 'utf8_version' => '5.0.3',
  50. 'utf8_version_check' => 'return mysql_get_server_info();',
  51. 'utf8_default' => true,
  52. 'utf8_required' => true,
  53. 'alter_support' => true,
  54. 'validate_prefix' => create_function('&$value', '
  55. $value = preg_replace(\'~[^A-Za-z0-9_\$]~\', \'\', $value);
  56. return true;
  57. '),
  58. ),
  59. 'postgresql' => array(
  60. 'name' => 'PostgreSQL',
  61. 'version' => '8.0',
  62. 'function_check' => 'pg_connect',
  63. 'version_check' => '$request = pg_query(\'SELECT version()\'); list ($version) = pg_fetch_row($request); list($pgl, $version) = explode(" ", $version); return $version;',
  64. 'supported' => function_exists('pg_connect'),
  65. 'always_has_db' => true,
  66. 'utf8_default' => true,
  67. 'utf8_required' => true,
  68. 'utf8_support' => true,
  69. 'utf8_version' => '8.0',
  70. 'utf8_version_check' => '$request = pg_query(\'SELECT version()\'); list ($version) = pg_fetch_row($request); list($pgl, $version) = explode(" ", $version); return $version;',
  71. 'validate_prefix' => create_function('&$value', '
  72. $value = preg_replace(\'~[^A-Za-z0-9_\$]~\', \'\', $value);
  73. // Is it reserved?
  74. if ($value == \'pg_\')
  75. return $txt[\'error_db_prefix_reserved\'];
  76. // Is the prefix numeric?
  77. if (preg_match(\'~^\d~\', $value))
  78. return $txt[\'error_db_prefix_numeric\'];
  79. return true;
  80. '),
  81. ),
  82. 'sqlite' => array(
  83. 'name' => 'SQLite',
  84. 'version' => '1',
  85. 'function_check' => 'sqlite_open',
  86. 'version_check' => 'return 1;',
  87. 'supported' => function_exists('sqlite_open'),
  88. 'always_has_db' => true,
  89. 'utf8_default' => false,
  90. 'utf8_required' => false,
  91. 'utf8_support' => false,
  92. 'validate_prefix' => create_function('&$value', '
  93. global $incontext, $txt;
  94. $value = preg_replace(\'~[^A-Za-z0-9_\$]~\', \'\', $value);
  95. // Is it reserved?
  96. if ($value == \'sqlite_\')
  97. return $txt[\'error_db_prefix_reserved\'];
  98. // Is the prefix numeric?
  99. if (preg_match(\'~^\d~\', $value))
  100. return $txt[\'error_db_prefix_numeric\'];
  101. return true;
  102. '),
  103. ),
  104. 'sqlite3' => array(
  105. 'name' => 'SQLite3',
  106. 'version' => '1',
  107. 'function_check' => 'SQLite3::version',
  108. 'version_check' => 'return 1;',
  109. 'supported' => is_callable(array('sqlite3', 'version')),
  110. 'always_has_db' => true,
  111. 'utf8_default' => true,
  112. 'utf8_required' => true,
  113. 'utf8_support' => true,
  114. 'validate_prefix' => create_function('&$value', '
  115. global $incontext, $txt;
  116. $value = preg_replace(\'~[^A-Za-z0-9_\$]~\', \'\', $value);
  117. // Is it reserved?
  118. if ($value == \'sqlite_\')
  119. return $txt[\'error_db_prefix_reserved\'];
  120. // Is the prefix numeric?
  121. if (preg_match(\'~^\d~\', $value))
  122. return $txt[\'error_db_prefix_numeric\'];
  123. return true;
  124. '),
  125. ),
  126. );
  127. // Initialize everything and load the language files.
  128. initialize_inputs();
  129. load_lang_file();
  130. // This is what we are.
  131. $installurl = $_SERVER['PHP_SELF'];
  132. // This is where SMF is.
  133. $smfsite = 'http://www.simplemachines.org/smf';
  134. // All the steps in detail.
  135. // Number,Name,Function,Progress Weight.
  136. $incontext['steps'] = array(
  137. 0 => array(1, $txt['install_step_welcome'], 'Welcome', 0),
  138. 1 => array(2, $txt['install_step_writable'], 'CheckFilesWritable', 10),
  139. 2 => array(3, $txt['install_step_databaseset'], 'DatabaseSettings', 15),
  140. 3 => array(4, $txt['install_step_forum'], 'ForumSettings', 40),
  141. 4 => array(5, $txt['install_step_databasechange'], 'DatabasePopulation', 15),
  142. 5 => array(6, $txt['install_step_admin'], 'AdminAccount', 20),
  143. 6 => array(7, $txt['install_step_delete'], 'DeleteInstall', 0),
  144. );
  145. // Default title...
  146. $incontext['page_title'] = $txt['smf_installer'];
  147. // What step are we on?
  148. $incontext['current_step'] = isset($_GET['step']) ? (int) $_GET['step'] : 0;
  149. // Loop through all the steps doing each one as required.
  150. $incontext['overall_percent'] = 0;
  151. foreach ($incontext['steps'] as $num => $step)
  152. {
  153. if ($num >= $incontext['current_step'])
  154. {
  155. // The current weight of this step in terms of overall progress.
  156. $incontext['step_weight'] = $step[3];
  157. // Make sure we reset the skip button.
  158. $incontext['skip'] = false;
  159. // Call the step and if it returns false that means pause!
  160. if (function_exists($step[2]) && $step[2]() === false)
  161. break;
  162. elseif (function_exists($step[2]))
  163. $incontext['current_step']++;
  164. // No warnings pass on.
  165. $incontext['warning'] = '';
  166. }
  167. $incontext['overall_percent'] += $step[3];
  168. }
  169. // Actually do the template stuff.
  170. installExit();
  171. function initialize_inputs()
  172. {
  173. global $databases, $incontext;
  174. // Just so people using older versions of PHP aren't left in the cold.
  175. if (!isset($_SERVER['PHP_SELF']))
  176. $_SERVER['PHP_SELF'] = isset($GLOBALS['HTTP_SERVER_VARS']['PHP_SELF']) ? $GLOBALS['HTTP_SERVER_VARS']['PHP_SELF'] : 'install.php';
  177. // Turn off magic quotes runtime and enable error reporting.
  178. if (function_exists('set_magic_quotes_runtime'))
  179. @set_magic_quotes_runtime(0);
  180. error_reporting(E_ALL);
  181. // Fun. Low PHP version...
  182. if (!isset($_GET))
  183. {
  184. $GLOBALS['_GET']['step'] = 0;
  185. return;
  186. }
  187. if (!isset($_GET['obgz']))
  188. {
  189. ob_start();
  190. if (ini_get('session.save_handler') == 'user')
  191. @ini_set('session.save_handler', 'files');
  192. if (function_exists('session_start'))
  193. @session_start();
  194. }
  195. else
  196. {
  197. ob_start('ob_gzhandler');
  198. if (ini_get('session.save_handler') == 'user')
  199. @ini_set('session.save_handler', 'files');
  200. session_start();
  201. if (!headers_sent())
  202. echo '<!DOCTYPE html>
  203. <html>
  204. <head>
  205. <title>', htmlspecialchars($_GET['pass_string']), '</title>
  206. </head>
  207. <body style="background-color: #d4d4d4; margin-top: 16%; text-align: center; font-size: 16pt;">
  208. <strong>', htmlspecialchars($_GET['pass_string']), '</strong>
  209. </body>
  210. </html>';
  211. exit;
  212. }
  213. // Are we calling the backup css file?
  214. if (isset($_GET['infile_css']))
  215. {
  216. header('Content-Type: text/css');
  217. template_css();
  218. exit;
  219. }
  220. // Anybody home?
  221. if (!isset($_GET['xml']))
  222. {
  223. $incontext['remote_files_available'] = false;
  224. $test = @fsockopen('www.simplemachines.org', 80, $errno, $errstr, 1);
  225. if ($test)
  226. $incontext['remote_files_available'] = true;
  227. @fclose($test);
  228. }
  229. // Add slashes, as long as they aren't already being added.
  230. if (!function_exists('get_magic_quotes_gpc') || @get_magic_quotes_gpc() == 0)
  231. foreach ($_POST as $k => $v)
  232. if (strpos($k, 'password') === false)
  233. $_POST[$k] = addslashes($v);
  234. // This is really quite simple; if ?delete is on the URL, delete the installer...
  235. if (isset($_GET['delete']))
  236. {
  237. if (isset($_SESSION['installer_temp_ftp']))
  238. {
  239. $ftp = new ftp_connection($_SESSION['installer_temp_ftp']['server'], $_SESSION['installer_temp_ftp']['port'], $_SESSION['installer_temp_ftp']['username'], $_SESSION['installer_temp_ftp']['password']);
  240. $ftp->chdir($_SESSION['installer_temp_ftp']['path']);
  241. $ftp->unlink('install.php');
  242. $ftp->unlink('webinstall.php');
  243. foreach ($databases as $key => $dummy)
  244. {
  245. $type = ($key == 'mysqli') ? 'mysql' : $key;
  246. $ftp->unlink('install_' . $GLOBALS['db_script_version'] . '_' . $type . '.sql');
  247. }
  248. $ftp->close();
  249. unset($_SESSION['installer_temp_ftp']);
  250. }
  251. else
  252. {
  253. @unlink(__FILE__);
  254. @unlink(dirname(__FILE__) . '/webinstall.php');
  255. foreach ($databases as $key => $dummy)
  256. {
  257. $type = ($key == 'mysqli') ? 'mysql' : $key;
  258. @unlink(dirname(__FILE__) . '/install_' . $GLOBALS['db_script_version'] . '_' . $type . '.sql');
  259. }
  260. }
  261. // Now just redirect to a blank.png...
  262. header('Location: http://' . (isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : $_SERVER['SERVER_NAME'] . ':' . $_SERVER['SERVER_PORT']) . dirname($_SERVER['PHP_SELF']) . '/Themes/default/images/blank.png');
  263. exit;
  264. }
  265. // PHP 5 might cry if we don't do this now.
  266. if (function_exists('date_default_timezone_set'))
  267. {
  268. $server_offset = @mktime(0, 0, 0, 1, 1, 1970);
  269. date_default_timezone_set('Etc/GMT' . ($server_offset > 0 ? '+' : '') . ($server_offset / 3600));
  270. }
  271. // Force an integer step, defaulting to 0.
  272. $_GET['step'] = (int) @$_GET['step'];
  273. }
  274. // Load the list of language files, and the current language file.
  275. function load_lang_file()
  276. {
  277. global $txt, $incontext;
  278. $incontext['detected_languages'] = array();
  279. // Make sure the languages directory actually exists.
  280. if (file_exists(dirname(__FILE__) . '/Themes/default/languages'))
  281. {
  282. // Find all the "Install" language files in the directory.
  283. $dir = dir(dirname(__FILE__) . '/Themes/default/languages');
  284. while ($entry = $dir->read())
  285. {
  286. if (substr($entry, 0, 8) == 'Install.' && substr($entry, -4) == '.php')
  287. $incontext['detected_languages'][$entry] = ucfirst(substr($entry, 8, strlen($entry) - 12));
  288. }
  289. $dir->close();
  290. }
  291. // Didn't find any, show an error message!
  292. if (empty($incontext['detected_languages']))
  293. {
  294. // Let's not cache this message, eh?
  295. header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
  296. header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
  297. header('Cache-Control: no-cache');
  298. echo '<!DOCTYPE html>
  299. <html>
  300. <head>
  301. <title>SMF Installer: Error!</title>
  302. </head>
  303. <body style="font-family: sans-serif;"><div style="width: 600px;">
  304. <h1 style="font-size: 14pt;">A critical error has occurred.</h1>
  305. <p>This installer was unable to find the installer\'s language file or files. They should be found under:</p>
  306. <div style="margin: 1ex; font-family: monospace; font-weight: bold;">', dirname($_SERVER['PHP_SELF']) != '/' ? dirname($_SERVER['PHP_SELF']) : '', '/Themes/default/languages</div>
  307. <p>In some cases, FTP clients do not properly upload files with this many folders. Please double check to make sure you <span style="font-weight: 600;">have uploaded all the files in the distribution</span>.</p>
  308. <p>If that doesn\'t help, please make sure this install.php file is in the same place as the Themes folder.</p>
  309. <p>If you continue to get this error message, feel free to <a href="http://support.simplemachines.org/">look to us for support</a>.</p>
  310. </div></body>
  311. </html>';
  312. die;
  313. }
  314. // Override the language file?
  315. if (isset($_GET['lang_file']))
  316. $_SESSION['installer_temp_lang'] = $_GET['lang_file'];
  317. elseif (isset($GLOBALS['HTTP_GET_VARS']['lang_file']))
  318. $_SESSION['installer_temp_lang'] = $GLOBALS['HTTP_GET_VARS']['lang_file'];
  319. // Make sure it exists, if it doesn't reset it.
  320. if (!isset($_SESSION['installer_temp_lang']) || preg_match('~[^\\w_\\-.]~', $_SESSION['installer_temp_lang']) === 1 || !file_exists(dirname(__FILE__) . '/Themes/default/languages/' . $_SESSION['installer_temp_lang']))
  321. {
  322. // Use the first one...
  323. list ($_SESSION['installer_temp_lang']) = array_keys($incontext['detected_languages']);
  324. // If we have english and some other language, use the other language. We Americans hate english :P.
  325. if ($_SESSION['installer_temp_lang'] == 'Install.english.php' && count($incontext['detected_languages']) > 1)
  326. list (, $_SESSION['installer_temp_lang']) = array_keys($incontext['detected_languages']);
  327. }
  328. // And now include the actual language file itself.
  329. require_once(dirname(__FILE__) . '/Themes/default/languages/' . $_SESSION['installer_temp_lang']);
  330. }
  331. // This handy function loads some settings and the like.
  332. function load_database()
  333. {
  334. global $db_prefix, $db_connection, $db_character_set, $sourcedir, $language;
  335. global $smcFunc, $mbname, $scripturl, $boardurl, $modSettings, $db_type, $db_name, $db_user, $db_persist;
  336. if (empty($sourcedir))
  337. $sourcedir = dirname(__FILE__) . '/Sources';
  338. // Need this to check whether we need the database password.
  339. require(dirname(__FILE__) . '/Settings.php');
  340. if (!defined('SMF'))
  341. define('SMF', 1);
  342. if (empty($smcFunc))
  343. $smcFunc = array();
  344. $modSettings['disableQueryCheck'] = true;
  345. // Connect the database.
  346. if (!$db_connection)
  347. {
  348. require_once($sourcedir . '/Subs-Db-' . $db_type . '.php');
  349. if (version_compare(PHP_VERSION, '5', '<'))
  350. require_once($sourcedir . '/Subs-Compat.php');
  351. if (!$db_connection)
  352. $db_connection = smf_db_initiate($db_server, $db_name, $db_user, $db_passwd, $db_prefix, array('persist' => $db_persist));
  353. }
  354. }
  355. // This is called upon exiting the installer, for template etc.
  356. function installExit($fallThrough = false)
  357. {
  358. global $incontext, $installurl, $txt;
  359. // Send character set.
  360. header('Content-Type: text/html; charset=' . (isset($txt['lang_character_set']) ? $txt['lang_character_set'] : 'ISO-8859-1'));
  361. // We usually dump our templates out.
  362. if (!$fallThrough)
  363. {
  364. // The top install bit.
  365. template_install_above();
  366. // Call the template.
  367. if (isset($incontext['sub_template']))
  368. {
  369. $incontext['form_url'] = $installurl . '?step=' . $incontext['current_step'];
  370. call_user_func('template_' . $incontext['sub_template']);
  371. }
  372. // @todo REMOVE THIS!!
  373. else
  374. {
  375. if (function_exists('doStep' . $_GET['step']))
  376. call_user_func('doStep' . $_GET['step']);
  377. }
  378. // Show the footer.
  379. template_install_below();
  380. }
  381. // Bang - gone!
  382. die();
  383. }
  384. function Welcome()
  385. {
  386. global $incontext, $txt, $databases, $installurl;
  387. $incontext['page_title'] = $txt['install_welcome'];
  388. $incontext['sub_template'] = 'welcome_message';
  389. // Done the submission?
  390. if (isset($_POST['contbutt']))
  391. return true;
  392. // Check the PHP version.
  393. if ((!function_exists('version_compare') || version_compare($GLOBALS['required_php_version'], PHP_VERSION, '>')))
  394. {
  395. $incontext['warning'] = $txt['error_php_too_low'];
  396. }
  397. // See if we think they have already installed it?
  398. if (is_readable(dirname(__FILE__) . '/Settings.php'))
  399. {
  400. $probably_installed = 0;
  401. foreach (file(dirname(__FILE__) . '/Settings.php') as $line)
  402. {
  403. if (preg_match('~^\$db_passwd\s=\s\'([^\']+)\';$~', $line))
  404. $probably_installed++;
  405. if (preg_match('~^\$boardurl\s=\s\'([^\']+)\';~', $line) && !preg_match('~^\$boardurl\s=\s\'http://127\.0\.0\.1/smf\';~', $line))
  406. $probably_installed++;
  407. }
  408. if ($probably_installed == 2)
  409. $incontext['warning'] = $txt['error_already_installed'];
  410. }
  411. // Is some database support even compiled in?
  412. $incontext['supported_databases'] = array();
  413. foreach ($databases as $key => $db)
  414. {
  415. if ($db['supported'])
  416. {
  417. $type = ($key == 'mysqli') ? 'mysql' : $key;
  418. if (!file_exists(dirname(__FILE__) . '/install_' . $GLOBALS['db_script_version'] . '_' . $type . '.sql'))
  419. {
  420. $databases[$key]['supported'] = false;
  421. $notFoundSQLFile = true;
  422. $txt['error_db_script_missing'] = sprintf($txt['error_db_script_missing'], 'install_' . $GLOBALS['db_script_version'] . '_' . $type . '.sql');
  423. }
  424. else
  425. {
  426. $db_type = $key;
  427. $incontext['supported_databases'][] = $db;
  428. }
  429. }
  430. }
  431. if (empty($incontext['supported_databases']))
  432. $error = empty($notFoundSQLFile) ? 'error_db_missing' : 'error_db_script_missing';
  433. // How about session support? Some crazy sysadmin remove it?
  434. elseif (!function_exists('session_start'))
  435. $error = 'error_session_missing';
  436. // Make sure they uploaded all the files.
  437. elseif (!file_exists(dirname(__FILE__) . '/index.php'))
  438. $error = 'error_missing_files';
  439. // Very simple check on the session.save_path for Windows.
  440. // @todo Move this down later if they don't use database-driven sessions?
  441. elseif (@ini_get('session.save_path') == '/tmp' && substr(__FILE__, 1, 2) == ':\\')
  442. $error = 'error_session_save_path';
  443. // Since each of the three messages would look the same, anyway...
  444. if (isset($error))
  445. $incontext['error'] = $txt[$error];
  446. // Mod_security blocks everything that smells funny. Let SMF handle security.
  447. if (!fixModSecurity() && !isset($_GET['overmodsecurity']))
  448. $incontext['error'] = $txt['error_mod_security'] . '<br><br><a href="' . $installurl . '?overmodsecurity=true">' . $txt['error_message_click'] . '</a> ' . $txt['error_message_bad_try_again'];
  449. return false;
  450. }
  451. function CheckFilesWritable()
  452. {
  453. global $txt, $incontext;
  454. $incontext['page_title'] = $txt['ftp_checking_writable'];
  455. $incontext['sub_template'] = 'chmod_files';
  456. $writable_files = array(
  457. 'attachments',
  458. 'avatars',
  459. 'cache',
  460. 'Packages',
  461. 'Smileys',
  462. 'Themes',
  463. 'agreement.txt',
  464. 'Settings.php',
  465. 'Settings_bak.php'
  466. );
  467. foreach ($incontext['detected_languages'] as $lang => $temp)
  468. $extra_files[] = 'Themes/default/languages/' . $lang;
  469. // With mod_security installed, we could attempt to fix it with .htaccess.
  470. if (function_exists('apache_get_modules') && in_array('mod_security', apache_get_modules()))
  471. $writable_files[] = file_exists(dirname(__FILE__) . '/.htaccess') ? '.htaccess' : '.';
  472. $failed_files = array();
  473. // On linux, it's easy - just use is_writable!
  474. if (substr(__FILE__, 1, 2) != ':\\')
  475. {
  476. foreach ($writable_files as $file)
  477. {
  478. if (!is_writable(dirname(__FILE__) . '/' . $file))
  479. {
  480. @chmod(dirname(__FILE__) . '/' . $file, 0755);
  481. // Well, 755 hopefully worked... if not, try 777.
  482. if (!is_writable(dirname(__FILE__) . '/' . $file) && !@chmod(dirname(__FILE__) . '/' . $file, 0777))
  483. $failed_files[] = $file;
  484. }
  485. }
  486. foreach ($extra_files as $file)
  487. @chmod(dirname(__FILE__) . (empty($file) ? '' : '/' . $file), 0777);
  488. }
  489. // Windows is trickier. Let's try opening for r+...
  490. else
  491. {
  492. foreach ($writable_files as $file)
  493. {
  494. // Folders can't be opened for write... but the index.php in them can ;)
  495. if (is_dir(dirname(__FILE__) . '/' . $file))
  496. $file .= '/index.php';
  497. // Funny enough, chmod actually does do something on windows - it removes the read only attribute.
  498. @chmod(dirname(__FILE__) . '/' . $file, 0777);
  499. $fp = @fopen(dirname(__FILE__) . '/' . $file, 'r+');
  500. // Hmm, okay, try just for write in that case...
  501. if (!is_resource($fp))
  502. $fp = @fopen(dirname(__FILE__) . '/' . $file, 'w');
  503. if (!is_resource($fp))
  504. $failed_files[] = $file;
  505. @fclose($fp);
  506. }
  507. foreach ($extra_files as $file)
  508. @chmod(dirname(__FILE__) . (empty($file) ? '' : '/' . $file), 0777);
  509. }
  510. $failure = count($failed_files) >= 1;
  511. if (!isset($_SERVER))
  512. return !$failure;
  513. // Put the list into context.
  514. $incontext['failed_files'] = $failed_files;
  515. // It's not going to be possible to use FTP on windows to solve the problem...
  516. if ($failure && substr(__FILE__, 1, 2) == ':\\')
  517. {
  518. $incontext['error'] = $txt['error_windows_chmod'] . '
  519. <ul style="margin: 2.5ex; font-family: monospace;">
  520. <li>' . implode('</li>
  521. <li>', $failed_files) . '</li>
  522. </ul>';
  523. return false;
  524. }
  525. // We're going to have to use... FTP!
  526. elseif ($failure)
  527. {
  528. // Load any session data we might have...
  529. if (!isset($_POST['ftp_username']) && isset($_SESSION['installer_temp_ftp']))
  530. {
  531. $_POST['ftp_server'] = $_SESSION['installer_temp_ftp']['server'];
  532. $_POST['ftp_port'] = $_SESSION['installer_temp_ftp']['port'];
  533. $_POST['ftp_username'] = $_SESSION['installer_temp_ftp']['username'];
  534. $_POST['ftp_password'] = $_SESSION['installer_temp_ftp']['password'];
  535. $_POST['ftp_path'] = $_SESSION['installer_temp_ftp']['path'];
  536. }
  537. $incontext['ftp_errors'] = array();
  538. if (isset($_POST['ftp_username']))
  539. {
  540. $ftp = new ftp_connection($_POST['ftp_server'], $_POST['ftp_port'], $_POST['ftp_username'], $_POST['ftp_password']);
  541. if ($ftp->error === false)
  542. {
  543. // Try it without /home/abc just in case they messed up.
  544. if (!$ftp->chdir($_POST['ftp_path']))
  545. {
  546. $incontext['ftp_errors'][] = $ftp->last_message;
  547. $ftp->chdir(preg_replace('~^/home[2]?/[^/]+?~', '', $_POST['ftp_path']));
  548. }
  549. }
  550. }
  551. if (!isset($ftp) || $ftp->error !== false)
  552. {
  553. if (!isset($ftp))
  554. $ftp = new ftp_connection(null);
  555. // Save the error so we can mess with listing...
  556. elseif ($ftp->error !== false && empty($incontext['ftp_errors']) && !empty($ftp->last_message))
  557. $incontext['ftp_errors'][] = $ftp->last_message;
  558. list ($username, $detect_path, $found_path) = $ftp->detect_path(dirname(__FILE__));
  559. if (empty($_POST['ftp_path']) && $found_path)
  560. $_POST['ftp_path'] = $detect_path;
  561. if (!isset($_POST['ftp_username']))
  562. $_POST['ftp_username'] = $username;
  563. // Set the username etc, into context.
  564. $incontext['ftp'] = array(
  565. 'server' => isset($_POST['ftp_server']) ? $_POST['ftp_server'] : 'localhost',
  566. 'port' => isset($_POST['ftp_port']) ? $_POST['ftp_port'] : '21',
  567. 'username' => isset($_POST['ftp_username']) ? $_POST['ftp_username'] : '',
  568. 'path' => isset($_POST['ftp_path']) ? $_POST['ftp_path'] : '/',
  569. 'path_msg' => !empty($found_path) ? $txt['ftp_path_found_info'] : $txt['ftp_path_info'],
  570. );
  571. return false;
  572. }
  573. else
  574. {
  575. $_SESSION['installer_temp_ftp'] = array(
  576. 'server' => $_POST['ftp_server'],
  577. 'port' => $_POST['ftp_port'],
  578. 'username' => $_POST['ftp_username'],
  579. 'password' => $_POST['ftp_password'],
  580. 'path' => $_POST['ftp_path']
  581. );
  582. $failed_files_updated = array();
  583. foreach ($failed_files as $file)
  584. {
  585. if (!is_writable(dirname(__FILE__) . '/' . $file))
  586. $ftp->chmod($file, 0755);
  587. if (!is_writable(dirname(__FILE__) . '/' . $file))
  588. $ftp->chmod($file, 0777);
  589. if (!is_writable(dirname(__FILE__) . '/' . $file))
  590. {
  591. $failed_files_updated[] = $file;
  592. $incontext['ftp_errors'][] = rtrim($ftp->last_message) . ' -> ' . $file . "\n";
  593. }
  594. }
  595. $ftp->close();
  596. // Are there any errors left?
  597. if (count($failed_files_updated) >= 1)
  598. {
  599. // Guess there are...
  600. $incontext['failed_files'] = $failed_files_updated;
  601. // Set the username etc, into context.
  602. $incontext['ftp'] = $_SESSION['installer_temp_ftp'] += array(
  603. 'path_msg' => $txt['ftp_path_info'],
  604. );
  605. return false;
  606. }
  607. }
  608. }
  609. return true;
  610. }
  611. function DatabaseSettings()
  612. {
  613. global $txt, $databases, $incontext, $smcFunc, $sourcedir;
  614. $incontext['sub_template'] = 'database_settings';
  615. $incontext['page_title'] = $txt['db_settings'];
  616. $incontext['continue'] = 1;
  617. // Set up the defaults.
  618. $incontext['db']['server'] = 'localhost';
  619. $incontext['db']['user'] = '';
  620. $incontext['db']['name'] = '';
  621. $incontext['db']['pass'] = '';
  622. $incontext['db']['type'] = '';
  623. $incontext['supported_databases'] = array();
  624. $foundOne = false;
  625. foreach ($databases as $key => $db)
  626. {
  627. // Override with the defaults for this DB if appropriate.
  628. if ($db['supported'])
  629. {
  630. $incontext['supported_databases'][$key] = $db;
  631. if (!$foundOne)
  632. {
  633. if (isset($db['default_host']))
  634. $incontext['db']['server'] = ini_get($db['default_host']) or $incontext['db']['server'] = 'localhost';
  635. if (isset($db['default_user']))
  636. {
  637. $incontext['db']['user'] = ini_get($db['default_user']);
  638. $incontext['db']['name'] = ini_get($db['default_user']);
  639. }
  640. if (isset($db['default_password']))
  641. $incontext['db']['pass'] = ini_get($db['default_password']);
  642. if (isset($db['default_port']))
  643. $db_port = ini_get($db['default_port']);
  644. $incontext['db']['type'] = $key;
  645. $foundOne = true;
  646. }
  647. }
  648. }
  649. // Override for repost.
  650. if (isset($_POST['db_user']))
  651. {
  652. $incontext['db']['user'] = $_POST['db_user'];
  653. $incontext['db']['name'] = ($_POST['db_type'] == 'sqlite' || $_POST['db_type'] == 'sqlite3') && isset($_POST['db_filename']) ? $_POST['db_filename'] : $_POST['db_name'];
  654. $incontext['db']['server'] = $_POST['db_server'];
  655. $incontext['db']['prefix'] = $_POST['db_prefix'];
  656. }
  657. else
  658. {
  659. $incontext['db']['prefix'] = 'smf_';
  660. // Should we use a non standard port?
  661. if (!empty($db_port))
  662. $incontext['db']['server'] .= ':' . $db_port;
  663. }
  664. // Are we submitting?
  665. if (isset($_POST['db_type']))
  666. {
  667. if (isset($_POST['db_filename']))
  668. {
  669. // You better enter enter a database name for SQLite.
  670. if (trim($_POST['db_filename']) == '')
  671. {
  672. $incontext['error'] = $txt['error_db_filename'];
  673. return false;
  674. }
  675. // Duplicate name in the same dir? Can't do that with SQLite. Weird things happen.
  676. if (file_exists($_POST['db_filename'] . (substr($_POST['db_filename'], -3) != '.db' ? '.db' : '')))
  677. {
  678. $incontext['error'] = $txt['error_db_filename_exists'];
  679. return false;
  680. }
  681. }
  682. // What type are they trying?
  683. $db_type = preg_replace('~[^A-Za-z0-9]~', '', $_POST['db_type']);
  684. $db_prefix = $_POST['db_prefix'];
  685. // Validate the prefix.
  686. $valid_prefix = $databases[$db_type]['validate_prefix']($db_prefix);
  687. if ($valid_prefix !== true)
  688. {
  689. $incontext['error'] = $valid_prefix;
  690. return false;
  691. }
  692. // Take care of these variables...
  693. $vars = array(
  694. 'db_type' => $db_type,
  695. 'db_name' => ($_POST['db_type'] == 'sqlite' || $_POST['db_type'] == 'sqlite3') && isset($_POST['db_filename']) ? $_POST['db_filename'] : $_POST['db_name'],
  696. 'db_user' => $_POST['db_user'],
  697. 'db_passwd' => isset($_POST['db_passwd']) ? $_POST['db_passwd'] : '',
  698. 'db_server' => $_POST['db_server'],
  699. 'db_prefix' => $db_prefix,
  700. // The cookiename is special; we want it to be the same if it ever needs to be reinstalled with the same info.
  701. 'cookiename' => 'SMFCookie' . abs(crc32($_POST['db_name'] . preg_replace('~[^A-Za-z0-9_$]~', '', $_POST['db_prefix'])) % 1000),
  702. );
  703. // God I hope it saved!
  704. if (!updateSettingsFile($vars) && substr(__FILE__, 1, 2) == ':\\')
  705. {
  706. $incontext['error'] = $txt['error_windows_chmod'];
  707. return false;
  708. }
  709. // Make sure it works.
  710. require(dirname(__FILE__) . '/Settings.php');
  711. if (empty($sourcedir))
  712. $sourcedir = dirname(__FILE__) . '/Sources';
  713. // Better find the database file!
  714. if (!file_exists($sourcedir . '/Subs-Db-' . $db_type . '.php'))
  715. {
  716. $incontext['error'] = sprintf($txt['error_db_file'], 'Subs-Db-' . $db_type . '.php');
  717. return false;
  718. }
  719. // Now include it for database functions!
  720. define('SMF', 1);
  721. $modSettings['disableQueryCheck'] = true;
  722. if (empty($smcFunc))
  723. $smcFunc = array();
  724. require_once($sourcedir . '/Subs-Db-' . $db_type . '.php');
  725. // What - running PHP4? The shame!
  726. if (version_compare(PHP_VERSION, '5', '<'))
  727. require_once($sourcedir . '/Subs-Compat.php');
  728. // Attempt a connection.
  729. $needsDB = !empty($databases[$db_type]['always_has_db']);
  730. $db_connection = smf_db_initiate($db_server, $db_name, $db_user, $db_passwd, $db_prefix, array('non_fatal' => true, 'dont_select_db' => !$needsDB));
  731. // No dice? Let's try adding the prefix they specified, just in case they misread the instructions ;)
  732. if ($db_connection == null)
  733. {
  734. $db_error = @$smcFunc['db_error']();
  735. $db_connection = smf_db_initiate($db_server, $db_name, $_POST['db_prefix'] . $db_user, $db_passwd, $db_prefix, array('non_fatal' => true, 'dont_select_db' => !$needsDB));
  736. if ($db_connection != null)
  737. {
  738. $db_user = $_POST['db_prefix'] . $db_user;
  739. updateSettingsFile(array('db_user' => $db_user));
  740. }
  741. }
  742. // Still no connection? Big fat error message :P.
  743. if (!$db_connection)
  744. {
  745. $incontext['error'] = $txt['error_db_connect'] . '<div style="margin: 2.5ex; font-family: monospace;"><strong>' . $db_error . '</strong></div>';
  746. return false;
  747. }
  748. // Do they meet the install requirements?
  749. // @todo Old client, new server?
  750. if (version_compare($databases[$db_type]['version'], preg_replace('~^\D*|\-.+?$~', '', eval($databases[$db_type]['version_check']))) > 0)
  751. {
  752. $incontext['error'] = $txt['error_db_too_low'];
  753. return false;
  754. }
  755. // Let's try that database on for size... assuming we haven't already lost the opportunity.
  756. if ($db_name != '' && !$needsDB)
  757. {
  758. $smcFunc['db_query']('', "
  759. CREATE DATABASE IF NOT EXISTS `$db_name`",
  760. array(
  761. 'security_override' => true,
  762. 'db_error_skip' => true,
  763. ),
  764. $db_connection
  765. );
  766. // Okay, let's try the prefix if it didn't work...
  767. if (!$smcFunc['db_select_db']($db_name, $db_connection) && $db_name != '')
  768. {
  769. $smcFunc['db_query']('', "
  770. CREATE DATABASE IF NOT EXISTS `$_POST[db_prefix]$db_name`",
  771. array(
  772. 'security_override' => true,
  773. 'db_error_skip' => true,
  774. ),
  775. $db_connection
  776. );
  777. if ($smcFunc['db_select_db']($_POST['db_prefix'] . $db_name, $db_connection))
  778. {
  779. $db_name = $_POST['db_prefix'] . $db_name;
  780. updateSettingsFile(array('db_name' => $db_name));
  781. }
  782. }
  783. // Okay, now let's try to connect...
  784. if (!$smcFunc['db_select_db']($db_name, $db_connection))
  785. {
  786. $incontext['error'] = sprintf($txt['error_db_database'], $db_name);
  787. return false;
  788. }
  789. }
  790. return true;
  791. }
  792. return false;
  793. }
  794. // Let's start with basic forum type settings.
  795. function ForumSettings()
  796. {
  797. global $txt, $incontext, $databases, $smcFunc, $db_connection, $db_type, $boardurl;
  798. $incontext['sub_template'] = 'forum_settings';
  799. $incontext['page_title'] = $txt['install_settings'];
  800. // Let's see if we got the database type correct.
  801. if (isset($_POST['db_type'], $databases[$_POST['db_type']]))
  802. $db_type = $_POST['db_type'];
  803. // Else we'd better be able to get the connection.
  804. else
  805. load_database();
  806. $db_type = isset($_POST['db_type']) ? $_POST['db_type'] : $db_type;
  807. // What host and port are we on?
  808. $host = empty($_SERVER['HTTP_HOST']) ? $_SERVER['SERVER_NAME'] . (empty($_SERVER['SERVER_PORT']) || $_SERVER['SERVER_PORT'] == '80' ? '' : ':' . $_SERVER['SERVER_PORT']) : $_SERVER['HTTP_HOST'];
  809. // Now, to put what we've learned together... and add a path.
  810. $incontext['detected_url'] = 'http' . (!empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on' ? 's' : '') . '://' . $host . substr($_SERVER['PHP_SELF'], 0, strrpos($_SERVER['PHP_SELF'], '/'));
  811. // Check if the database sessions will even work.
  812. $incontext['test_dbsession'] = (ini_get('session.auto_start') != 1);
  813. $incontext['utf8_default'] = $databases[$db_type]['utf8_default'];
  814. $incontext['utf8_required'] = $databases[$db_type]['utf8_required'];
  815. $incontext['continue'] = 1;
  816. // Submitting?
  817. if (isset($_POST['boardurl']))
  818. {
  819. if (substr($_POST['boardurl'], -10) == '/index.php')
  820. $_POST['boardurl'] = substr($_POST['boardurl'], 0, -10);
  821. elseif (substr($_POST['boardurl'], -1) == '/')
  822. $_POST['boardurl'] = substr($_POST['boardurl'], 0, -1);
  823. if (substr($_POST['boardurl'], 0, 7) != 'http://' && substr($_POST['boardurl'], 0, 7) != 'file://' && substr($_POST['boardurl'], 0, 8) != 'https://')
  824. $_POST['boardurl'] = 'http://' . $_POST['boardurl'];
  825. // Save these variables.
  826. $vars = array(
  827. 'boardurl' => $_POST['boardurl'],
  828. 'boarddir' => addslashes(dirname(__FILE__)),
  829. 'sourcedir' => addslashes(dirname(__FILE__)) . '/Sources',
  830. 'cachedir' => addslashes(dirname(__FILE__)) . '/cache',
  831. 'mbname' => strtr($_POST['mbname'], array('\"' => '"')),
  832. 'language' => substr($_SESSION['installer_temp_lang'], 8, -4),
  833. );
  834. // Must save!
  835. if (!updateSettingsFile($vars) && substr(__FILE__, 1, 2) == ':\\')
  836. {
  837. $incontext['error'] = $txt['error_windows_chmod'];
  838. return false;
  839. }
  840. // Make sure it works.
  841. require(dirname(__FILE__) . '/Settings.php');
  842. // UTF-8 requires a setting to override the language charset.
  843. if ((!empty($databases[$db_type]['utf8_support']) && !empty($databases[$db_type]['utf8_required'])) || (empty($databases[$db_type]['utf8_required']) && !empty($databases[$db_type]['utf8_support']) && isset($_POST['utf8'])))
  844. {
  845. if (!empty($databases[$db_type]['utf8_version_check']) && version_compare($databases[$db_type]['utf8_version'], preg_replace('~\-.+?$~', '', eval($databases[$db_type]['utf8_version_check'])), '>'))
  846. {
  847. $incontext['error'] = sprintf($txt['error_utf8_version'], $databases[$db_type]['utf8_version']);
  848. return false;
  849. }
  850. else
  851. // Set the character set here.
  852. updateSettingsFile(array('db_character_set' => 'utf8'));
  853. }
  854. // Good, skip on.
  855. return true;
  856. }
  857. return false;
  858. }
  859. // Step one: Do the SQL thang.
  860. function DatabasePopulation()
  861. {
  862. global $db_character_set, $txt, $db_connection, $smcFunc, $databases, $modSettings, $db_type, $sourcedir, $db_prefix, $incontext, $db_name, $boardurl;
  863. $incontext['sub_template'] = 'populate_database';
  864. $incontext['page_title'] = $txt['db_populate'];
  865. $incontext['continue'] = 1;
  866. // Already done?
  867. if (isset($_POST['pop_done']))
  868. return true;
  869. // Reload settings.
  870. require(dirname(__FILE__) . '/Settings.php');
  871. load_database();
  872. // Before running any of the queries, let's make sure another version isn't already installed.
  873. $result = $smcFunc['db_query']('', '
  874. SELECT variable, value
  875. FROM {db_prefix}settings',
  876. array(
  877. 'db_error_skip' => true,
  878. )
  879. );
  880. $modSettings = array();
  881. if ($result !== false)
  882. {
  883. while ($row = $smcFunc['db_fetch_assoc']($result))
  884. $modSettings[$row['variable']] = $row['value'];
  885. $smcFunc['db_free_result']($result);
  886. // Do they match? If so, this is just a refresh so charge on!
  887. if (!isset($modSettings['smfVersion']) || $modSettings['smfVersion'] != $GLOBALS['current_smf_version'])
  888. {
  889. $incontext['error'] = $txt['error_versions_do_not_match'];
  890. return false;
  891. }
  892. }
  893. $modSettings['disableQueryCheck'] = true;
  894. // If doing UTF8, select it. PostgreSQL requires passing it as a string...
  895. if (!empty($db_character_set) && $db_character_set == 'utf8' && !empty($databases[$db_type]['utf8_support']))
  896. $smcFunc['db_query']('', '
  897. SET NAMES {'. ($db_type == 'postgresql' ? 'string' : 'raw') . ':utf8}',
  898. array(
  899. 'db_error_skip' => true,
  900. 'utf8' => 'utf8',
  901. )
  902. );
  903. $replaces = array(
  904. '{$db_prefix}' => $db_prefix,
  905. '{$boarddir}' => $smcFunc['db_escape_string'](dirname(__FILE__)),
  906. '{$boardurl}' => $boardurl,
  907. '{$enableCompressedOutput}' => isset($_POST['compress']) ? '1' : '0',
  908. '{$databaseSession_enable}' => isset($_POST['dbsession']) ? '1' : '0',
  909. '{$smf_version}' => $GLOBALS['current_smf_version'],
  910. '{$current_time}' => time(),
  911. '{$sched_task_offset}' => 82800 + mt_rand(0, 86399),
  912. '{$registration_method}' => isset($_POST['reg_mode']) ? $_POST['reg_mode'] : 0,
  913. );
  914. foreach ($txt as $key => $value)
  915. {
  916. if (substr($key, 0, 8) == 'default_')
  917. $replaces['{$' . $key . '}'] = $smcFunc['db_escape_string']($value);
  918. }
  919. $replaces['{$default_reserved_names}'] = strtr($replaces['{$default_reserved_names}'], array('\\\\n' => '\\n'));
  920. // If the UTF-8 setting was enabled, add it to the table definitions.
  921. if (!empty($databases[$db_type]['utf8_support']) && (!empty($databases[$db_type]['utf8_required']) || isset($_POST['utf8'])))
  922. $replaces[') ENGINE=MyISAM;'] = ') ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_general_ci;';
  923. // Read in the SQL. Turn this on and that off... internationalize... etc.
  924. $type = ($db_type == 'mysqli') ? 'mysql' : $db_type;
  925. $sql_lines = explode("\n", strtr(implode(' ', file(dirname(__FILE__) . '/install_' . $GLOBALS['db_script_version'] . '_' . $type . '.sql')), $replaces));
  926. // Execute the SQL.
  927. $current_statement = '';
  928. $exists = array();
  929. $incontext['failures'] = array();
  930. $incontext['sql_results'] = array(
  931. 'tables' => 0,
  932. 'inserts' => 0,
  933. 'table_dups' => 0,
  934. 'insert_dups' => 0,
  935. );
  936. foreach ($sql_lines as $count => $line)
  937. {
  938. // No comments allowed!
  939. if (substr(trim($line), 0, 1) != '#')
  940. $current_statement .= "\n" . rtrim($line);
  941. // Is this the end of the query string?
  942. if (empty($current_statement) || (preg_match('~;[\s]*$~s', $line) == 0 && $count != count($sql_lines)))
  943. continue;
  944. // Does this table already exist? If so, don't insert more data into it!
  945. if (preg_match('~^\s*INSERT INTO ([^\s\n\r]+?)~', $current_statement, $match) != 0 && in_array($match[1], $exists))
  946. {
  947. $incontext['sql_results']['insert_dups']++;
  948. $current_statement = '';
  949. continue;
  950. }
  951. if ($smcFunc['db_query']('', $current_statement, array('security_override' => true, 'db_error_skip' => true), $db_connection) === false)
  952. {
  953. // Use the appropriate function based on the DB type
  954. if ($db_type == 'mysql' || $db_type =='mysqli')
  955. $db_errorno = $db_type . '_errno';
  956. // Error 1050: Table already exists!
  957. // @todo Needs to be made better!
  958. if ((($db_type != 'mysql' && $db_type != 'mysqli') || $db_errorno($db_connection) == 1050) && preg_match('~^\s*CREATE TABLE ([^\s\n\r]+?)~', $current_statement, $match) == 1)
  959. {
  960. $exists[] = $match[1];
  961. $incontext['sql_results']['table_dups']++;
  962. }
  963. // Don't error on duplicate indexes (or duplicate operators in PostgreSQL.)
  964. elseif (!preg_match('~^\s*CREATE( UNIQUE)? INDEX ([^\n\r]+?)~', $current_statement, $match) && !($db_type == 'postgresql' && preg_match('~^\s*CREATE OPERATOR (^\n\r]+?)~', $current_statement, $match)))
  965. {
  966. // MySQLi requires a connection object. It's optional with MySQL, Postgres and sqlite
  967. $incontext['failures'][$count] = $smcFunc['db_error']($db_connection);
  968. }
  969. }
  970. else
  971. {
  972. if (preg_match('~^\s*CREATE TABLE ([^\s\n\r]+?)~', $current_statement, $match) == 1)
  973. $incontext['sql_results']['tables']++;
  974. else
  975. {
  976. preg_match_all('~\)[,;]~', $current_statement, $matches);
  977. if (!empty($matches[0]))
  978. $incontext['sql_results']['inserts'] += count($matches[0]);
  979. else
  980. $incontext['sql_results']['inserts']++;
  981. }
  982. }
  983. $current_statement = '';
  984. }
  985. // Sort out the context for the SQL.
  986. foreach ($incontext['sql_results'] as $key => $number)
  987. {
  988. if ($number == 0)
  989. unset($incontext['sql_results'][$key]);
  990. else
  991. $incontext['sql_results'][$key] = sprintf($txt['db_populate_' . $key], $number);
  992. }
  993. // Make sure UTF will be used globally.
  994. if ((!empty($databases[$db_type]['utf8_support']) && !empty($databases[$db_type]['utf8_required'])) || (empty($databases[$db_type]['utf8_required']) && !empty($databases[$db_type]['utf8_support']) && isset($_POST['utf8'])))
  995. $smcFunc['db_insert']('replace',
  996. $db_prefix . 'settings',
  997. array(
  998. 'variable' => 'string-255', 'value' => 'string-65534',
  999. ),
  1000. array(
  1001. 'global_character_set', 'UTF-8',
  1002. ),
  1003. array('variable')
  1004. );
  1005. // Maybe we can auto-detect better cookie settings?
  1006. preg_match('~^http[s]?://([^\.]+?)([^/]*?)(/.*)?$~', $boardurl, $matches);
  1007. if (!empty($matches))
  1008. {
  1009. // Default = both off.
  1010. $localCookies = false;
  1011. $globalCookies = false;
  1012. // Okay... let's see. Using a subdomain other than www.? (not a perfect check.)
  1013. if ($matches[2] != '' && (strpos(substr($matches[2], 1), '.') === false || in_array($matches[1], array('forum', 'board', 'community', 'forums', 'support', 'chat', 'help', 'talk', 'boards', 'www'))))
  1014. $globalCookies = true;
  1015. // If there's a / in the middle of the path, or it starts with ~... we want local.
  1016. if (isset($matches[3]) && strlen($matches[3]) > 3 && (substr($matches[3], 0, 2) == '/~' || strpos(substr($matches[3], 1), '/') !== false))
  1017. $localCookies = true;
  1018. if ($globalCookies)
  1019. $rows[] = array('globalCookies', '1');
  1020. if ($localCookies)
  1021. $rows[] = array('localCookies', '1');
  1022. if (!empty($rows))
  1023. {
  1024. $smcFunc['db_insert']('replace',
  1025. $db_prefix . 'settings',
  1026. array('variable' => 'string-255', 'value' => 'string-65534'),
  1027. $rows,
  1028. array('variable')
  1029. );
  1030. }
  1031. }
  1032. // Are we allowing stat collection?
  1033. if (isset($_POST['stats']) && strpos($_POST['boardurl'], 'http://localhost') !== 0)
  1034. {
  1035. // Attempt to register the site etc.
  1036. $fp = @fsockopen("www.simplemachines.org", 80, $errno, $errstr);
  1037. if ($fp)
  1038. {
  1039. $out = "GET /smf/stats/register_stats.php?site=" . base64_encode($_POST['boardurl']) . " HTTP/1.1\r\n";
  1040. $out .= "Host: www.simplemachines.org\r\n";
  1041. $out .= "Connection: Close\r\n\r\n";
  1042. fwrite($fp, $out);
  1043. $return_data = '';
  1044. while (!feof($fp))
  1045. $return_data .= fgets($fp, 128);
  1046. fclose($fp);
  1047. // Get the unique site ID.
  1048. preg_match('~SITE-ID:\s(\w{10})~', $return_data, $ID);
  1049. if (!empty($ID[1]))
  1050. $smcFunc['db_insert']('',
  1051. $db_prefix . 'settings',
  1052. array(
  1053. 'variable' => 'string-255', 'value' => 'string-65534',
  1054. ),
  1055. array(
  1056. 'allow_sm_stats', $ID[1],
  1057. ),
  1058. array('variable')
  1059. );
  1060. }
  1061. }
  1062. // As of PHP 5.1, setting a timezone is required.
  1063. if (!isset($modSettings['default_timezone']) && function_exists('date_default_timezone_set'))
  1064. {
  1065. $server_offset = mktime(0, 0, 0, 1, 1, 1970);
  1066. $timezone_id = 'Etc/GMT' . ($server_offset > 0 ? '+' : '') . ($server_offset / 3600);
  1067. if (date_default_timezone_set($timezone_id))
  1068. $smcFunc['db_insert']('',
  1069. $db_prefix . 'settings',
  1070. array(
  1071. 'variable' => 'string-255', 'value' => 'string-65534',
  1072. ),
  1073. array(
  1074. 'default_timezone', $timezone_id,
  1075. ),
  1076. array('variable')
  1077. );
  1078. }
  1079. // Let's optimize those new tables.
  1080. db_extend();
  1081. $tables = $smcFunc['db_list_tables']($db_name, $db_prefix . '%');
  1082. foreach ($tables as $table)
  1083. {
  1084. $smcFunc['db_optimize_table']($table) != -1 or $db_messed = true;
  1085. // Optimizing one sqlite table, optimizes them all
  1086. if ($db_type == 'sqlite' || $db_type == 'sqlite3')
  1087. break;
  1088. if (!empty($db_messed))
  1089. {
  1090. $incontext['failures'][-1] = $smcFunc['db_error']();
  1091. break;
  1092. }
  1093. }
  1094. // Check for the ALTER privilege.
  1095. if (!empty($databases[$db_type]['alter_support']) && $smcFunc['db_query']('', "ALTER TABLE {$db_prefix}boards ORDER BY id_board", array('security_override' => true, 'db_error_skip' => true)) === false)
  1096. {
  1097. $incontext['error'] = $txt['error_db_alter_priv'];
  1098. return false;
  1099. }
  1100. if (!empty($exists))
  1101. {
  1102. $incontext['page_title'] = $txt['user_refresh_install'];
  1103. $incontext['was_refresh'] = true;
  1104. }
  1105. return false;
  1106. }
  1107. // Ask for the administrator login information.
  1108. function AdminAccount()
  1109. {
  1110. global $txt, $db_type, $db_connection, $databases, $smcFunc, $incontext, $db_prefix, $db_passwd, $sourcedir;
  1111. $incontext['sub_template'] = 'admin_account';
  1112. $incontext['page_title'] = $txt['user_settings'];
  1113. $incontext['continue'] = 1;
  1114. // Skipping?
  1115. if (!empty($_POST['skip']))
  1116. return true;
  1117. // Need this to check whether we need the database password.
  1118. require(dirname(__FILE__) . '/Settings.php');
  1119. load_database();
  1120. // Define the sha1 function, if it doesn't exist.
  1121. if (!function_exists('sha1') || version_compare(PHP_VERSION, '5', '<'))
  1122. require_once($sourcedir . '/Subs-Compat.php');
  1123. if (!isset($_POST['username']))
  1124. $_POST['username'] = '';
  1125. if (!isset($_POST['email']))
  1126. $_POST['email'] = '';
  1127. $incontext['username'] = htmlspecialchars(stripslashes($_POST['username']));
  1128. $incontext['email'] = htmlspecialchars(stripslashes($_POST['email']));
  1129. $incontext['require_db_confirm'] = empty($db_type) || ($db_type != 'sqlite' && $db_type != 'sqlite3');
  1130. // Only allow skipping if we think they already have an account setup.
  1131. $request = $smcFunc['db_query']('', '
  1132. SELECT id_member
  1133. FROM {db_prefix}members
  1134. WHERE id_group = {int:admin_group} OR FIND_IN_SET({int:admin_group}, additional_groups) != 0
  1135. LIMIT 1',
  1136. array(
  1137. 'db_error_skip' => true,
  1138. 'admin_group' => 1,
  1139. )
  1140. );
  1141. if ($smcFunc['db_num_rows']($request) != 0)
  1142. $incontext['skip'] = 1;
  1143. $smcFunc['db_free_result']($request);
  1144. // Trying to create an account?
  1145. if (isset($_POST['password1']) && !empty($_POST['contbutt']))
  1146. {
  1147. // Wrong password?
  1148. if ($incontext['require_db_confirm'] && $_POST['password3'] != $db_passwd)
  1149. {
  1150. $incontext['error'] = $txt['error_db_connect'];
  1151. return false;
  1152. }
  1153. // Not matching passwords?
  1154. if ($_POST['password1'] != $_POST['password2'])
  1155. {
  1156. $incontext['error'] = $txt['error_user_settings_again_match'];
  1157. return false;
  1158. }
  1159. // No password?
  1160. if (strlen($_POST['password1']) < 4)
  1161. {
  1162. $incontext['error'] = $txt['error_user_settings_no_password'];
  1163. return false;
  1164. }
  1165. if (!file_exists($sourcedir . '/Subs.php'))
  1166. {
  1167. $incontext['error'] = $txt['error_subs_missing'];
  1168. return false;
  1169. }
  1170. // Update the main contact email?
  1171. if (!empty($_POST['email']) && (empty($webmaster_email) || $webmaster_email == '[email protected]'))
  1172. updateSettingsFile(array('webmaster_email' => $_POST['email']));
  1173. // Work out whether we're going to have dodgy characters and remove them.
  1174. $invalid_characters = preg_match('~[<>&"\'=\\\]~', $_POST['username']) != 0;
  1175. $_POST['username'] = preg_replace('~[<>&"\'=\\\]~', '', $_POST['username']);
  1176. $result = $smcFunc['db_query']('', '
  1177. SELECT id_member, password_salt
  1178. FROM {db_prefix}members
  1179. WHERE member_name = {string:username} OR email_address = {string:email}
  1180. LIMIT 1',
  1181. array(
  1182. 'username' => stripslashes($_POST['username']),
  1183. 'email' => stripslashes($_POST['email']),
  1184. 'db_error_skip' => true,
  1185. )
  1186. );
  1187. if ($smcFunc['db_num_rows']($result) != 0)
  1188. {
  1189. list ($incontext['member_id'], $incontext['member_salt']) = $smcFunc['db_fetch_row']($result);
  1190. $smcFunc['db_free_result']($result);
  1191. $incontext['account_existed'] = $txt['error_user_settings_taken'];
  1192. }
  1193. elseif ($_POST['username'] == '' || strlen($_POST['username']) > 25)
  1194. {
  1195. // Try the previous step again.
  1196. $incontext['error'] = $_POST['username'] == '' ? $txt['error_username_left_empty'] : $txt['error_username_too_long'];
  1197. return false;
  1198. }
  1199. elseif ($invalid_characters || $_POST['username'] == '_' || $_POST['username'] == '|' || strpos($_POST['username'], '[code') !== false || strpos($_POST['username'], '[/code') !== false)
  1200. {
  1201. // Try the previous step again.
  1202. $incontext['error'] = $txt['error_invalid_characters_username'];
  1203. return false;
  1204. }
  1205. elseif (empty($_POST['email']) || preg_match('~^[0-9A-Za-z=_+\-/][0-9A-Za-z=_\'+\-/\.]*@[\w\-]+(\.[\w\-]+)*(\.[\w]{2,6})$~', stripslashes($_POST['email'])) === 0 || strlen(stripslashes($_POST['email'])) > 255)
  1206. {
  1207. // One step back, this time fill out a proper email address.
  1208. $incontext['error'] = sprintf($txt['error_valid_email_needed'], $_POST['username']);
  1209. return false;
  1210. }
  1211. elseif ($_POST['username'] != '')
  1212. {
  1213. $incontext['member_salt'] = substr(md5(mt_rand()), 0, 4);
  1214. // Format the username properly.
  1215. $_POST['username'] = preg_replace('~[\t\n\r\x0B\0\xA0]+~', ' ', $_POST['username']);
  1216. $ip = isset($_SERVER['REMOTE_ADDR']) ? substr($_SERVER['REMOTE_ADDR'], 0, 255) : '';
  1217. $request = $smcFunc['db_insert']('',
  1218. $db_prefix . 'members',
  1219. array(
  1220. 'member_name' => 'string-25', 'real_name' => 'string-25', 'passwd' => 'string', 'email_address' => 'string',
  1221. 'id_group' => 'int', 'posts' => 'int', 'date_registered' => 'int', 'hide_email' => 'int',
  1222. 'password_salt' => 'string', 'lngfile' => 'string', 'personal_text' => 'string', 'avatar' => 'string',
  1223. 'member_ip' => 'string', 'member_ip2' => 'string', 'buddy_list' => 'string', 'pm_ignore_list' => 'string',
  1224. 'website_title' => 'string', 'website_url' => 'string', 'location' => 'string',
  1225. 'aim' => 'string', 'icq' => 'string', 'skype' => 'string', 'signature' => 'string', 'usertitle' => 'string', 'secret_question' => 'string',
  1226. 'additional_groups' => 'string', 'ignore_boards' => 'string', 'openid_uri' => 'string',
  1227. ),
  1228. array(
  1229. stripslashes($_POST['username']), stripslashes($_POST['username']), sha1(strtolower(stripslashes($_POST['username'])) . stripslashes($_POST['password1'])), stripslashes($_POST['email']),
  1230. 1, 0, time(), 0,
  1231. $incontext['member_salt'], '', '', '',
  1232. $ip, $ip, '', '',
  1233. '', '', '',
  1234. '', '', '', '', '', '',
  1235. '', '', '',
  1236. ),
  1237. array('id_member')
  1238. );
  1239. // Awww, crud!
  1240. if ($request === false)
  1241. {
  1242. $incontext['error'] = $txt['error_user_settings_query'] . '<br>
  1243. <div style="margin: 2ex;">' . nl2br(htmlspecialchars($smcFunc['db_error']($db_connection))) . '</div>';
  1244. return false;
  1245. }
  1246. $incontext['member_id'] = $smcFunc['db_insert_id']("{$db_prefix}members", 'id_member');
  1247. }
  1248. // If we're here we're good.
  1249. return true;
  1250. }
  1251. return false;
  1252. }
  1253. // Final step, clean up and a complete message!
  1254. function DeleteInstall()
  1255. {
  1256. global $txt, $db_prefix, $db_connection, $HTTP_SESSION_VARS, $cookiename, $incontext;
  1257. global $smcFunc, $db_character_set, $mbname, $context, $scripturl, $boardurl;
  1258. global $current_smf_version, $databases, $sourcedir, $forum_version, $modSettings, $user_info, $language, $db_type;
  1259. $incontext['page_title'] = $txt['congratulations'];
  1260. $incontext['sub_template'] = 'delete_install';
  1261. $incontext['continue'] = 0;
  1262. require(dirname(__FILE__) . '/Settings.php');
  1263. load_database();
  1264. chdir(dirname(__FILE__));
  1265. require_once($sourcedir . '/Errors.php');
  1266. require_once($sourcedir . '/Logging.php');
  1267. require_once($sourcedir . '/Subs.php');
  1268. require_once($sourcedir . '/Load.php');
  1269. require_once($sourcedir . '/Security.php');
  1270. require_once($sourcedir . '/Subs-Auth.php');
  1271. // Bring a warning over.
  1272. if (!empty($incontext['account_existed']))
  1273. $incontext['warning'] = $incontext['account_existed'];
  1274. if (!empty($db_character_set) && !empty($databases[$db_type]['utf8_support']))
  1275. $smcFunc['db_query']('', '
  1276. SET NAMES {raw:db_character_set}',
  1277. array(
  1278. 'db_character_set' => $db_character_set,
  1279. 'db_error_skip' => true,
  1280. )
  1281. );
  1282. // As track stats is by default enabled let's add some activity.
  1283. $smcFunc['db_insert']('ignore',
  1284. '{db_prefix}log_activity',
  1285. array('date' => 'date', 'topics' => 'int', 'posts' => 'int', 'registers' => 'int'),
  1286. array(strftime('%Y-%m-%d', time()), 1, 1, (!empty($incontext['member_id']) ? 1 : 0)),
  1287. array('date')
  1288. );
  1289. // We're going to want our lovely $modSettings now.
  1290. $request = $smcFunc['db_query']('', '
  1291. SELECT variable, value
  1292. FROM {db_prefix}settings',
  1293. array(
  1294. 'db_error_skip' => true,
  1295. )
  1296. );
  1297. // Only proceed if we can load the data.
  1298. if ($request)
  1299. {
  1300. while ($row = $smcFunc['db_fetch_row']($request))
  1301. $modSettings[$row[0]] = $row[1];
  1302. $smcFunc['db_free_result']($request);
  1303. }
  1304. // Automatically log them in ;)
  1305. if (isset($incontext['member_id']) && isset($incontext['member_salt']))
  1306. setLoginCookie(3153600 * 60, $incontext['member_id'], sha1(sha1(strtolower($_POST['username']) . $_POST['password1']) . $incontext['member_salt']));
  1307. $result = $smcFunc['db_query']('', '
  1308. SELECT value
  1309. FROM {db_prefix}settings
  1310. WHERE variable = {string:db_sessions}',
  1311. array(
  1312. 'db_sessions' => 'databaseSession_enable',
  1313. 'db_error_skip' => true,
  1314. )
  1315. );
  1316. if ($smcFunc['db_num_rows']($result) != 0)
  1317. list ($db_sessions) = $smcFunc['db_fetch_row']($result);
  1318. $smcFunc['db_free_result']($result);
  1319. if (empty($db_sessions))
  1320. $_SESSION['admin_time'] = time();
  1321. else
  1322. {
  1323. $_SERVER['HTTP_USER_AGENT'] = substr($_SERVER['HTTP_USER_AGENT'], 0, 211);
  1324. $smcFunc['db_insert']('replace',
  1325. '{db_prefix}sessions',
  1326. array(
  1327. 'session_id' => 'string', 'last_update' => 'int', 'data' => 'string',
  1328. ),
  1329. array(
  1330. session_id(), time(), 'USER_AGENT|s:' . strlen($_SERVER['HTTP_USER_AGENT']) . ':"' . $_SERVER['HTTP_USER_AGENT'] . '";admin_time|i:' . time() . ';',
  1331. ),
  1332. array('session_id')
  1333. );
  1334. }
  1335. updateStats('member');
  1336. updateStats('message');
  1337. updateStats('topic');
  1338. // This function is needed to do the updateStats('subject') call.
  1339. $smcFunc['strtolower'] = $db_character_set === 'utf8' || $txt['lang_character_set'] === 'UTF-8' ? create_function('$string', '
  1340. return $string;') : 'strtolower';
  1341. $request = $smcFunc['db_query']('', '
  1342. SELECT id_msg
  1343. FROM {db_prefix}messages
  1344. WHERE id_msg = 1
  1345. AND modified_time = 0
  1346. LIMIT 1',
  1347. array(
  1348. 'db_error_skip' => true,
  1349. )
  1350. );
  1351. $context['utf8'] = $db_character_set === 'utf8' || $txt['lang_character_set'] === 'UTF-8';
  1352. if ($smcFunc['db_num_rows']($request) > 0)
  1353. updateStats('subject', 1, htmlspecialchars($txt['default_topic_subject']));
  1354. $smcFunc['db_free_result']($request);
  1355. // Now is the perfect time to fetch the SM files.
  1356. require_once($sourcedir . '/ScheduledTasks.php');
  1357. // Sanity check that they loaded earlier!
  1358. if (isset($modSettings['recycle_board']))
  1359. {
  1360. $forum_version = $current_smf_version; // The variable is usually defined in index.php so lets just use our variable to do it for us.
  1361. scheduled_fetchSMfiles(); // Now go get those files!
  1362. // We've just installed!
  1363. $user_info['ip'] = $_SERVER['REMOTE_ADDR'];
  1364. $user_info['id'] = isset($incontext['member_id']) ? $incontext['member_id'] : 0;
  1365. logAction('install', array('version' => $forum_version), 'admin');
  1366. }
  1367. // Check if we need some stupid MySQL fix.
  1368. $server_version = $smcFunc['db_server_info']();
  1369. if (($db_type == 'mysql' || $db_type == 'mysqli') && in_array(substr($server_version, 0, 6), array('5.0.50', '5.0.51')))
  1370. updateSettings(array('db_mysql_group_by_fix' => '1'));
  1371. // Some final context for the template.
  1372. $incontext['dir_still_writable'] = is_writable(dirname(__FILE__)) && substr(__FILE__, 1, 2) != ':\\';
  1373. $incontext['probably_delete_install'] = isset($_SESSION['installer_temp_ftp']) || is_writable(dirname(__FILE__)) || is_writable(__FILE__);
  1374. return false;
  1375. }
  1376. // http://www.faqs.org/rfcs/rfc959.html
  1377. class ftp_connection
  1378. {
  1379. var $connection = 'no_connection', $error = false, $last_message, $pasv = array();
  1380. // Create a new FTP connection...
  1381. function ftp_connection($ftp_server, $ftp_port = 21, $ftp_user = 'anonymous', $ftp_pass = '[email protected]')
  1382. {
  1383. if ($ftp_server !== null)
  1384. $this->connect($ftp_server, $ftp_port, $ftp_user, $ftp_pass);
  1385. }
  1386. function connect($ftp_server, $ftp_port = 21, $ftp_user = 'anonymous', $ftp_pass = '[email protected]')
  1387. {
  1388. if (substr($ftp_server, 0, 6) == 'ftp://')
  1389. $ftp_server = substr($ftp_server, 6);
  1390. elseif (substr($ftp_server, 0, 7) == 'ftps://')
  1391. $ftp_server = 'ssl://' . substr($ftp_server, 7);
  1392. if (substr($ftp_server, 0, 7) == 'http://')
  1393. $ftp_server = substr($ftp_server, 7);
  1394. $ftp_server = strtr($ftp_server, array('/' => '', ':' => '', '@' => ''));
  1395. // Connect to the FTP server.
  1396. $this->connection = @fsockopen($ftp_server, $ftp_port, $err, $err, 5);
  1397. if (!$this->connection)
  1398. {
  1399. $this->error = 'bad_server';
  1400. return;
  1401. }
  1402. // Get the welcome message...
  1403. if (!$this->check_response(220))
  1404. {
  1405. $this->error = 'bad_response';
  1406. return;
  1407. }
  1408. // Send the username, it should ask for a password.
  1409. fwrite($this->connection, 'USER ' . $ftp_user . "\r\n");
  1410. if (!$this->check_response(331))
  1411. {
  1412. $this->error = 'bad_username';
  1413. return;
  1414. }
  1415. // Now send the password... and hope it goes okay.
  1416. fwrite($this->connection, 'PASS ' . $ftp_pass . "\r\n");
  1417. if (!$this->check_response(230))
  1418. {
  1419. $this->error = 'bad_password';
  1420. return;
  1421. }
  1422. }
  1423. function chdir($ftp_path)
  1424. {
  1425. if (!is_resource($this->connection))
  1426. return false;
  1427. // No slash on the end, please...
  1428. if (substr($ftp_path, -1) == '/')
  1429. $ftp_path = substr($ftp_path, 0, -1);
  1430. fwrite($this->connection, 'CWD ' . $ftp_path . "\r\n");
  1431. if (!$this->check_response(250))
  1432. {
  1433. $this->error = 'bad_path';
  1434. return false;
  1435. }
  1436. return true;
  1437. }
  1438. function chmod($ftp_file, $chmod)
  1439. {
  1440. if (!is_resource($this->connection))
  1441. return false;
  1442. // Convert the chmod value from octal (0777) to text ("777")
  1443. fwrite($this->connection, 'SITE CHMOD ' . decoct($chmod) . ' ' . $ftp_file . "\r\n");
  1444. if (!$this->check_response(200))
  1445. {
  1446. $this->error = 'bad_file';
  1447. return false;
  1448. }
  1449. return true;
  1450. }
  1451. function unlink($ftp_file)
  1452. {
  1453. // We are actually connected, right?
  1454. if (!is_resource($this->connection))
  1455. return false;
  1456. // Delete file X.
  1457. fwrite($this->connection, 'DELE ' . $ftp_file . "\r\n");
  1458. if (!$this->check_response(250))
  1459. {
  1460. fwrite($this->connection, 'RMD ' . $ftp_file . "\r\n");
  1461. // Still no love?
  1462. if (!$this->check_response(250))
  1463. {
  1464. $this->error = 'bad_file';
  1465. return false;
  1466. }
  1467. }
  1468. return true;
  1469. }
  1470. function check_response($desired)
  1471. {
  1472. // Wait for a response that isn't continued with -, but don't wait too long.
  1473. $time = time();
  1474. do
  1475. $this->last_message = fgets($this->connection, 1024);
  1476. while (substr($this->last_message, 3, 1) != ' ' && time() - $time < 5);
  1477. // Was the desired response returned?
  1478. return is_array($desired) ? in_array(substr($this->last_message, 0, 3), $desired) : substr($this->last_message, 0, 3) == $desired;
  1479. }
  1480. function passive()
  1481. {
  1482. // We can't create a passive data connection without a primary one first being there.
  1483. if (!is_resource($this->connection))
  1484. return false;
  1485. // Request a passive connection - this means, we'll talk to you, you don't talk to us.
  1486. @fwrite($this->connection, "PASV\r\n");
  1487. $time = time();
  1488. do
  1489. $response = fgets($this->connection, 1024);
  1490. while (substr($response, 3, 1) != ' ' && time() - $time < 5);
  1491. // If it's not 227, we weren't given an IP and port, which means it failed.
  1492. if (substr($response, 0, 4) != '227 ')
  1493. {
  1494. $this->error = 'bad_response';
  1495. return false;
  1496. }
  1497. // Snatch the IP and port information, or die horribly trying...
  1498. if (preg_match('~\((\d+),\s*(\d+),\s*(\d+),\s*(\d+),\s*(\d+)(?:,\s*(\d+))\)~', $response, $match) == 0)
  1499. {
  1500. $this->error = 'bad_response';
  1501. return false;
  1502. }
  1503. // This is pretty simple - store it for later use ;)
  1504. $this->pasv = array('ip' => $match[1] . '.' . $match[2] . '.' . $match[3] . '.' . $match[4], 'port' => $match[5] * 256 + $match[6]);
  1505. return true;
  1506. }
  1507. function create_file($ftp_file)
  1508. {
  1509. // First, we have to be connected... very important.
  1510. if (!is_resource($this->connection))
  1511. return false;
  1512. // I'd like one passive mode, please!
  1513. if (!$this->passive())
  1514. return false;
  1515. // Seems logical enough, so far...
  1516. fwrite($this->connection, 'STOR ' . $ftp_file . "\r\n");
  1517. // Okay, now we connect to the data port. If it doesn't work out, it's probably "file already exists", etc.
  1518. $fp = @fsockopen($this->pasv['ip'], $this->pasv['port'], $err, $err, 5);
  1519. if (!$fp || !$this->check_response(150))
  1520. {
  1521. $this->error = 'bad_file';
  1522. @fclose($fp);
  1523. return false;
  1524. }
  1525. // This may look strange, but we're just closing it to indicate a zero-byte upload.
  1526. fclose($fp);
  1527. if (!$this->check_response(226))
  1528. {
  1529. $this->error = 'bad_response';
  1530. return false;
  1531. }
  1532. return true;
  1533. }
  1534. function list_dir($ftp_path = '', $search = false)
  1535. {
  1536. // Are we even connected...?
  1537. if (!is_resource($this->connection))
  1538. return false;
  1539. // Passive... non-agressive...
  1540. if (!$this->passive())
  1541. return false;
  1542. // Get the listing!
  1543. fwrite($this->connection, 'LIST -1' . ($search ? 'R' : '') . ($ftp_path == '' ? '' : ' ' . $ftp_path) . "\r\n");
  1544. // Connect, assuming we've got a connection.
  1545. $fp = @fsockopen($this->pasv['ip'], $this->pasv['port'], $err, $err, 5);
  1546. if (!$fp || !$this->check_response(array(150, 125)))
  1547. {
  1548. $this->error = 'bad_response';
  1549. @fclose($fp);
  1550. return false;
  1551. }
  1552. // Read in the file listing.
  1553. $data = '';
  1554. while (!feof($fp))
  1555. $data .= fread($fp, 4096);
  1556. fclose($fp);
  1557. // Everything go okay?
  1558. if (!$this->check_response(226))
  1559. {
  1560. $this->error = 'bad_response';
  1561. return false;
  1562. }
  1563. return $data;
  1564. }
  1565. function locate($file, $listing = null)
  1566. {
  1567. if ($listing === null)
  1568. $listing = $this->list_dir('', true);
  1569. $listing = explode("\n", $listing);
  1570. @fwrite($this->connection, "PWD\r\n");
  1571. $time = time();
  1572. do
  1573. $response = fgets($this->connection, 1024);
  1574. while (substr($response, 3, 1) != ' ' && time() - $time < 5);
  1575. // Check for 257!
  1576. if (preg_match('~^257 "(.+?)" ~', $response, $match) != 0)
  1577. $current_dir = strtr($match[1], array('""' => '"'));
  1578. else
  1579. $current_dir = '';
  1580. for ($i = 0, $n = count($listing); $i < $n; $i++)
  1581. {
  1582. if (trim($listing[$i]) == '' && isset($listing[$i + 1]))
  1583. {
  1584. $current_dir = substr(trim($listing[++$i]), 0, -1);
  1585. $i++;
  1586. }
  1587. // Okay, this file's name is:
  1588. $listing[$i] = $current_dir . '/' . trim(strlen($listing[$i]) > 30 ? strrchr($listing[$i], ' ') : $listing[$i]);
  1589. if (substr($file, 0, 1) == '*' && substr($listing[$i], -(strlen($file) - 1)) == substr($file, 1))
  1590. return $listing[$i];
  1591. if (substr($file, -1) == '*' && substr($listing[$i], 0, strlen($file) - 1) == substr($file, 0, -1))
  1592. return $listing[$i];
  1593. if (basename($listing[$i]) == $file || $listing[$i] == $file)
  1594. return $listing[$i];
  1595. }
  1596. return false;
  1597. }
  1598. function create_dir($ftp_dir)
  1599. {
  1600. // We must be connected to the server to do something.
  1601. if (!is_resource($this->connection))
  1602. return false;
  1603. // Make this new beautiful directory!
  1604. fwrite($this->connection, 'MKD ' . $ftp_dir . "\r\n");
  1605. if (!$this->check_response(257))
  1606. {
  1607. $this->error = 'bad_file';
  1608. return false;
  1609. }
  1610. return true;
  1611. }
  1612. function detect_path($filesystem_path, $lookup_file = null)
  1613. {
  1614. $username = '';
  1615. if (isset($_SERVER['DOCUMENT_ROOT']))
  1616. {
  1617. if (preg_match('~^/home[2]?/([^/]+?)/public_html~', $_SERVER['DOCUMENT_ROOT'], $match))
  1618. {
  1619. $username = $match[1];
  1620. $path = strtr($_SERVER['DOCUMENT_ROOT'], array('/home/' . $match[1] . '/' => '', '/home2/' . $match[1] . '/' => ''));
  1621. if (substr($path, -1) == '/')
  1622. $path = substr($path, 0, -1);
  1623. if (strlen(dirname($_SERVER['PHP_SELF'])) > 1)
  1624. $path .= dirname($_SERVER['PHP_SELF']);
  1625. }
  1626. elseif (substr($filesystem_path, 0, 9) == '/var/www/')
  1627. $path = substr($filesystem_path, 8);
  1628. else
  1629. $path = strtr(strtr($filesystem_path, array('\\' => '/')), array($_SERVER['DOCUMENT_ROOT'] => ''));
  1630. }
  1631. else
  1632. $path = '';
  1633. if (is_resource($this->connection) && $this->list_dir($path) == '')
  1634. {
  1635. $data = $this->list_dir('', true);
  1636. if ($lookup_file === null)
  1637. $lookup_file = $_SERVER['PHP_SELF'];
  1638. $found_path = dirname($this->locate('*' . basename(dirname($lookup_file)) . '/' . basename($lookup_file), $data));
  1639. if ($found_path == false)
  1640. $found_path = dirname($this->locate(basename($lookup_file)));
  1641. if ($found_path != false)
  1642. $path = $found_path;
  1643. }
  1644. elseif (is_resource($this->connection))
  1645. $found_path = true;
  1646. return array($username, $path, isset($found_path));
  1647. }
  1648. function close()
  1649. {
  1650. // Goodbye!
  1651. fwrite($this->connection, "QUIT\r\n");
  1652. fclose($this->connection);
  1653. return true;
  1654. }
  1655. }
  1656. function updateSettingsFile($vars)
  1657. {
  1658. // Modify Settings.php.
  1659. $settingsArray = file(dirname(__FILE__) . '/Settings.php');
  1660. // @todo Do we just want to read the file in clean, and split it this way always?
  1661. if (count($settingsArray) == 1)
  1662. $settingsArray = preg_split('~[\r\n]~', $settingsArray[0]);
  1663. for ($i = 0, $n = count($settingsArray); $i < $n; $i++)
  1664. {
  1665. // Remove the redirect...
  1666. if (trim($settingsArray[$i]) == 'if (file_exists(dirname(__FILE__) . \'/install.php\'))' && trim($settingsArray[$i + 1]) == '{' && trim($settingsArray[$i + 3]) == '}')
  1667. {
  1668. // Get the four lines to nothing.
  1669. $settingsArray[$i] = '';
  1670. $settingsArray[++$i] = '';
  1671. $settingsArray[++$i] = '';
  1672. $settingsArray[++$i] = '';
  1673. continue;
  1674. }
  1675. if (trim($settingsArray[$i]) == '?' . '>')
  1676. $settingsArray[$i] = '';
  1677. // Don't trim or bother with it if it's not a variable.
  1678. if (substr($settingsArray[$i], 0, 1) != '$')
  1679. continue;
  1680. $settingsArray[$i] = rtrim($settingsArray[$i]) . "\n";
  1681. foreach ($vars as $var => $val)
  1682. if (strncasecmp($settingsArray[$i], '$' . $var, 1 + strlen($var)) == 0)
  1683. {
  1684. $comment = strstr($settingsArray[$i], '#');
  1685. $settingsArray[$i] = '$' . $var . ' = \'' . $val . '\';' . ($comment != '' ? "\t\t" . $comment : "\n");
  1686. unset($vars[$var]);
  1687. }
  1688. }
  1689. // Uh oh... the file wasn't empty... was it?
  1690. if (!empty($vars))
  1691. {
  1692. $settingsArray[$i++] = '';
  1693. foreach ($vars as $var => $val)
  1694. $settingsArray[$i++] = '$' . $var . ' = \'' . $val . '\';' . "\n";
  1695. }
  1696. // Blank out the file - done to fix a oddity with some servers.
  1697. $fp = @fopen(dirname(__FILE__) . '/Settings.php', 'w');
  1698. if (!$fp)
  1699. return false;
  1700. fclose($fp);
  1701. $fp = fopen(dirname(__FILE__) . '/Settings.php', 'r+');
  1702. // Gotta have one of these ;)
  1703. if (trim($settingsArray[0]) != '<?php')
  1704. fwrite($fp, "<?php\n");
  1705. $lines = count($settingsArray);
  1706. for ($i = 0; $i < $lines - 1; $i++)
  1707. {
  1708. // Don't just write a bunch of blank lines.
  1709. if ($settingsArray[$i] != '' || @$settingsArray[$i - 1] != '')
  1710. fwrite($fp, strtr($settingsArray[$i], "\r", ''));
  1711. }
  1712. fwrite($fp, $settingsArray[$i] . '?' . '>');
  1713. fclose($fp);
  1714. return true;
  1715. }
  1716. function updateDbLastError()
  1717. {
  1718. // Write out the db_last_error file with the error timestamp
  1719. file_put_contents(dirname(__FILE__) . '/db_last_error.php', '<' . '?' . "php\n" . '$db_last_error = 0;' . "\n" . '?' . '>');
  1720. return true;
  1721. }
  1722. // Create an .htaccess file to prevent mod_security. SMF has filtering built-in.
  1723. function fixModSecurity()
  1724. {
  1725. $htaccess_addition = '
  1726. <IfModule mod_security.c>
  1727. # Turn off mod_security filtering. SMF is a big boy, it doesn\'t need its hands held.
  1728. SecFilterEngine Off
  1729. # The below probably isn\'t needed, but better safe than sorry.
  1730. SecFilterScanPOST Off
  1731. </IfModule>';
  1732. if (!function_exists('apache_get_modules') || !in_array('mod_security', apache_get_modules()))
  1733. return true;
  1734. elseif (file_exists(dirname(__FILE__) . '/.htaccess') && is_writable(dirname(__FILE__) . '/.htaccess'))
  1735. {
  1736. $current_htaccess = implode('', file(dirname(__FILE__) . '/.htaccess'));
  1737. // Only change something if mod_security hasn't been addressed yet.
  1738. if (strpos($current_htaccess, '<IfModule mod_security.c>') === false)
  1739. {
  1740. if ($ht_handle = fopen(dirname(__FILE__) . '/.htaccess', 'a'))
  1741. {
  1742. fwrite($ht_handle, $htaccess_addition);
  1743. fclose($ht_handle);
  1744. return true;
  1745. }
  1746. else
  1747. return false;
  1748. }
  1749. else
  1750. return true;
  1751. }
  1752. elseif (file_exists(dirname(__FILE__) . '/.htaccess'))
  1753. return strpos(implode('', file(dirname(__FILE__) . '/.htaccess')), '<IfModule mod_security.c>') !== false;
  1754. elseif (is_writable(dirname(__FILE__)))
  1755. {
  1756. if ($ht_handle = fopen(dirname(__FILE__) . '/.htaccess', 'w'))
  1757. {
  1758. fwrite($ht_handle, $htaccess_addition);
  1759. fclose($ht_handle);
  1760. return true;
  1761. }
  1762. else
  1763. return false;
  1764. }
  1765. else
  1766. return false;
  1767. }
  1768. function template_install_above()
  1769. {
  1770. global $incontext, $txt, $smfsite, $installurl;
  1771. echo '<!DOCTYPE html>
  1772. <html', !empty($txt['lang_rtl']) ? ' dir="rtl"' : '', '>
  1773. <head>
  1774. <meta http-equiv="Content-Type" content="text/html; charset=', isset($txt['lang_character_set']) ? $txt['lang_character_set'] : 'ISO-8859-1', '">
  1775. <meta name="robots" content="noindex">
  1776. <title>', $txt['smf_installer'], '</title>
  1777. <link rel="stylesheet" type="text/css" href="Themes/default/css/index.css?alp21">
  1778. <link rel="stylesheet" type="text/css" href="Themes/default/css/install.css?alp21">
  1779. <script src="Themes/default/scripts/script.js"></script>
  1780. </head>
  1781. <body>
  1782. <div id="header">
  1783. <div class="frame">
  1784. <h1 class="forumtitle">', $txt['smf_installer'], '</h1>
  1785. <img id="smflogo" src="Themes/default/images/smflogo.png" alt="Simple Machines Forum" title="Simple Machines Forum">
  1786. </div>
  1787. <div id="wrapper">
  1788. <div id="upper_section">
  1789. <div id="inner_section">
  1790. <div id="inner_wrap">';
  1791. // Have we got a language drop down - if so do it on the first step only.
  1792. if (!empty($incontext['detected_languages']) && count($incontext['detected_languages']) > 1 && $incontext['current_step'] == 0)
  1793. {
  1794. echo '
  1795. <div class="news">
  1796. <form action="', $installurl, '" method="get">
  1797. <label for="installer_language">', $txt['installer_language'], ':</label>
  1798. <select id="installer_language" name="lang_file" onchange="location.href = \'', $installurl, '?lang_file=\' + this.options[this.selectedIndex].value;">';
  1799. foreach ($incontext['detected_languages'] as $lang => $name)
  1800. echo '
  1801. <option', isset($_SESSION['installer_temp_lang']) && $_SESSION['installer_temp_lang'] == $lang ? ' selected' : '', ' value="', $lang, '">', $name, '</option>';
  1802. echo '
  1803. </select>
  1804. <noscript><input type="submit" value="', $txt['installer_language_set'], '" class="button_submit" /></noscript>
  1805. </form>
  1806. </div>
  1807. <hr class="clear" />';
  1808. }
  1809. echo '
  1810. </div>
  1811. </div>
  1812. </div>
  1813. <div id="content_section">
  1814. <div id="main_content_section">
  1815. <div id="main_steps">
  1816. <h2>', $txt['upgrade_progress'], '</h2>
  1817. <ul>';
  1818. foreach ($incontext['steps'] as $num => $step)
  1819. echo '
  1820. <li class="', $num < $incontext['current_step'] ? 'stepdone' : ($num == $incontext['current_step'] ? 'stepcurrent' : 'stepwaiting'), '">', $txt['upgrade_step'], ' ', $step[0], ': ', $step[1], '</li>';
  1821. echo '
  1822. </ul>
  1823. </div>
  1824. <div id="progress_bar">
  1825. <div id="overall_text">', $incontext['overall_percent'], '%</div>
  1826. <div id="overall_progress" style="width: ', $incontext['overall_percent'], '%;">&nbsp;</div>
  1827. <div class="overall_progress">', $txt['upgrade_overall_progress'], '</div>
  1828. </div>
  1829. <div id="main_screen" class="clear">
  1830. <h2>', $incontext['page_title'], '</h2>
  1831. <div class="panel">';
  1832. }
  1833. function template_install_below()
  1834. {
  1835. global $incontext, $txt;
  1836. if (!empty($incontext['continue']) || !empty($incontext['skip']))
  1837. {
  1838. echo '
  1839. <div>';
  1840. if (!empty($incontext['continue']))
  1841. echo '
  1842. <input type="submit" id="contbutt" name="contbutt" value="', $txt['upgrade_continue'], '" onclick="return submitThisOnce(this);" class="button_submit" />';
  1843. if (!empty($incontext['skip']))
  1844. echo '
  1845. <input type="submit" id="skip" name="skip" value="', $txt['upgrade_skip'], '" onclick="return submitThisOnce(this);" class="button_submit" />';
  1846. echo '
  1847. </div>';
  1848. }
  1849. // Show the closing form tag and other data only if not in the last step
  1850. if (count($incontext['steps']) - 1 !== (int) $incontext['current_step'])
  1851. echo '
  1852. </form>';
  1853. echo '
  1854. </div>
  1855. </div>
  1856. </div>
  1857. </div>
  1858. </div>
  1859. <div id="footer_section">
  1860. <div class="frame">
  1861. <ul class="reset">
  1862. <li class="copyright"><a href="http://www.simplemachines.org/" title="Simple Machines Forum" target="_blank" class="new_win">SMF &copy; 2014, Simple Machines</a></li>
  1863. </ul>
  1864. </div>
  1865. </div>
  1866. </body>
  1867. </html>';
  1868. }
  1869. // Welcome them to the wonderful world of SMF!
  1870. function template_welcome_message()
  1871. {
  1872. global $incontext, $installurl, $txt;
  1873. echo '
  1874. <script src="http://www.simplemachines.org/smf/current-version.js?version=' . $GLOBALS['current_smf_version'] . '"></script>
  1875. <form action="', $incontext['form_url'], '" method="post">
  1876. <p>', sprintf($txt['install_welcome_desc'], $GLOBALS['current_smf_version']), '</p>
  1877. <div id="version_warning" style="margin: 2ex; padding: 2ex; border: 2px dashed #a92174; color: black; background-color: #fbbbe2; display: none;">
  1878. <div style="float: left; width: 2ex; font-size: 2em; color: red;">!!</div>
  1879. <strong style="text-decoration: underline;">', $txt['error_warning_notice'], '</strong><br />
  1880. <div style="padding-left: 6ex;">
  1881. ', sprintf($txt['error_script_outdated'], '<em id="smfVersion" style="white-space: nowrap;">??</em>', '<em id="yourVersion" style="white-space: nowrap;">' . $GLOBALS['current_smf_version'] . '</em>'), '
  1882. </div>
  1883. </div>';
  1884. // Show the warnings, or not.
  1885. if (template_warning_divs())
  1886. echo '
  1887. <h3>', $txt['install_all_lovely'], '</h3>';
  1888. // Say we want the continue button!
  1889. if (empty($incontext['error']))
  1890. $incontext['continue'] = 1;
  1891. // For the latest version stuff.
  1892. echo '
  1893. <script><!-- // --><![CDATA[
  1894. // Latest version?
  1895. function smfCurrentVersion()
  1896. {
  1897. var smfVer, yourVer;
  1898. if (!(\'smfVersion\' in window))
  1899. return;
  1900. window.smfVersion = window.smfVersion.replace(/SMF\s?/g, \'\');
  1901. smfVer = document.getElementById("smfVersion");
  1902. yourVer = document.getElementById("yourVersion");
  1903. setInnerHTML(smfVer, window.smfVersion);
  1904. var currentVersion = getInnerHTML(yourVer);
  1905. if (currentVersion < window.smfVersion)
  1906. document.getElementById(\'version_warning\').style.display = \'\';
  1907. }
  1908. addLoadEvent(smfCurrentVersion);
  1909. // ]]></script>';
  1910. }
  1911. // A shortcut for any warning stuff.
  1912. function template_warning_divs()
  1913. {
  1914. global $txt, $incontext;
  1915. // Errors are very serious..
  1916. if (!empty($incontext['error']))
  1917. echo '
  1918. <div style="margin: 2ex; padding: 2ex; border: 2px dashed #cc3344; color: black; background-color: #ffe4e9;">
  1919. <div style="float: left; width: 2ex; font-size: 2em; color: red;">!!</div>
  1920. <strong style="text-decoration: underline;">', $txt['upgrade_critical_error'], '</strong><br />
  1921. <div style="padding-left: 6ex;">
  1922. ', $incontext['error'], '
  1923. </div>
  1924. </div>';
  1925. // A warning message?
  1926. elseif (!empty($incontext['warning']))
  1927. echo '
  1928. <div style="margin: 2ex; padding: 2ex; border: 2px dashed #cc3344; color: black; background-color: #ffe4e9;">
  1929. <div style="float: left; width: 2ex; font-size: 2em; color: red;">!!</div>
  1930. <strong style="text-decoration: underline;">', $txt['upgrade_warning'], '</strong><br />
  1931. <div style="padding-left: 6ex;">
  1932. ', $incontext['warning'], '
  1933. </div>
  1934. </div>';
  1935. return empty($incontext['error']) && empty($incontext['warning']);
  1936. }
  1937. function template_chmod_files()
  1938. {
  1939. global $txt, $incontext;
  1940. echo '
  1941. <p>', $txt['ftp_setup_why_info'], '</p>
  1942. <ul style="margin: 2.5ex; font-family: monospace;">
  1943. <li>', implode('</li>
  1944. <li>', $incontext['failed_files']), '</li>
  1945. </ul>';
  1946. // This is serious!
  1947. if (!template_warning_divs())
  1948. return;
  1949. echo '
  1950. <hr />
  1951. <p>', $txt['ftp_setup_info'], '</p>';
  1952. if (!empty($incontext['ftp_errors']))
  1953. echo '
  1954. <div class="error_message">
  1955. <div style="color: red;">
  1956. ', $txt['error_ftp_no_connect'], '<br />
  1957. <br />
  1958. <code>', implode('<br />', $incontext['ftp_errors']), '</code>
  1959. </div>
  1960. </div>
  1961. <br />';
  1962. echo '
  1963. <form action="', $incontext['form_url'], '" method="post">
  1964. <table width="520" cellspacing="0" cellpadding="0" border="0" align="center" style="margin: 1em 0;">
  1965. <tr>
  1966. <td width="26%" valign="top" class="textbox"><label for="ftp_server">', $txt['ftp_server'], ':</label></td>
  1967. <td>
  1968. <div style="float: ', empty($txt['lang_rtl']) ? 'right' : 'left', '; margin-', empty($txt['lang_rtl']) ? 'right' : 'left', ': 1px;"><label for="ftp_port" class="textbox"><strong>', $txt['ftp_port'], ':&nbsp;</strong></label> <input type="text" size="3" name="ftp_port" id="ftp_port" value="', $incontext['ftp']['port'], '" class="input_text" /></div>
  1969. <input type="text" size="30" name="ftp_server" id="ftp_server" value="', $incontext['ftp']['server'], '" style="width: 70%;" class="input_text" />
  1970. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['ftp_server_info'], '</div>
  1971. </td>
  1972. </tr><tr>
  1973. <td width="26%" valign="top" class="textbox"><label for="ftp_username">', $txt['ftp_username'], ':</label></td>
  1974. <td>
  1975. <input type="text" size="50" name="ftp_username" id="ftp_username" value="', $incontext['ftp']['username'], '" style="width: 99%;" class="input_text" />
  1976. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['ftp_username_info'], '</div>
  1977. </td>
  1978. </tr><tr>
  1979. <td width="26%" valign="top" class="textbox"><label for="ftp_password">', $txt['ftp_password'], ':</label></td>
  1980. <td>
  1981. <input type="password" size="50" name="ftp_password" id="ftp_password" style="width: 99%;" class="input_password" />
  1982. <div style="font-size: smaller; margin-bottom: 3ex;">', $txt['ftp_password_info'], '</div>
  1983. </td>
  1984. </tr><tr>
  1985. <td width="26%" valign="top" class="textbox"><label for="ftp_path">', $txt['ftp_path'], ':</label></td>
  1986. <td style="padding-bottom: 1ex;">
  1987. <input type="text" size="50" name="ftp_path" id="ftp_path" value="', $incontext['ftp']['path'], '" style="width: 99%;" class="input_text" />
  1988. <div style="font-size: smaller; margin-bottom: 2ex;">', $incontext['ftp']['path_msg'], '</div>
  1989. </td>
  1990. </tr>
  1991. </table>
  1992. <div style="margin: 1ex; margin-top: 1ex; text-align: ', empty($txt['lang_rtl']) ? 'right' : 'left', ';"><input type="submit" value="', $txt['ftp_connect'], '" onclick="return submitThisOnce(this);" class="button_submit" /></div>
  1993. </form>
  1994. <a href="', $incontext['form_url'], '">', $txt['error_message_click'], '</a> ', $txt['ftp_setup_again'];
  1995. }
  1996. // Get the database settings prepared.
  1997. function template_database_settings()
  1998. {
  1999. global $incontext, $installurl, $txt;
  2000. echo '
  2001. <form action="', $incontext['form_url'], '" method="post">
  2002. <p>', $txt['db_settings_info'], '</p>';
  2003. template_warning_divs();
  2004. echo '
  2005. <table width="100%" cellpadding="0" cellspacing="0" border="0" style="margin: 1em 0;">';
  2006. // More than one database type?
  2007. if (count($incontext['supported_databases']) > 1)
  2008. {
  2009. echo '
  2010. <tr>
  2011. <td width="20%" valign="top" class="textbox"><label for="db_type_input">', $txt['db_settings_type'], ':</label></td>
  2012. <td>
  2013. <select name="db_type" id="db_type_input" onchange="toggleDBInput();">';
  2014. foreach ($incontext['supported_databases'] as $key => $db)
  2015. echo '
  2016. <option value="', $key, '"', isset($_POST['db_type']) && $_POST['db_type'] == $key ? ' selected' : '', '>', $db['name'], '</option>';
  2017. echo '
  2018. </select><div id="db_sqlite_warning" style="color: blue; display: none;" class="smalltext">', $txt['db_sqlite_warning'], '</div>
  2019. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['db_settings_type_info'], '</div>
  2020. </td>
  2021. </tr>';
  2022. }
  2023. else
  2024. {
  2025. echo '
  2026. <tr style="display: none;">
  2027. <td>
  2028. <input type="hidden" name="db_type" value="', $incontext['db']['type'], '" />
  2029. </td>
  2030. </tr>';
  2031. }
  2032. echo '
  2033. <tr id="db_server_contain">
  2034. <td width="20%" valign="top" class="textbox"><label for="db_server_input">', $txt['db_settings_server'], ':</label></td>
  2035. <td>
  2036. <input type="text" name="db_server" id="db_server_input" value="', $incontext['db']['server'], '" size="30" class="input_text" /><br />
  2037. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['db_settings_server_info'], '</div>
  2038. </td>
  2039. </tr><tr id="db_user_contain">
  2040. <td valign="top" class="textbox"><label for="db_user_input">', $txt['db_settings_username'], ':</label></td>
  2041. <td>
  2042. <input type="text" name="db_user" id="db_user_input" value="', $incontext['db']['user'], '" size="30" class="input_text" /><br />
  2043. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['db_settings_username_info'], '</div>
  2044. </td>
  2045. </tr><tr id="db_passwd_contain">
  2046. <td valign="top" class="textbox"><label for="db_passwd_input">', $txt['db_settings_password'], ':</label></td>
  2047. <td>
  2048. <input type="password" name="db_passwd" id="db_passwd_input" value="', $incontext['db']['pass'], '" size="30" class="input_password" /><br />
  2049. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['db_settings_password_info'], '</div>
  2050. </td>
  2051. </tr><tr id="db_name_contain">
  2052. <td valign="top" class="textbox"><label for="db_name_input">', $txt['db_settings_database'], ':</label></td>
  2053. <td>
  2054. <input type="text" name="db_name" id="db_name_input" value="', empty($incontext['db']['name']) ? 'smf' : $incontext['db']['name'], '" size="30" class="input_text" /><br />
  2055. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['db_settings_database_info'], '
  2056. <span id="db_name_info_warning">', $txt['db_settings_database_info_note'], '</span></div>
  2057. </td>
  2058. </tr><tr id="db_filename_contain" style="display: none;">
  2059. <td valign="top" class="textbox"><label for="db_filename_input">', $txt['db_settings_database_file'], ':</label></td>
  2060. <td>
  2061. <input type="text" name="db_filename" id="db_filename_input" value="', empty($incontext['db']['name']) ? dirname(__FILE__) . '/smf_' . substr(md5(microtime()), 0, 10) : stripslashes($incontext['db']['name']), '" size="30" class="input_text" /><br />
  2062. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['db_settings_database_file_info'], '</div>
  2063. </td>
  2064. </tr><tr>
  2065. <td valign="top" class="textbox"><label for="db_prefix_input">', $txt['db_settings_prefix'], ':</label></td>
  2066. <td>
  2067. <input type="text" name="db_prefix" id="db_prefix_input" value="', $incontext['db']['prefix'], '" size="30" class="input_text" /><br />
  2068. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['db_settings_prefix_info'], '</div>
  2069. </td>
  2070. </tr>
  2071. </table>';
  2072. // Allow the toggling of input boxes for SQLite etc.
  2073. echo '
  2074. <script><!-- // --><![CDATA[
  2075. function toggleDBInput()
  2076. {
  2077. // What state is it?';
  2078. if (!isset($incontext['supported_databases']['sqlite']) && !isset($incontext['supported_databases']['sqlite3']))
  2079. echo '
  2080. var showAll = true;';
  2081. elseif (count($incontext['supported_databases']) < 2)
  2082. echo '
  2083. var showAll = false;';
  2084. // If we have more than one DB including SQLite, what should we be doing?
  2085. else
  2086. echo '
  2087. var showAll = (document.getElementById(\'db_type_input\').value == \'sqlite\' || document.getElementById(\'db_type_input\').value == \'sqlite3\') ? false : true;';
  2088. echo '
  2089. document.getElementById(\'db_passwd_contain\').style.display = showAll ? \'\' : \'none\';
  2090. document.getElementById(\'db_server_contain\').style.display = showAll ? \'\' : \'none\';
  2091. document.getElementById(\'db_user_contain\').style.display = showAll ? \'\' : \'none\';
  2092. document.getElementById(\'db_name_contain\').style.display = showAll ? \'\' : \'none\';
  2093. document.getElementById(\'db_filename_contain\').style.display = !showAll ? \'\' : \'none\';
  2094. document.getElementById(\'db_sqlite_warning\').style.display = !showAll ? \'\' : \'none\';
  2095. if (document.getElementById(\'db_type_input\').value == \'postgresql\')
  2096. document.getElementById(\'db_name_info_warning\').style.display = \'none\';
  2097. else
  2098. document.getElementById(\'db_name_info_warning\').style.display = \'\';
  2099. }
  2100. toggleDBInput();
  2101. // ]]></script>';
  2102. }
  2103. // Stick in their forum settings.
  2104. function template_forum_settings()
  2105. {
  2106. global $incontext, $installurl, $txt;
  2107. echo '
  2108. <form action="', $incontext['form_url'], '" method="post">
  2109. <h3>', $txt['install_settings_info'], '</h3>';
  2110. template_warning_divs();
  2111. echo '
  2112. <table style="width: 100%; margin: 1em 0;">
  2113. <tr>
  2114. <td class="textbox" style="width: 20%; vertical-align: top;">
  2115. <label for="mbname_input">', $txt['install_settings_name'], ':</label>
  2116. </td>
  2117. <td>
  2118. <input type="text" name="mbname" id="mbname_input" value="', $txt['install_settings_name_default'], '" size="65" class="input_text" />
  2119. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['install_settings_name_info'], '</div>
  2120. </td>
  2121. </tr>
  2122. <tr>
  2123. <td class="textbox" style="vertical-align: top;">
  2124. <label for="boardurl_input">', $txt['install_settings_url'], ':</label>
  2125. </td>
  2126. <td>
  2127. <input type="text" name="boardurl" id="boardurl_input" value="', $incontext['detected_url'], '" size="65" class="input_text" />
  2128. <br />
  2129. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['install_settings_url_info'], '</div>
  2130. </td>
  2131. </tr>
  2132. <tr>
  2133. <td class="textbox" style="vertical-align: top;">
  2134. <label for="reg_mode">', $txt['install_settings_reg_mode'], ':</label>
  2135. </td>
  2136. <td>
  2137. <select name="reg_mode" id="reg_mode">
  2138. <optgroup label="', $txt['install_settings_reg_modes'], ':">
  2139. <option value="0" selected>', $txt['install_settings_reg_immediate'], '</option>
  2140. <option value="1">', $txt['install_settings_reg_email'], '</option>
  2141. <option value="2">', $txt['install_settings_reg_admin'], '</option>
  2142. <option value="3">', $txt['install_settings_reg_disabled'], '</option>
  2143. </optgroup>
  2144. </select>
  2145. <br />
  2146. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['install_settings_reg_mode_info'], '</div>
  2147. </td>
  2148. </tr>
  2149. <tr>
  2150. <td class="textbox" style="vertical-align: top;">', $txt['install_settings_compress'], ':</td>
  2151. <td>
  2152. <input type="checkbox" name="compress" id="compress_check" checked class="input_check" />&nbsp;
  2153. <label for="compress_check">', $txt['install_settings_compress_title'], '</label>
  2154. <br />
  2155. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['install_settings_compress_info'], '</div>
  2156. </td>
  2157. </tr>
  2158. <tr>
  2159. <td class="textbox" style="vertical-align: top;">', $txt['install_settings_dbsession'], ':</td>
  2160. <td>
  2161. <input type="checkbox" name="dbsession" id="dbsession_check" checked class="input_check" />&nbsp;
  2162. <label for="dbsession_check">', $txt['install_settings_dbsession_title'], '</label>
  2163. <br />
  2164. <div style="font-size: smaller; margin-bottom: 2ex;">', $incontext['test_dbsession'] ? $txt['install_settings_dbsession_info1'] : $txt['install_settings_dbsession_info2'], '</div>
  2165. </td>
  2166. </tr>
  2167. <tr>
  2168. <td class="textbox" style="vertical-align: top;">', $txt['install_settings_utf8'], ':</td>
  2169. <td>
  2170. <input type="checkbox" name="utf8" id="utf8_check"', $incontext['utf8_default'] ? ' checked' : '', ' class="input_check"', $incontext['utf8_required'] ? ' disabled' : '', ' />&nbsp;
  2171. <label for="utf8_check">', $txt['install_settings_utf8_title'], '</label>
  2172. <br />
  2173. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['install_settings_utf8_info'], '</div>
  2174. </td>
  2175. </tr>
  2176. <tr>
  2177. <td class="textbox" style="vertical-align: top;">', $txt['install_settings_stats'], ':</td>
  2178. <td>
  2179. <input type="checkbox" name="stats" id="stats_check" class="input_check" />&nbsp;
  2180. <label for="stats_check">', $txt['install_settings_stats_title'], '</label>
  2181. <br />
  2182. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['install_settings_stats_info'], '</div>
  2183. </td>
  2184. </tr>
  2185. </table>
  2186. ';
  2187. }
  2188. // Show results of the database population.
  2189. function template_populate_database()
  2190. {
  2191. global $incontext, $installurl, $txt;
  2192. echo '
  2193. <form action="', $incontext['form_url'], '" method="post">
  2194. <p>', !empty($incontext['was_refresh']) ? $txt['user_refresh_install_desc'] : $txt['db_populate_info'], '</p>';
  2195. if (!empty($incontext['sql_results']))
  2196. {
  2197. echo '
  2198. <ul>
  2199. <li>', implode('</li><li>', $incontext['sql_results']), '</li>
  2200. </ul>';
  2201. }
  2202. if (!empty($incontext['failures']))
  2203. {
  2204. echo '
  2205. <div style="color: red;">', $txt['error_db_queries'], '</div>
  2206. <ul>';
  2207. foreach ($incontext['failures'] as $line => $fail)
  2208. echo '
  2209. <li><strong>', $txt['error_db_queries_line'], $line + 1, ':</strong> ', nl2br(htmlspecialchars($fail)), '</li>';
  2210. echo '
  2211. </ul>';
  2212. }
  2213. echo '
  2214. <p>', $txt['db_populate_info2'], '</p>';
  2215. template_warning_divs();
  2216. echo '
  2217. <input type="hidden" name="pop_done" value="1" />';
  2218. }
  2219. // Create the admin account.
  2220. function template_admin_account()
  2221. {
  2222. global $incontext, $installurl, $txt;
  2223. echo '
  2224. <form action="', $incontext['form_url'], '" method="post">
  2225. <p>', $txt['user_settings_info'], '</p>';
  2226. template_warning_divs();
  2227. echo '
  2228. <table width="100%" cellspacing="0" cellpadding="0" border="0" style="margin: 2em 0;">
  2229. <tr>
  2230. <td width="18%" valign="top" class="textbox"><label for="username">', $txt['user_settings_username'], ':</label></td>
  2231. <td>
  2232. <input type="text" name="username" id="username" value="', $incontext['username'], '" size="40" class="input_text" />
  2233. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['user_settings_username_info'], '</div>
  2234. </td>
  2235. </tr><tr>
  2236. <td valign="top" class="textbox"><label for="password1">', $txt['user_settings_password'], ':</label></td>
  2237. <td>
  2238. <input type="password" name="password1" id="password1" size="40" class="input_password" />
  2239. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['user_settings_password_info'], '</div>
  2240. </td>
  2241. </tr><tr>
  2242. <td valign="top" class="textbox"><label for="password2">', $txt['user_settings_again'], ':</label></td>
  2243. <td>
  2244. <input type="password" name="password2" id="password2" size="40" class="input_password" />
  2245. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['user_settings_again_info'], '</div>
  2246. </td>
  2247. </tr><tr>
  2248. <td valign="top" class="textbox"><label for="email">', $txt['user_settings_email'], ':</label></td>
  2249. <td>
  2250. <input type="text" name="email" id="email" value="', $incontext['email'], '" size="40" class="input_text" />
  2251. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['user_settings_email_info'], '</div>
  2252. </td>
  2253. </tr>
  2254. </table>';
  2255. if ($incontext['require_db_confirm'])
  2256. echo '
  2257. <h2>', $txt['user_settings_database'], '</h2>
  2258. <p>', $txt['user_settings_database_info'], '</p>
  2259. <div style="margin-bottom: 2ex; padding-', empty($txt['lang_rtl']) ? 'left' : 'right', ': 50px;">
  2260. <input type="password" name="password3" size="30" class="input_password" />
  2261. </div>';
  2262. }
  2263. // Tell them it's done, and to delete.
  2264. function template_delete_install()
  2265. {
  2266. global $incontext, $installurl, $txt, $boardurl;
  2267. echo '
  2268. <p>', $txt['congratulations_help'], '</p>';
  2269. template_warning_divs();
  2270. // Install directory still writable?
  2271. if ($incontext['dir_still_writable'])
  2272. echo '
  2273. <em>', $txt['still_writable'], '</em><br />
  2274. <br />';
  2275. // Don't show the box if it's like 99% sure it won't work :P.
  2276. if ($incontext['probably_delete_install'])
  2277. echo '
  2278. <div style="margin: 1ex; font-weight: bold;">
  2279. <label for="delete_self"><input type="checkbox" id="delete_self" onclick="doTheDelete();" class="input_check" /> ', $txt['delete_installer'], !isset($_SESSION['installer_temp_ftp']) ? ' ' . $txt['delete_installer_maybe'] : '', '</label>
  2280. </div>
  2281. <script><!-- // --><![CDATA[
  2282. function doTheDelete()
  2283. {
  2284. var theCheck = document.getElementById ? document.getElementById("delete_self") : document.all.delete_self;
  2285. var tempImage = new Image();
  2286. tempImage.src = "', $installurl, '?delete=1&ts_" + (new Date().getTime());
  2287. tempImage.width = 0;
  2288. theCheck.disabled = true;
  2289. }
  2290. // ]]></script>
  2291. <br />';
  2292. echo '
  2293. ', sprintf($txt['go_to_your_forum'], $boardurl . '/index.php'), '<br />
  2294. <br />
  2295. ', $txt['good_luck'];
  2296. }
  2297. ?>