install.php 87 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493149414951496149714981499150015011502150315041505150615071508150915101511151215131514151515161517151815191520152115221523152415251526152715281529153015311532153315341535153615371538153915401541154215431544154515461547154815491550155115521553155415551556155715581559156015611562156315641565156615671568156915701571157215731574157515761577157815791580158115821583158415851586158715881589159015911592159315941595159615971598159916001601160216031604160516061607160816091610161116121613161416151616161716181619162016211622162316241625162616271628162916301631163216331634163516361637163816391640164116421643164416451646164716481649165016511652165316541655165616571658165916601661166216631664166516661667166816691670167116721673167416751676167716781679168016811682168316841685168616871688168916901691169216931694169516961697169816991700170117021703170417051706170717081709171017111712171317141715171617171718171917201721172217231724172517261727172817291730173117321733173417351736173717381739174017411742174317441745174617471748174917501751175217531754175517561757175817591760176117621763176417651766176717681769177017711772177317741775177617771778177917801781178217831784178517861787178817891790179117921793179417951796179717981799180018011802180318041805180618071808180918101811181218131814181518161817181818191820182118221823182418251826182718281829183018311832183318341835183618371838183918401841184218431844184518461847184818491850185118521853185418551856185718581859186018611862186318641865186618671868186918701871187218731874187518761877187818791880188118821883188418851886188718881889189018911892189318941895189618971898189919001901190219031904190519061907190819091910191119121913191419151916191719181919192019211922192319241925192619271928192919301931193219331934193519361937193819391940194119421943194419451946194719481949195019511952195319541955195619571958195919601961196219631964196519661967196819691970197119721973197419751976197719781979198019811982198319841985198619871988198919901991199219931994199519961997199819992000200120022003200420052006200720082009201020112012201320142015201620172018201920202021202220232024202520262027202820292030203120322033203420352036203720382039204020412042204320442045204620472048204920502051205220532054205520562057205820592060206120622063206420652066206720682069207020712072207320742075207620772078207920802081208220832084208520862087208820892090209120922093209420952096209720982099210021012102210321042105210621072108210921102111211221132114211521162117211821192120212121222123212421252126212721282129213021312132213321342135213621372138213921402141214221432144214521462147214821492150215121522153215421552156215721582159216021612162216321642165216621672168216921702171217221732174217521762177217821792180218121822183218421852186218721882189219021912192219321942195219621972198219922002201220222032204220522062207220822092210221122122213221422152216221722182219222022212222222322242225222622272228222922302231223222332234223522362237223822392240224122422243224422452246224722482249225022512252225322542255225622572258225922602261226222632264226522662267226822692270227122722273227422752276227722782279228022812282228322842285228622872288228922902291229222932294229522962297229822992300230123022303230423052306230723082309231023112312231323142315231623172318231923202321232223232324232523262327232823292330233123322333233423352336233723382339234023412342234323442345234623472348234923502351235223532354235523562357235823592360236123622363236423652366236723682369237023712372237323742375237623772378237923802381238223832384238523862387238823892390239123922393239423952396239723982399240024012402240324042405240624072408240924102411241224132414241524162417241824192420242124222423242424252426242724282429243024312432243324342435243624372438243924402441244224432444244524462447244824492450245124522453245424552456245724582459246024612462246324642465246624672468246924702471247224732474247524762477247824792480248124822483248424852486248724882489249024912492249324942495249624972498249925002501250225032504250525062507250825092510251125122513251425152516251725182519252025212522252325242525252625272528252925302531253225332534253525362537253825392540254125422543254425452546254725482549255025512552255325542555255625572558255925602561256225632564256525662567256825692570257125722573257425752576257725782579258025812582258325842585258625872588258925902591259225932594259525962597259825992600260126022603260426052606260726082609261026112612261326142615261626172618261926202621262226232624262526262627262826292630263126322633
  1. <?php
  2. /**
  3. * Simple Machines Forum (SMF)
  4. *
  5. * @package SMF
  6. * @author Simple Machines http://www.simplemachines.org
  7. * @copyright 2012 Simple Machines
  8. * @license http://www.simplemachines.org/about/smf/license.php BSD
  9. *
  10. * @version 2.1 Alpha 1
  11. */
  12. $GLOBALS['current_smf_version'] = '2.1 Alpha 1';
  13. $GLOBALS['db_script_version'] = '2-1';
  14. $GLOBALS['required_php_version'] = '5.1.0';
  15. // Don't have PHP support, do you?
  16. // ><html dir="ltr"><head><title>Error!</title></head><body>Sorry, this installer requires PHP!<div style="display: none;">
  17. // Database info.
  18. $databases = array(
  19. 'mysql' => array(
  20. 'name' => 'MySQL',
  21. 'version' => '4.0.18',
  22. 'version_check' => 'return min(mysql_get_server_info(), mysql_get_client_info());',
  23. 'supported' => function_exists('mysql_connect'),
  24. 'default_user' => 'mysql.default_user',
  25. 'default_password' => 'mysql.default_password',
  26. 'default_host' => 'mysql.default_host',
  27. 'default_port' => 'mysql.default_port',
  28. 'utf8_support' => true,
  29. 'utf8_version' => '4.1.0',
  30. 'utf8_version_check' => 'return mysql_get_server_info();',
  31. 'utf8_default' => true,
  32. 'utf8_required' => false,
  33. 'alter_support' => true,
  34. 'validate_prefix' => create_function('&$value', '
  35. $value = preg_replace(\'~[^A-Za-z0-9_\$]~\', \'\', $value);
  36. return true;
  37. '),
  38. ),
  39. 'postgresql' => array(
  40. 'name' => 'PostgreSQL',
  41. 'version' => '8.0',
  42. 'function_check' => 'pg_connect',
  43. 'version_check' => '$request = pg_query(\'SELECT version()\'); list ($version) = pg_fetch_row($request); list($pgl, $version) = explode(" ", $version); return $version;',
  44. 'supported' => function_exists('pg_connect'),
  45. 'always_has_db' => true,
  46. 'utf8_default' => true,
  47. 'utf8_required' => true,
  48. 'utf8_support' => true,
  49. 'utf8_version' => '8.0',
  50. 'utf8_version_check' => '$request = pg_query(\'SELECT version()\'); list ($version) = pg_fetch_row($request); list($pgl, $version) = explode(" ", $version); return $version;',
  51. 'validate_prefix' => create_function('&$value', '
  52. $value = preg_replace(\'~[^A-Za-z0-9_\$]~\', \'\', $value);
  53. // Is it reserved?
  54. if ($value == \'pg_\')
  55. return $txt[\'error_db_prefix_reserved\'];
  56. // Is the prefix numeric?
  57. if (preg_match(\'~^\d~\', $value))
  58. return $txt[\'error_db_prefix_numeric\'];
  59. return true;
  60. '),
  61. ),
  62. 'sqlite' => array(
  63. 'name' => 'SQLite',
  64. 'version' => '1',
  65. 'function_check' => 'sqlite_open',
  66. 'version_check' => 'return 1;',
  67. 'supported' => function_exists('sqlite_open'),
  68. 'always_has_db' => true,
  69. 'utf8_default' => true,
  70. 'utf8_required' => true,
  71. 'utf8_support' => false,
  72. 'validate_prefix' => create_function('&$value', '
  73. global $incontext, $txt;
  74. $value = preg_replace(\'~[^A-Za-z0-9_\$]~\', \'\', $value);
  75. // Is it reserved?
  76. if ($value == \'sqlite_\')
  77. return $txt[\'error_db_prefix_reserved\'];
  78. // Is the prefix numeric?
  79. if (preg_match(\'~^\d~\', $value))
  80. return $txt[\'error_db_prefix_numeric\'];
  81. return true;
  82. '),
  83. ),
  84. );
  85. // Initialize everything and load the language files.
  86. initialize_inputs();
  87. load_lang_file();
  88. // This is what we are.
  89. $installurl = $_SERVER['PHP_SELF'];
  90. // This is where SMF is.
  91. $smfsite = 'http://www.simplemachines.org/smf';
  92. // All the steps in detail.
  93. // Number,Name,Function,Progress Weight.
  94. $incontext['steps'] = array(
  95. 0 => array(1, $txt['install_step_welcome'], 'Welcome', 0),
  96. 1 => array(2, $txt['install_step_writable'], 'CheckFilesWritable', 10),
  97. 2 => array(3, $txt['install_step_databaseset'], 'DatabaseSettings', 15),
  98. 3 => array(4, $txt['install_step_forum'], 'ForumSettings', 40),
  99. 4 => array(5, $txt['install_step_databasechange'], 'DatabasePopulation', 15),
  100. 5 => array(6, $txt['install_step_admin'], 'AdminAccount', 20),
  101. 6 => array(7, $txt['install_step_delete'], 'DeleteInstall', 0),
  102. );
  103. // Default title...
  104. $incontext['page_title'] = $txt['smf_installer'];
  105. // What step are we on?
  106. $incontext['current_step'] = isset($_GET['step']) ? (int) $_GET['step'] : 0;
  107. // Loop through all the steps doing each one as required.
  108. $incontext['overall_percent'] = 0;
  109. foreach ($incontext['steps'] as $num => $step)
  110. {
  111. if ($num >= $incontext['current_step'])
  112. {
  113. // The current weight of this step in terms of overall progress.
  114. $incontext['step_weight'] = $step[3];
  115. // Make sure we reset the skip button.
  116. $incontext['skip'] = false;
  117. // Call the step and if it returns false that means pause!
  118. if (function_exists($step[2]) && $step[2]() === false)
  119. break;
  120. elseif (function_exists($step[2]))
  121. $incontext['current_step']++;
  122. // No warnings pass on.
  123. $incontext['warning'] = '';
  124. }
  125. $incontext['overall_percent'] += $step[3];
  126. }
  127. // Actually do the template stuff.
  128. installExit();
  129. function initialize_inputs()
  130. {
  131. global $databases, $incontext;
  132. // Just so people using older versions of PHP aren't left in the cold.
  133. if (!isset($_SERVER['PHP_SELF']))
  134. $_SERVER['PHP_SELF'] = isset($GLOBALS['HTTP_SERVER_VARS']['PHP_SELF']) ? $GLOBALS['HTTP_SERVER_VARS']['PHP_SELF'] : 'install.php';
  135. // Turn off magic quotes runtime and enable error reporting.
  136. if (function_exists('set_magic_quotes_runtime'))
  137. @set_magic_quotes_runtime(0);
  138. error_reporting(E_ALL);
  139. // Fun. Low PHP version...
  140. if (!isset($_GET))
  141. {
  142. $GLOBALS['_GET']['step'] = 0;
  143. return;
  144. }
  145. if (!isset($_GET['obgz']))
  146. {
  147. ob_start();
  148. if (ini_get('session.save_handler') == 'user')
  149. @ini_set('session.save_handler', 'files');
  150. if (function_exists('session_start'))
  151. @session_start();
  152. }
  153. else
  154. {
  155. ob_start('ob_gzhandler');
  156. if (ini_get('session.save_handler') == 'user')
  157. @ini_set('session.save_handler', 'files');
  158. session_start();
  159. if (!headers_sent())
  160. echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
  161. <html xmlns="http://www.w3.org/1999/xhtml">
  162. <head>
  163. <title>', htmlspecialchars($_GET['pass_string']), '</title>
  164. </head>
  165. <body style="background-color: #d4d4d4; margin-top: 16%; text-align: center; font-size: 16pt;">
  166. <strong>', htmlspecialchars($_GET['pass_string']), '</strong>
  167. </body>
  168. </html>';
  169. exit;
  170. }
  171. // Are we calling the backup css file?
  172. if (isset($_GET['infile_css']))
  173. {
  174. header('Content-Type: text/css');
  175. template_css();
  176. exit;
  177. }
  178. // Anybody home?
  179. if (!isset($_GET['xml']))
  180. {
  181. $incontext['remote_files_available'] = false;
  182. $test = @fsockopen('www.simplemachines.org', 80, $errno, $errstr, 1);
  183. if ($test)
  184. $incontext['remote_files_available'] = true;
  185. @fclose($test);
  186. }
  187. // Add slashes, as long as they aren't already being added.
  188. if (!function_exists('get_magic_quotes_gpc') || @get_magic_quotes_gpc() == 0)
  189. foreach ($_POST as $k => $v)
  190. if (strpos($k, 'password') === false)
  191. $_POST[$k] = addslashes($v);
  192. // This is really quite simple; if ?delete is on the URL, delete the installer...
  193. if (isset($_GET['delete']))
  194. {
  195. if (isset($_SESSION['installer_temp_ftp']))
  196. {
  197. $ftp = new ftp_connection($_SESSION['installer_temp_ftp']['server'], $_SESSION['installer_temp_ftp']['port'], $_SESSION['installer_temp_ftp']['username'], $_SESSION['installer_temp_ftp']['password']);
  198. $ftp->chdir($_SESSION['installer_temp_ftp']['path']);
  199. $ftp->unlink('install.php');
  200. $ftp->unlink('webinstall.php');
  201. foreach ($databases as $key => $dummy)
  202. $ftp->unlink('install_' . $GLOBALS['db_script_version'] . '_' . $key . '.sql');
  203. $ftp->close();
  204. unset($_SESSION['installer_temp_ftp']);
  205. }
  206. else
  207. {
  208. @unlink(__FILE__);
  209. @unlink(dirname(__FILE__) . '/webinstall.php');
  210. foreach ($databases as $key => $dummy)
  211. @unlink(dirname(__FILE__) . '/install_' . $GLOBALS['db_script_version'] . '_' . $key . '.sql');
  212. }
  213. // Now just redirect to a blank.png...
  214. header('Location: http://' . (isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : $_SERVER['SERVER_NAME'] . ':' . $_SERVER['SERVER_PORT']) . dirname($_SERVER['PHP_SELF']) . '/Themes/default/images/blank.png');
  215. exit;
  216. }
  217. // PHP 5 might cry if we don't do this now.
  218. if (function_exists('date_default_timezone_set'))
  219. {
  220. $server_offset = @mktime(0, 0, 0, 1, 1, 1970);
  221. date_default_timezone_set('Etc/GMT' . ($server_offset > 0 ? '+' : '') . ($server_offset / 3600));
  222. }
  223. // Force an integer step, defaulting to 0.
  224. $_GET['step'] = (int) @$_GET['step'];
  225. }
  226. // Load the list of language files, and the current language file.
  227. function load_lang_file()
  228. {
  229. global $txt, $incontext;
  230. $incontext['detected_languages'] = array();
  231. // Make sure the languages directory actually exists.
  232. if (file_exists(dirname(__FILE__) . '/Themes/default/languages'))
  233. {
  234. // Find all the "Install" language files in the directory.
  235. $dir = dir(dirname(__FILE__) . '/Themes/default/languages');
  236. while ($entry = $dir->read())
  237. {
  238. if (substr($entry, 0, 8) == 'Install.' && substr($entry, -4) == '.php')
  239. $incontext['detected_languages'][$entry] = ucfirst(substr($entry, 8, strlen($entry) - 12));
  240. }
  241. $dir->close();
  242. }
  243. // Didn't find any, show an error message!
  244. if (empty($incontext['detected_languages']))
  245. {
  246. // Let's not cache this message, eh?
  247. header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
  248. header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
  249. header('Cache-Control: no-cache');
  250. echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
  251. <html xmlns="http://www.w3.org/1999/xhtml">
  252. <head>
  253. <title>SMF Installer: Error!</title>
  254. </head>
  255. <body style="font-family: sans-serif;"><div style="width: 600px;">
  256. <h1 style="font-size: 14pt;">A critical error has occurred.</h1>
  257. <p>This installer was unable to find the installer\'s language file or files. They should be found under:</p>
  258. <div style="margin: 1ex; font-family: monospace; font-weight: bold;">', dirname($_SERVER['PHP_SELF']) != '/' ? dirname($_SERVER['PHP_SELF']) : '', '/Themes/default/languages</div>
  259. <p>In some cases, FTP clients do not properly upload files with this many folders. Please double check to make sure you <span style="font-weight: 600;">have uploaded all the files in the distribution</span>.</p>
  260. <p>If that doesn\'t help, please make sure this install.php file is in the same place as the Themes folder.</p>
  261. <p>If you continue to get this error message, feel free to <a href="http://support.simplemachines.org/">look to us for support</a>.</p>
  262. </div></body>
  263. </html>';
  264. die;
  265. }
  266. // Override the language file?
  267. if (isset($_GET['lang_file']))
  268. $_SESSION['installer_temp_lang'] = $_GET['lang_file'];
  269. elseif (isset($GLOBALS['HTTP_GET_VARS']['lang_file']))
  270. $_SESSION['installer_temp_lang'] = $GLOBALS['HTTP_GET_VARS']['lang_file'];
  271. // Make sure it exists, if it doesn't reset it.
  272. if (!isset($_SESSION['installer_temp_lang']) || preg_match('~[^\\w_\\-.]~', $_SESSION['installer_temp_lang']) === 1 || !file_exists(dirname(__FILE__) . '/Themes/default/languages/' . $_SESSION['installer_temp_lang']))
  273. {
  274. // Use the first one...
  275. list ($_SESSION['installer_temp_lang']) = array_keys($incontext['detected_languages']);
  276. // If we have english and some other language, use the other language. We Americans hate english :P.
  277. if ($_SESSION['installer_temp_lang'] == 'Install.english.php' && count($incontext['detected_languages']) > 1)
  278. list (, $_SESSION['installer_temp_lang']) = array_keys($incontext['detected_languages']);
  279. }
  280. // And now include the actual language file itself.
  281. require_once(dirname(__FILE__) . '/Themes/default/languages/' . $_SESSION['installer_temp_lang']);
  282. }
  283. // This handy function loads some settings and the like.
  284. function load_database()
  285. {
  286. global $db_prefix, $db_connection, $db_character_set, $sourcedir, $language;
  287. global $smcFunc, $mbname, $scripturl, $boardurl, $modSettings, $db_type, $db_name, $db_user;
  288. if (empty($sourcedir))
  289. $sourcedir = dirname(__FILE__) . '/Sources';
  290. // Need this to check whether we need the database password.
  291. require(dirname(__FILE__) . '/Settings.php');
  292. if (!defined('SMF'))
  293. define('SMF', 1);
  294. if (empty($smcFunc))
  295. $smcFunc = array();
  296. $modSettings['disableQueryCheck'] = true;
  297. // Connect the database.
  298. if (!$db_connection)
  299. {
  300. require_once($sourcedir . '/Subs-Db-' . $db_type . '.php');
  301. if (version_compare(PHP_VERSION, '5', '<'))
  302. require_once($sourcedir . '/Subs-Compat.php');
  303. if (!$db_connection)
  304. $db_connection = smf_db_initiate($db_server, $db_name, $db_user, $db_passwd, $db_prefix, array('persist' => $db_persist));
  305. }
  306. }
  307. // This is called upon exiting the installer, for template etc.
  308. function installExit($fallThrough = false)
  309. {
  310. global $incontext, $installurl, $txt;
  311. // Send character set.
  312. header('Content-Type: text/html; charset=' . (isset($txt['lang_character_set']) ? $txt['lang_character_set'] : 'ISO-8859-1'));
  313. // We usually dump our templates out.
  314. if (!$fallThrough)
  315. {
  316. // The top install bit.
  317. template_install_above();
  318. // Call the template.
  319. if (isset($incontext['sub_template']))
  320. {
  321. $incontext['form_url'] = $installurl . '?step=' . $incontext['current_step'];
  322. call_user_func('template_' . $incontext['sub_template']);
  323. }
  324. // @todo REMOVE THIS!!
  325. else
  326. {
  327. if (function_exists('doStep' . $_GET['step']))
  328. call_user_func('doStep' . $_GET['step']);
  329. }
  330. // Show the footer.
  331. template_install_below();
  332. }
  333. // Bang - gone!
  334. die();
  335. }
  336. function Welcome()
  337. {
  338. global $incontext, $txt, $databases, $installurl;
  339. $incontext['page_title'] = $txt['install_welcome'];
  340. $incontext['sub_template'] = 'welcome_message';
  341. // Done the submission?
  342. if (isset($_POST['contbutt']))
  343. return true;
  344. // Check the PHP version.
  345. if ((!function_exists('version_compare') || version_compare($GLOBALS['required_php_version'], PHP_VERSION, '>')))
  346. {
  347. $incontext['warning'] = $txt['error_php_too_low'];
  348. }
  349. // See if we think they have already installed it?
  350. if (is_readable(dirname(__FILE__) . '/Settings.php'))
  351. {
  352. $probably_installed = 0;
  353. foreach (file(dirname(__FILE__) . '/Settings.php') as $line)
  354. {
  355. if (preg_match('~^\$db_passwd\s=\s\'([^\']+)\';$~', $line))
  356. $probably_installed++;
  357. if (preg_match('~^\$boardurl\s=\s\'([^\']+)\';~', $line) && !preg_match('~^\$boardurl\s=\s\'http://127\.0\.0\.1/smf\';~', $line))
  358. $probably_installed++;
  359. }
  360. if ($probably_installed == 2)
  361. $incontext['warning'] = $txt['error_already_installed'];
  362. }
  363. // Is some database support even compiled in?
  364. $incontext['supported_databases'] = array();
  365. foreach ($databases as $key => $db)
  366. {
  367. if ($db['supported'])
  368. {
  369. if (!file_exists(dirname(__FILE__) . '/install_' . $GLOBALS['db_script_version'] . '_' . $key . '.sql'))
  370. {
  371. $databases[$key]['supported'] = false;
  372. $notFoundSQLFile = true;
  373. $txt['error_db_script_missing'] = sprintf($txt['error_db_script_missing'], 'install_' . $GLOBALS['db_script_version'] . '_' . $key . '.sql');
  374. }
  375. else
  376. {
  377. $db_type = $key;
  378. $incontext['supported_databases'][] = $db;
  379. }
  380. }
  381. }
  382. if (empty($incontext['supported_databases']))
  383. $error = empty($notFoundSQLFile) ? 'error_db_missing' : 'error_db_script_missing';
  384. // How about session support? Some crazy sysadmin remove it?
  385. elseif (!function_exists('session_start'))
  386. $error = 'error_session_missing';
  387. // Make sure they uploaded all the files.
  388. elseif (!file_exists(dirname(__FILE__) . '/index.php'))
  389. $error = 'error_missing_files';
  390. // Very simple check on the session.save_path for Windows.
  391. // @todo Move this down later if they don't use database-driven sessions?
  392. elseif (@ini_get('session.save_path') == '/tmp' && substr(__FILE__, 1, 2) == ':\\')
  393. $error = 'error_session_save_path';
  394. // Since each of the three messages would look the same, anyway...
  395. if (isset($error))
  396. $incontext['error'] = $txt[$error];
  397. // Mod_security blocks everything that smells funny. Let SMF handle security.
  398. if (!fixModSecurity() && !isset($_GET['overmodsecurity']))
  399. $incontext['error'] = $txt['error_mod_security'] . '<br /><br /><a href="' . $installurl . '?overmodsecurity=true">' . $txt['error_message_click'] . '</a> ' . $txt['error_message_bad_try_again'];
  400. return false;
  401. }
  402. function CheckFilesWritable()
  403. {
  404. global $txt, $incontext;
  405. $incontext['page_title'] = $txt['ftp_checking_writable'];
  406. $incontext['sub_template'] = 'chmod_files';
  407. $writable_files = array(
  408. 'attachments',
  409. 'avatars',
  410. 'cache',
  411. 'Packages',
  412. 'Packages/installed.list',
  413. 'Smileys',
  414. 'Themes',
  415. 'agreement.txt',
  416. 'Settings.php',
  417. 'Settings_bak.php'
  418. );
  419. foreach ($incontext['detected_languages'] as $lang => $temp)
  420. $extra_files[] = 'Themes/default/languages/' . $lang;
  421. // With mod_security installed, we could attempt to fix it with .htaccess.
  422. if (function_exists('apache_get_modules') && in_array('mod_security', apache_get_modules()))
  423. $writable_files[] = file_exists(dirname(__FILE__) . '/.htaccess') ? '.htaccess' : '.';
  424. $failed_files = array();
  425. // On linux, it's easy - just use is_writable!
  426. if (substr(__FILE__, 1, 2) != ':\\')
  427. {
  428. foreach ($writable_files as $file)
  429. {
  430. if (!is_writable(dirname(__FILE__) . '/' . $file))
  431. {
  432. @chmod(dirname(__FILE__) . '/' . $file, 0755);
  433. // Well, 755 hopefully worked... if not, try 777.
  434. if (!is_writable(dirname(__FILE__) . '/' . $file) && !@chmod(dirname(__FILE__) . '/' . $file, 0777))
  435. $failed_files[] = $file;
  436. }
  437. }
  438. foreach ($extra_files as $file)
  439. @chmod(dirname(__FILE__) . (empty($file) ? '' : '/' . $file), 0777);
  440. }
  441. // Windows is trickier. Let's try opening for r+...
  442. else
  443. {
  444. foreach ($writable_files as $file)
  445. {
  446. // Folders can't be opened for write... but the index.php in them can ;)
  447. if (is_dir(dirname(__FILE__) . '/' . $file))
  448. $file .= '/index.php';
  449. // Funny enough, chmod actually does do something on windows - it removes the read only attribute.
  450. @chmod(dirname(__FILE__) . '/' . $file, 0777);
  451. $fp = @fopen(dirname(__FILE__) . '/' . $file, 'r+');
  452. // Hmm, okay, try just for write in that case...
  453. if (!is_resource($fp))
  454. $fp = @fopen(dirname(__FILE__) . '/' . $file, 'w');
  455. if (!is_resource($fp))
  456. $failed_files[] = $file;
  457. @fclose($fp);
  458. }
  459. foreach ($extra_files as $file)
  460. @chmod(dirname(__FILE__) . (empty($file) ? '' : '/' . $file), 0777);
  461. }
  462. $failure = count($failed_files) >= 1;
  463. if (!isset($_SERVER))
  464. return !$failure;
  465. // Put the list into context.
  466. $incontext['failed_files'] = $failed_files;
  467. // It's not going to be possible to use FTP on windows to solve the problem...
  468. if ($failure && substr(__FILE__, 1, 2) == ':\\')
  469. {
  470. $incontext['error'] = $txt['error_windows_chmod'] . '
  471. <ul style="margin: 2.5ex; font-family: monospace;">
  472. <li>' . implode('</li>
  473. <li>', $failed_files) . '</li>
  474. </ul>';
  475. return false;
  476. }
  477. // We're going to have to use... FTP!
  478. elseif ($failure)
  479. {
  480. // Load any session data we might have...
  481. if (!isset($_POST['ftp_username']) && isset($_SESSION['installer_temp_ftp']))
  482. {
  483. $_POST['ftp_server'] = $_SESSION['installer_temp_ftp']['server'];
  484. $_POST['ftp_port'] = $_SESSION['installer_temp_ftp']['port'];
  485. $_POST['ftp_username'] = $_SESSION['installer_temp_ftp']['username'];
  486. $_POST['ftp_password'] = $_SESSION['installer_temp_ftp']['password'];
  487. $_POST['ftp_path'] = $_SESSION['installer_temp_ftp']['path'];
  488. }
  489. $incontext['ftp_errors'] = array();
  490. if (isset($_POST['ftp_username']))
  491. {
  492. $ftp = new ftp_connection($_POST['ftp_server'], $_POST['ftp_port'], $_POST['ftp_username'], $_POST['ftp_password']);
  493. if ($ftp->error === false)
  494. {
  495. // Try it without /home/abc just in case they messed up.
  496. if (!$ftp->chdir($_POST['ftp_path']))
  497. {
  498. $incontext['ftp_errors'][] = $ftp->last_message;
  499. $ftp->chdir(preg_replace('~^/home[2]?/[^/]+?~', '', $_POST['ftp_path']));
  500. }
  501. }
  502. }
  503. if (!isset($ftp) || $ftp->error !== false)
  504. {
  505. if (!isset($ftp))
  506. $ftp = new ftp_connection(null);
  507. // Save the error so we can mess with listing...
  508. elseif ($ftp->error !== false && empty($incontext['ftp_errors']) && !empty($ftp->last_message))
  509. $incontext['ftp_errors'][] = $ftp->last_message;
  510. list ($username, $detect_path, $found_path) = $ftp->detect_path(dirname(__FILE__));
  511. if (empty($_POST['ftp_path']) && $found_path)
  512. $_POST['ftp_path'] = $detect_path;
  513. if (!isset($_POST['ftp_username']))
  514. $_POST['ftp_username'] = $username;
  515. // Set the username etc, into context.
  516. $incontext['ftp'] = array(
  517. 'server' => isset($_POST['ftp_server']) ? $_POST['ftp_server'] : 'localhost',
  518. 'port' => isset($_POST['ftp_port']) ? $_POST['ftp_port'] : '21',
  519. 'username' => isset($_POST['ftp_username']) ? $_POST['ftp_username'] : '',
  520. 'path' => isset($_POST['ftp_path']) ? $_POST['ftp_path'] : '/',
  521. 'path_msg' => !empty($found_path) ? $txt['ftp_path_found_info'] : $txt['ftp_path_info'],
  522. );
  523. return false;
  524. }
  525. else
  526. {
  527. $_SESSION['installer_temp_ftp'] = array(
  528. 'server' => $_POST['ftp_server'],
  529. 'port' => $_POST['ftp_port'],
  530. 'username' => $_POST['ftp_username'],
  531. 'password' => $_POST['ftp_password'],
  532. 'path' => $_POST['ftp_path']
  533. );
  534. $failed_files_updated = array();
  535. foreach ($failed_files as $file)
  536. {
  537. if (!is_writable(dirname(__FILE__) . '/' . $file))
  538. $ftp->chmod($file, 0755);
  539. if (!is_writable(dirname(__FILE__) . '/' . $file))
  540. $ftp->chmod($file, 0777);
  541. if (!is_writable(dirname(__FILE__) . '/' . $file))
  542. {
  543. $failed_files_updated[] = $file;
  544. $incontext['ftp_errors'][] = rtrim($ftp->last_message) . ' -> ' . $file . "\n";
  545. }
  546. }
  547. $ftp->close();
  548. // Are there any errors left?
  549. if (count($failed_files_updated) >= 1)
  550. {
  551. // Guess there are...
  552. $incontext['failed_files'] = $failed_files_updated;
  553. // Set the username etc, into context.
  554. $incontext['ftp'] = $_SESSION['installer_temp_ftp'] += array(
  555. 'path_msg' => $txt['ftp_path_info'],
  556. );
  557. return false;
  558. }
  559. }
  560. }
  561. return true;
  562. }
  563. function DatabaseSettings()
  564. {
  565. global $txt, $databases, $incontext, $smcFunc, $sourcedir;
  566. $incontext['sub_template'] = 'database_settings';
  567. $incontext['page_title'] = $txt['db_settings'];
  568. $incontext['continue'] = 1;
  569. // Set up the defaults.
  570. $incontext['db']['server'] = 'localhost';
  571. $incontext['db']['user'] = '';
  572. $incontext['db']['name'] = '';
  573. $incontext['db']['pass'] = '';
  574. $incontext['db']['type'] = '';
  575. $incontext['supported_databases'] = array();
  576. $foundOne = false;
  577. foreach ($databases as $key => $db)
  578. {
  579. // Override with the defaults for this DB if appropriate.
  580. if ($db['supported'])
  581. {
  582. $incontext['supported_databases'][$key] = $db;
  583. if (!$foundOne)
  584. {
  585. if (isset($db['default_host']))
  586. $incontext['db']['server'] = ini_get($db['default_host']) or $incontext['db']['server'] = 'localhost';
  587. if (isset($db['default_user']))
  588. {
  589. $incontext['db']['user'] = ini_get($db['default_user']);
  590. $incontext['db']['name'] = ini_get($db['default_user']);
  591. }
  592. if (isset($db['default_password']))
  593. $incontext['db']['pass'] = ini_get($db['default_password']);
  594. if (isset($db['default_port']))
  595. $db_port = ini_get($db['default_port']);
  596. $incontext['db']['type'] = $key;
  597. $foundOne = true;
  598. }
  599. }
  600. }
  601. // Override for repost.
  602. if (isset($_POST['db_user']))
  603. {
  604. $incontext['db']['user'] = $_POST['db_user'];
  605. $incontext['db']['name'] = $_POST['db_type'] == 'sqlite' && isset($_POST['db_filename']) ? $_POST['db_filename'] : $_POST['db_name'];
  606. $incontext['db']['server'] = $_POST['db_server'];
  607. $incontext['db']['prefix'] = $_POST['db_prefix'];
  608. }
  609. else
  610. {
  611. $incontext['db']['prefix'] = 'smf_';
  612. // Should we use a non standard port?
  613. if (!empty($db_port))
  614. $incontext['db']['server'] .= ':' . $db_port;
  615. }
  616. // Are we submitting?
  617. if (isset($_POST['db_type']))
  618. {
  619. if (isset($_POST['db_filename']))
  620. {
  621. // You better enter enter a database name for SQLite.
  622. if (trim($_POST['db_filename']) == '')
  623. {
  624. $incontext['error'] = $txt['error_db_filename'];
  625. return false;
  626. }
  627. // Duplicate name in the same dir? Can't do that with SQLite. Weird things happen.
  628. if (file_exists($_POST['db_filename'] . (substr($_POST['db_filename'], -3) != '.db' ? '.db' : '')))
  629. {
  630. $incontext['error'] = $txt['error_db_filename_exists'];
  631. return false;
  632. }
  633. }
  634. // What type are they trying?
  635. $db_type = preg_replace('~[^A-Za-z0-9]~', '', $_POST['db_type']);
  636. $db_prefix = $_POST['db_prefix'];
  637. // Validate the prefix.
  638. $valid_prefix = $databases[$db_type]['validate_prefix']($db_prefix);
  639. if ($valid_prefix !== true)
  640. {
  641. $incontext['error'] = $valid_prefix;
  642. return false;
  643. }
  644. // Take care of these variables...
  645. $vars = array(
  646. 'db_type' => $db_type,
  647. 'db_name' => $_POST['db_type'] == 'sqlite' && isset($_POST['db_filename']) ? $_POST['db_filename'] : $_POST['db_name'],
  648. 'db_user' => $_POST['db_user'],
  649. 'db_passwd' => isset($_POST['db_passwd']) ? $_POST['db_passwd'] : '',
  650. 'db_server' => $_POST['db_server'],
  651. 'db_prefix' => $db_prefix,
  652. // The cookiename is special; we want it to be the same if it ever needs to be reinstalled with the same info.
  653. 'cookiename' => 'SMFCookie' . abs(crc32($_POST['db_name'] . preg_replace('~[^A-Za-z0-9_$]~', '', $_POST['db_prefix'])) % 1000),
  654. );
  655. // God I hope it saved!
  656. if (!updateSettingsFile($vars) && substr(__FILE__, 1, 2) == ':\\')
  657. {
  658. $incontext['error'] = $txt['error_windows_chmod'];
  659. return false;
  660. }
  661. // Make sure it works.
  662. require(dirname(__FILE__) . '/Settings.php');
  663. if (empty($sourcedir))
  664. $sourcedir = dirname(__FILE__) . '/Sources';
  665. // Better find the database file!
  666. if (!file_exists($sourcedir . '/Subs-Db-' . $db_type . '.php'))
  667. {
  668. $incontext['error'] = sprintf($txt['error_db_file'], 'Subs-Db-' . $db_type . '.php');
  669. return false;
  670. }
  671. // Now include it for database functions!
  672. define('SMF', 1);
  673. $modSettings['disableQueryCheck'] = true;
  674. if (empty($smcFunc))
  675. $smcFunc = array();
  676. require_once($sourcedir . '/Subs-Db-' . $db_type . '.php');
  677. // What - running PHP4? The shame!
  678. if (version_compare(PHP_VERSION, '5', '<'))
  679. require_once($sourcedir . '/Subs-Compat.php');
  680. // Attempt a connection.
  681. $needsDB = !empty($databases[$db_type]['always_has_db']);
  682. $db_connection = smf_db_initiate($db_server, $db_name, $db_user, $db_passwd, $db_prefix, array('non_fatal' => true, 'dont_select_db' => !$needsDB));
  683. // No dice? Let's try adding the prefix they specified, just in case they misread the instructions ;)
  684. if ($db_connection == null)
  685. {
  686. $db_error = @$smcFunc['db_error']();
  687. $db_connection = smf_db_initiate($db_server, $db_name, $_POST['db_prefix'] . $db_user, $db_passwd, $db_prefix, array('non_fatal' => true, 'dont_select_db' => !$needsDB));
  688. if ($db_connection != null)
  689. {
  690. $db_user = $_POST['db_prefix'] . $db_user;
  691. updateSettingsFile(array('db_user' => $db_user));
  692. }
  693. }
  694. // Still no connection? Big fat error message :P.
  695. if (!$db_connection)
  696. {
  697. $incontext['error'] = $txt['error_db_connect'] . '<div style="margin: 2.5ex; font-family: monospace;"><strong>' . $db_error . '</strong></div>';
  698. return false;
  699. }
  700. // Do they meet the install requirements?
  701. // @todo Old client, new server?
  702. if (version_compare($databases[$db_type]['version'], preg_replace('~^\D*|\-.+?$~', '', eval($databases[$db_type]['version_check']))) > 0)
  703. {
  704. $incontext['error'] = $txt['error_db_too_low'];
  705. return false;
  706. }
  707. // Let's try that database on for size... assuming we haven't already lost the opportunity.
  708. if ($db_name != '' && !$needsDB)
  709. {
  710. $smcFunc['db_query']('', "
  711. CREATE DATABASE IF NOT EXISTS `$db_name`",
  712. array(
  713. 'security_override' => true,
  714. 'db_error_skip' => true,
  715. ),
  716. $db_connection
  717. );
  718. // Okay, let's try the prefix if it didn't work...
  719. if (!$smcFunc['db_select_db']($db_name, $db_connection) && $db_name != '')
  720. {
  721. $smcFunc['db_query']('', "
  722. CREATE DATABASE IF NOT EXISTS `$_POST[db_prefix]$db_name`",
  723. array(
  724. 'security_override' => true,
  725. 'db_error_skip' => true,
  726. ),
  727. $db_connection
  728. );
  729. if ($smcFunc['db_select_db']($_POST['db_prefix'] . $db_name, $db_connection))
  730. {
  731. $db_name = $_POST['db_prefix'] . $db_name;
  732. updateSettingsFile(array('db_name' => $db_name));
  733. }
  734. }
  735. // Okay, now let's try to connect...
  736. if (!$smcFunc['db_select_db']($db_name, $db_connection))
  737. {
  738. $incontext['error'] = sprintf($txt['error_db_database'], $db_name);
  739. return false;
  740. }
  741. }
  742. return true;
  743. }
  744. return false;
  745. }
  746. // Let's start with basic forum type settings.
  747. function ForumSettings()
  748. {
  749. global $txt, $incontext, $databases, $smcFunc, $db_connection, $db_type;
  750. $incontext['sub_template'] = 'forum_settings';
  751. $incontext['page_title'] = $txt['install_settings'];
  752. // Let's see if we got the database type correct.
  753. if (isset($_POST['db_type'], $databases[$_POST['db_type']]))
  754. $db_type = $_POST['db_type'];
  755. // Else we'd better be able to get the connection.
  756. else
  757. load_database();
  758. $db_type = isset($_POST['db_type']) ? $_POST['db_type'] : $db_type;
  759. // What host and port are we on?
  760. $host = empty($_SERVER['HTTP_HOST']) ? $_SERVER['SERVER_NAME'] . (empty($_SERVER['SERVER_PORT']) || $_SERVER['SERVER_PORT'] == '80' ? '' : ':' . $_SERVER['SERVER_PORT']) : $_SERVER['HTTP_HOST'];
  761. // Now, to put what we've learned together... and add a path.
  762. $incontext['detected_url'] = 'http' . (!empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on' ? 's' : '') . '://' . $host . substr($_SERVER['PHP_SELF'], 0, strrpos($_SERVER['PHP_SELF'], '/'));
  763. // Check if the database sessions will even work.
  764. $incontext['test_dbsession'] = ini_get('session.auto_start') != 1;
  765. $incontext['utf8_default'] = $databases[$db_type]['utf8_default'];
  766. $incontext['utf8_required'] = $databases[$db_type]['utf8_required'];
  767. $incontext['continue'] = 1;
  768. // Submitting?
  769. if (isset($_POST['boardurl']))
  770. {
  771. if (substr($_POST['boardurl'], -10) == '/index.php')
  772. $_POST['boardurl'] = substr($_POST['boardurl'], 0, -10);
  773. elseif (substr($_POST['boardurl'], -1) == '/')
  774. $_POST['boardurl'] = substr($_POST['boardurl'], 0, -1);
  775. if (substr($_POST['boardurl'], 0, 7) != 'http://' && substr($_POST['boardurl'], 0, 7) != 'file://' && substr($_POST['boardurl'], 0, 8) != 'https://')
  776. $_POST['boardurl'] = 'http://' . $_POST['boardurl'];
  777. // Save these variables.
  778. $vars = array(
  779. 'boardurl' => $_POST['boardurl'],
  780. 'boarddir' => addslashes(dirname(__FILE__)),
  781. 'sourcedir' => addslashes(dirname(__FILE__)) . '/Sources',
  782. 'cachedir' => addslashes(dirname(__FILE__)) . '/cache',
  783. 'mbname' => strtr($_POST['mbname'], array('\"' => '"')),
  784. 'language' => substr($_SESSION['installer_temp_lang'], 8, -4),
  785. );
  786. // Must save!
  787. if (!updateSettingsFile($vars) && substr(__FILE__, 1, 2) == ':\\')
  788. {
  789. $incontext['error'] = $txt['error_windows_chmod'];
  790. return false;
  791. }
  792. // Make sure it works.
  793. require(dirname(__FILE__) . '/Settings.php');
  794. // UTF-8 requires a setting to override the language charset.
  795. if ((!empty($databases[$db_type]['utf8_support']) && !empty($databases[$db_type]['utf8_required'])) || (empty($databases[$db_type]['utf8_required']) && !empty($databases[$db_type]['utf8_support']) && isset($_POST['utf8'])))
  796. {
  797. if (!empty($databases[$db_type]['utf8_version_check']) && version_compare($databases[$db_type]['utf8_version'], preg_replace('~\-.+?$~', '', eval($databases[$db_type]['utf8_version_check'])), '>'))
  798. {
  799. $incontext['error'] = sprintf($txt['error_utf8_version'], $databases[$db_type]['utf8_version']);
  800. return false;
  801. }
  802. else
  803. // Set the character set here.
  804. updateSettingsFile(array('db_character_set' => 'utf8'));
  805. }
  806. //-- Set the registration mode...
  807. $smcFunc['db_query']('', '
  808. UPDATE {db_prefix}settings
  809. SET value = {int:reg_mode}
  810. WHERE variable = {string:this_variable}',
  811. array(
  812. 'reg_mode' => isset($_POST['reg_mode']) ? $_POST['reg_mode'] : 0,
  813. 'this_variable' => 'registration_method',
  814. )
  815. );
  816. // Good, skip on.
  817. return true;
  818. }
  819. return false;
  820. }
  821. // Step one: Do the SQL thang.
  822. function DatabasePopulation()
  823. {
  824. global $db_character_set, $txt, $db_connection, $smcFunc, $databases, $modSettings, $db_type, $sourcedir, $db_prefix, $incontext, $db_name, $boardurl;
  825. $incontext['sub_template'] = 'populate_database';
  826. $incontext['page_title'] = $txt['db_populate'];
  827. $incontext['continue'] = 1;
  828. // Already done?
  829. if (isset($_POST['pop_done']))
  830. return true;
  831. // Reload settings.
  832. require(dirname(__FILE__) . '/Settings.php');
  833. load_database();
  834. // Before running any of the queries, let's make sure another version isn't already installed.
  835. $result = $smcFunc['db_query']('', '
  836. SELECT variable, value
  837. FROM {db_prefix}settings',
  838. array(
  839. 'db_error_skip' => true,
  840. )
  841. );
  842. $modSettings = array();
  843. if ($result !== false)
  844. {
  845. while ($row = $smcFunc['db_fetch_assoc']($result))
  846. $modSettings[$row['variable']] = $row['value'];
  847. $smcFunc['db_free_result']($result);
  848. // Do they match? If so, this is just a refresh so charge on!
  849. if (!isset($modSettings['smfVersion']) || $modSettings['smfVersion'] != $GLOBALS['current_smf_version'])
  850. {
  851. $incontext['error'] = $txt['error_versions_do_not_match'];
  852. return false;
  853. }
  854. }
  855. $modSettings['disableQueryCheck'] = true;
  856. // If doing UTF8, select it. PostgreSQL requires passing it as a string...
  857. if (!empty($db_character_set) && $db_character_set == 'utf8' && !empty($databases[$db_type]['utf8_support']))
  858. $smcFunc['db_query']('', '
  859. SET NAMES {'. ($db_type == 'postgresql' ? 'string' : 'raw') . ':utf8}',
  860. array(
  861. 'db_error_skip' => true,
  862. 'utf8' => 'utf8',
  863. )
  864. );
  865. $replaces = array(
  866. '{$db_prefix}' => $db_prefix,
  867. '{$boarddir}' => $smcFunc['db_escape_string'](dirname(__FILE__)),
  868. '{$boardurl}' => $boardurl,
  869. '{$enableCompressedOutput}' => isset($_POST['compress']) ? '1' : '0',
  870. '{$databaseSession_enable}' => isset($_POST['dbsession']) ? '1' : '0',
  871. '{$smf_version}' => $GLOBALS['current_smf_version'],
  872. '{$current_time}' => time(),
  873. '{$sched_task_offset}' => 82800 + mt_rand(0, 86399),
  874. );
  875. foreach ($txt as $key => $value)
  876. {
  877. if (substr($key, 0, 8) == 'default_')
  878. $replaces['{$' . $key . '}'] = $smcFunc['db_escape_string']($value);
  879. }
  880. $replaces['{$default_reserved_names}'] = strtr($replaces['{$default_reserved_names}'], array('\\\\n' => '\\n'));
  881. // If the UTF-8 setting was enabled, add it to the table definitions.
  882. if (empty($databases[$db_type]['utf8_required']) && isset($_POST['utf8']) && !empty($databases[$db_type]['utf8_support']))
  883. $replaces[') ENGINE=MyISAM;'] = ') ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_general_ci;';
  884. // Read in the SQL. Turn this on and that off... internationalize... etc.
  885. $sql_lines = explode("\n", strtr(implode(' ', file(dirname(__FILE__) . '/install_' . $GLOBALS['db_script_version'] . '_' . $db_type . '.sql')), $replaces));
  886. // Execute the SQL.
  887. $current_statement = '';
  888. $exists = array();
  889. $incontext['failures'] = array();
  890. $incontext['sql_results'] = array(
  891. 'tables' => 0,
  892. 'inserts' => 0,
  893. 'table_dups' => 0,
  894. 'insert_dups' => 0,
  895. );
  896. foreach ($sql_lines as $count => $line)
  897. {
  898. // No comments allowed!
  899. if (substr(trim($line), 0, 1) != '#')
  900. $current_statement .= "\n" . rtrim($line);
  901. // Is this the end of the query string?
  902. if (empty($current_statement) || (preg_match('~;[\s]*$~s', $line) == 0 && $count != count($sql_lines)))
  903. continue;
  904. // Does this table already exist? If so, don't insert more data into it!
  905. if (preg_match('~^\s*INSERT INTO ([^\s\n\r]+?)~', $current_statement, $match) != 0 && in_array($match[1], $exists))
  906. {
  907. $incontext['sql_results']['insert_dups']++;
  908. $current_statement = '';
  909. continue;
  910. }
  911. if ($smcFunc['db_query']('', $current_statement, array('security_override' => true, 'db_error_skip' => true), $db_connection) === false)
  912. {
  913. // Error 1050: Table already exists!
  914. // @todo Needs to be made better!
  915. if (($db_type != 'mysql' || mysql_errno($db_connection) === 1050) && preg_match('~^\s*CREATE TABLE ([^\s\n\r]+?)~', $current_statement, $match) == 1)
  916. {
  917. $exists[] = $match[1];
  918. $incontext['sql_results']['table_dups']++;
  919. }
  920. // Don't error on duplicate indexes (or duplicate operators in PostgreSQL.)
  921. elseif (!preg_match('~^\s*CREATE( UNIQUE)? INDEX ([^\n\r]+?)~', $current_statement, $match) && !($db_type == 'postgresql' && preg_match('~^\s*CREATE OPERATOR (^\n\r]+?)~', $current_statement, $match)))
  922. {
  923. $incontext['failures'][$count] = $smcFunc['db_error']();
  924. }
  925. }
  926. else
  927. {
  928. if (preg_match('~^\s*CREATE TABLE ([^\s\n\r]+?)~', $current_statement, $match) == 1)
  929. $incontext['sql_results']['tables']++;
  930. else
  931. {
  932. preg_match_all('~\)[,;]~', $current_statement, $matches);
  933. if (!empty($matches[0]))
  934. $incontext['sql_results']['inserts'] += count($matches[0]);
  935. else
  936. $incontext['sql_results']['inserts']++;
  937. }
  938. }
  939. $current_statement = '';
  940. }
  941. // Sort out the context for the SQL.
  942. foreach ($incontext['sql_results'] as $key => $number)
  943. {
  944. if ($number == 0)
  945. unset($incontext['sql_results'][$key]);
  946. else
  947. $incontext['sql_results'][$key] = sprintf($txt['db_populate_' . $key], $number);
  948. }
  949. // Make sure UTF will be used globally.
  950. if ((!empty($databases[$db_type]['utf8_support']) && !empty($databases[$db_type]['utf8_required'])) || (empty($databases[$db_type]['utf8_required']) && !empty($databases[$db_type]['utf8_support']) && isset($_POST['utf8'])))
  951. $smcFunc['db_insert']('replace',
  952. $db_prefix . 'settings',
  953. array(
  954. 'variable' => 'string-255', 'value' => 'string-65534',
  955. ),
  956. array(
  957. 'global_character_set', 'UTF-8',
  958. ),
  959. array('variable')
  960. );
  961. // Maybe we can auto-detect better cookie settings?
  962. preg_match('~^http[s]?://([^\.]+?)([^/]*?)(/.*)?$~', $boardurl, $matches);
  963. if (!empty($matches))
  964. {
  965. // Default = both off.
  966. $localCookies = false;
  967. $globalCookies = false;
  968. // Okay... let's see. Using a subdomain other than www.? (not a perfect check.)
  969. if ($matches[2] != '' && (strpos(substr($matches[2], 1), '.') === false || in_array($matches[1], array('forum', 'board', 'community', 'forums', 'support', 'chat', 'help', 'talk', 'boards', 'www'))))
  970. $globalCookies = true;
  971. // If there's a / in the middle of the path, or it starts with ~... we want local.
  972. if (isset($matches[3]) && strlen($matches[3]) > 3 && (substr($matches[3], 0, 2) == '/~' || strpos(substr($matches[3], 1), '/') !== false))
  973. $localCookies = true;
  974. if ($globalCookies)
  975. $rows[] = array('globalCookies', '1');
  976. if ($localCookies)
  977. $rows[] = array('localCookies', '1');
  978. if (!empty($rows))
  979. {
  980. $smcFunc['db_insert']('replace',
  981. $db_prefix . 'settings',
  982. array('variable' => 'string-255', 'value' => 'string-65534'),
  983. $rows,
  984. array('variable')
  985. );
  986. }
  987. }
  988. // Are we allowing stat collection?
  989. if (isset($_POST['stats']) && strpos($_POST['boardurl'], 'http://localhost') !== 0)
  990. {
  991. // Attempt to register the site etc.
  992. $fp = @fsockopen("www.simplemachines.org", 80, $errno, $errstr);
  993. if ($fp)
  994. {
  995. $out = "GET /smf/stats/register_stats.php?site=" . base64_encode($_POST['boardurl']) . " HTTP/1.1\r\n";
  996. $out .= "Host: www.simplemachines.org\r\n";
  997. $out .= "Connection: Close\r\n\r\n";
  998. fwrite($fp, $out);
  999. $return_data = '';
  1000. while (!feof($fp))
  1001. $return_data .= fgets($fp, 128);
  1002. fclose($fp);
  1003. // Get the unique site ID.
  1004. preg_match('~SITE-ID:\s(\w{10})~', $return_data, $ID);
  1005. if (!empty($ID[1]))
  1006. $smcFunc['db_insert']('',
  1007. $db_prefix . 'settings',
  1008. array(
  1009. 'variable' => 'string-255', 'value' => 'string-65534',
  1010. ),
  1011. array(
  1012. 'allow_sm_stats', $ID[1],
  1013. ),
  1014. array('variable')
  1015. );
  1016. }
  1017. }
  1018. // As of PHP 5.1, setting a timezone is required.
  1019. if (!isset($modSettings['default_timezone']) && function_exists('date_default_timezone_set'))
  1020. {
  1021. $server_offset = mktime(0, 0, 0, 1, 1, 1970);
  1022. $timezone_id = 'Etc/GMT' . ($server_offset > 0 ? '+' : '') . ($server_offset / 3600);
  1023. if (date_default_timezone_set($timezone_id))
  1024. $smcFunc['db_insert']('',
  1025. $db_prefix . 'settings',
  1026. array(
  1027. 'variable' => 'string-255', 'value' => 'string-65534',
  1028. ),
  1029. array(
  1030. 'default_timezone', $timezone_id,
  1031. ),
  1032. array('variable')
  1033. );
  1034. }
  1035. // Let's optimize those new tables.
  1036. db_extend();
  1037. $tables = $smcFunc['db_list_tables']($db_name, $db_prefix . '%');
  1038. foreach ($tables as $table)
  1039. {
  1040. $smcFunc['db_optimize_table']($table) != -1 or $db_messed = true;
  1041. // Optimizing one sqlite table, optimizes them all
  1042. if ($db_type == 'sqlite')
  1043. break;
  1044. if (!empty($db_messed))
  1045. {
  1046. $incontext['failures'][-1] = $smcFunc['db_error']();
  1047. break;
  1048. }
  1049. }
  1050. // Check for the ALTER privilege.
  1051. if (!empty($databases[$db_type]['alter_support']) && $smcFunc['db_query']('', "ALTER TABLE {$db_prefix}boards ORDER BY id_board", array('security_override' => true, 'db_error_skip' => true)) === false)
  1052. {
  1053. $incontext['error'] = $txt['error_db_alter_priv'];
  1054. return false;
  1055. }
  1056. if (!empty($exists))
  1057. {
  1058. $incontext['page_title'] = $txt['user_refresh_install'];
  1059. $incontext['was_refresh'] = true;
  1060. }
  1061. return false;
  1062. }
  1063. // Ask for the administrator login information.
  1064. function AdminAccount()
  1065. {
  1066. global $txt, $db_type, $db_connection, $databases, $smcFunc, $incontext, $db_prefix, $db_passwd, $sourcedir;
  1067. $incontext['sub_template'] = 'admin_account';
  1068. $incontext['page_title'] = $txt['user_settings'];
  1069. $incontext['continue'] = 1;
  1070. // Skipping?
  1071. if (!empty($_POST['skip']))
  1072. return true;
  1073. // Need this to check whether we need the database password.
  1074. require(dirname(__FILE__) . '/Settings.php');
  1075. load_database();
  1076. // Define the sha1 function, if it doesn't exist.
  1077. if (!function_exists('sha1') || version_compare(PHP_VERSION, '5', '<'))
  1078. require_once($sourcedir . '/Subs-Compat.php');
  1079. if (!isset($_POST['username']))
  1080. $_POST['username'] = '';
  1081. if (!isset($_POST['email']))
  1082. $_POST['email'] = '';
  1083. $incontext['username'] = htmlspecialchars(stripslashes($_POST['username']));
  1084. $incontext['email'] = htmlspecialchars(stripslashes($_POST['email']));
  1085. $incontext['require_db_confirm'] = empty($db_type) || $db_type != 'sqlite';
  1086. // Only allow skipping if we think they already have an account setup.
  1087. $request = $smcFunc['db_query']('', '
  1088. SELECT id_member
  1089. FROM {db_prefix}members
  1090. WHERE id_group = {int:admin_group} OR FIND_IN_SET({int:admin_group}, additional_groups) != 0
  1091. LIMIT 1',
  1092. array(
  1093. 'db_error_skip' => true,
  1094. 'admin_group' => 1,
  1095. )
  1096. );
  1097. if ($smcFunc['db_num_rows']($request) != 0)
  1098. $incontext['skip'] = 1;
  1099. $smcFunc['db_free_result']($request);
  1100. // Trying to create an account?
  1101. if (isset($_POST['password1']) && !empty($_POST['contbutt']))
  1102. {
  1103. // Wrong password?
  1104. if ($incontext['require_db_confirm'] && $_POST['password3'] != $db_passwd)
  1105. {
  1106. $incontext['error'] = $txt['error_db_connect'];
  1107. return false;
  1108. }
  1109. // Not matching passwords?
  1110. if ($_POST['password1'] != $_POST['password2'])
  1111. {
  1112. $incontext['error'] = $txt['error_user_settings_again_match'];
  1113. return false;
  1114. }
  1115. // No password?
  1116. if (strlen($_POST['password1']) < 4)
  1117. {
  1118. $incontext['error'] = $txt['error_user_settings_no_password'];
  1119. return false;
  1120. }
  1121. if (!file_exists($sourcedir . '/Subs.php'))
  1122. {
  1123. $incontext['error'] = $txt['error_subs_missing'];
  1124. return false;
  1125. }
  1126. // Update the main contact email?
  1127. if (!empty($_POST['email']) && (empty($webmaster_email) || $webmaster_email == '[email protected]'))
  1128. updateSettingsFile(array('webmaster_email' => $_POST['email']));
  1129. // Work out whether we're going to have dodgy characters and remove them.
  1130. $invalid_characters = preg_match('~[<>&"\'=\\\]~', $_POST['username']) != 0;
  1131. $_POST['username'] = preg_replace('~[<>&"\'=\\\]~', '', $_POST['username']);
  1132. $result = $smcFunc['db_query']('', '
  1133. SELECT id_member, password_salt
  1134. FROM {db_prefix}members
  1135. WHERE member_name = {string:username} OR email_address = {string:email}
  1136. LIMIT 1',
  1137. array(
  1138. 'username' => stripslashes($_POST['username']),
  1139. 'email' => stripslashes($_POST['email']),
  1140. 'db_error_skip' => true,
  1141. )
  1142. );
  1143. if ($smcFunc['db_num_rows']($result) != 0)
  1144. {
  1145. list ($incontext['member_id'], $incontext['member_salt']) = $smcFunc['db_fetch_row']($result);
  1146. $smcFunc['db_free_result']($result);
  1147. $incontext['account_existed'] = $txt['error_user_settings_taken'];
  1148. }
  1149. elseif ($_POST['username'] == '' || strlen($_POST['username']) > 25)
  1150. {
  1151. // Try the previous step again.
  1152. $incontext['error'] = $_POST['username'] == '' ? $txt['error_username_left_empty'] : $txt['error_username_too_long'];
  1153. return false;
  1154. }
  1155. elseif ($invalid_characters || $_POST['username'] == '_' || $_POST['username'] == '|' || strpos($_POST['username'], '[code') !== false || strpos($_POST['username'], '[/code') !== false)
  1156. {
  1157. // Try the previous step again.
  1158. $incontext['error'] = $txt['error_invalid_characters_username'];
  1159. return false;
  1160. }
  1161. elseif (empty($_POST['email']) || preg_match('~^[0-9A-Za-z=_+\-/][0-9A-Za-z=_\'+\-/\.]*@[\w\-]+(\.[\w\-]+)*(\.[\w]{2,6})$~', stripslashes($_POST['email'])) === 0 || strlen(stripslashes($_POST['email'])) > 255)
  1162. {
  1163. // One step back, this time fill out a proper email address.
  1164. $incontext['error'] = sprintf($txt['error_valid_email_needed'], $_POST['username']);
  1165. return false;
  1166. }
  1167. elseif ($_POST['username'] != '')
  1168. {
  1169. $incontext['member_salt'] = substr(md5(mt_rand()), 0, 4);
  1170. // Format the username properly.
  1171. $_POST['username'] = preg_replace('~[\t\n\r\x0B\0\xA0]+~', ' ', $_POST['username']);
  1172. $ip = isset($_SERVER['REMOTE_ADDR']) ? substr($_SERVER['REMOTE_ADDR'], 0, 255) : '';
  1173. $request = $smcFunc['db_insert']('',
  1174. $db_prefix . 'members',
  1175. array(
  1176. 'member_name' => 'string-25', 'real_name' => 'string-25', 'passwd' => 'string', 'email_address' => 'string',
  1177. 'id_group' => 'int', 'posts' => 'int', 'date_registered' => 'int', 'hide_email' => 'int',
  1178. 'password_salt' => 'string', 'lngfile' => 'string', 'personal_text' => 'string', 'avatar' => 'string',
  1179. 'member_ip' => 'string', 'member_ip2' => 'string', 'buddy_list' => 'string', 'pm_ignore_list' => 'string',
  1180. 'message_labels' => 'string', 'website_title' => 'string', 'website_url' => 'string', 'location' => 'string',
  1181. 'aim' => 'string', 'icq' => 'string', 'skype' => 'string', 'signature' => 'string', 'usertitle' => 'string', 'secret_question' => 'string',
  1182. 'additional_groups' => 'string', 'ignore_boards' => 'string', 'openid_uri' => 'string',
  1183. ),
  1184. array(
  1185. stripslashes($_POST['username']), stripslashes($_POST['username']), sha1(strtolower(stripslashes($_POST['username'])) . stripslashes($_POST['password1'])), stripslashes($_POST['email']),
  1186. 1, 0, time(), 0,
  1187. $incontext['member_salt'], '', '', '',
  1188. $ip, $ip, '', '',
  1189. '', '', '', '',
  1190. '', '', '', '', '', '',
  1191. '', '', '',
  1192. ),
  1193. array('id_member')
  1194. );
  1195. // Awww, crud!
  1196. if ($request === false)
  1197. {
  1198. $incontext['error'] = $txt['error_user_settings_query'] . '<br />
  1199. <div style="margin: 2ex;">' . nl2br(htmlspecialchars($smcFunc['db_error']($db_connection))) . '</div>';
  1200. return false;
  1201. }
  1202. $incontext['member_id'] = $smcFunc['db_insert_id']("{$db_prefix}members", 'id_member');
  1203. }
  1204. // If we're here we're good.
  1205. return true;
  1206. }
  1207. return false;
  1208. }
  1209. // Final step, clean up and a complete message!
  1210. function DeleteInstall()
  1211. {
  1212. global $txt, $db_prefix, $db_connection, $HTTP_SESSION_VARS, $cookiename, $incontext;
  1213. global $smcFunc, $db_character_set, $mbname, $context, $scripturl, $boardurl;
  1214. global $current_smf_version, $databases, $sourcedir, $forum_version, $modSettings, $user_info, $language, $db_type;
  1215. $incontext['page_title'] = $txt['congratulations'];
  1216. $incontext['sub_template'] = 'delete_install';
  1217. $incontext['continue'] = 0;
  1218. require(dirname(__FILE__) . '/Settings.php');
  1219. load_database();
  1220. chdir(dirname(__FILE__));
  1221. require_once($sourcedir . '/Errors.php');
  1222. require_once($sourcedir . '/Logging.php');
  1223. require_once($sourcedir . '/Subs.php');
  1224. require_once($sourcedir . '/Load.php');
  1225. require_once($sourcedir . '/Security.php');
  1226. require_once($sourcedir . '/Subs-Auth.php');
  1227. // Bring a warning over.
  1228. if (!empty($incontext['account_existed']))
  1229. $incontext['warning'] = $incontext['account_existed'];
  1230. if (!empty($db_character_set) && !empty($databases[$db_type]['utf8_support']))
  1231. $smcFunc['db_query']('', '
  1232. SET NAMES {raw:db_character_set}',
  1233. array(
  1234. 'db_character_set' => $db_character_set,
  1235. 'db_error_skip' => true,
  1236. )
  1237. );
  1238. // As track stats is by default enabled let's add some activity.
  1239. $smcFunc['db_insert']('ignore',
  1240. '{db_prefix}log_activity',
  1241. array('date' => 'date', 'topics' => 'int', 'posts' => 'int', 'registers' => 'int'),
  1242. array(strftime('%Y-%m-%d', time()), 1, 1, (!empty($incontext['member_id']) ? 1 : 0)),
  1243. array('date')
  1244. );
  1245. // We're going to want our lovely $modSettings now.
  1246. $request = $smcFunc['db_query']('', '
  1247. SELECT variable, value
  1248. FROM {db_prefix}settings',
  1249. array(
  1250. 'db_error_skip' => true,
  1251. )
  1252. );
  1253. // Only proceed if we can load the data.
  1254. if ($request)
  1255. {
  1256. while ($row = $smcFunc['db_fetch_row']($request))
  1257. $modSettings[$row[0]] = $row[1];
  1258. $smcFunc['db_free_result']($request);
  1259. }
  1260. // Automatically log them in ;)
  1261. if (isset($incontext['member_id']) && isset($incontext['member_salt']))
  1262. setLoginCookie(3153600 * 60, $incontext['member_id'], sha1(sha1(strtolower($_POST['username']) . $_POST['password1']) . $incontext['member_salt']));
  1263. $result = $smcFunc['db_query']('', '
  1264. SELECT value
  1265. FROM {db_prefix}settings
  1266. WHERE variable = {string:db_sessions}',
  1267. array(
  1268. 'db_sessions' => 'databaseSession_enable',
  1269. 'db_error_skip' => true,
  1270. )
  1271. );
  1272. if ($smcFunc['db_num_rows']($result) != 0)
  1273. list ($db_sessions) = $smcFunc['db_fetch_row']($result);
  1274. $smcFunc['db_free_result']($result);
  1275. if (empty($db_sessions))
  1276. $_SESSION['admin_time'] = time();
  1277. else
  1278. {
  1279. $_SERVER['HTTP_USER_AGENT'] = substr($_SERVER['HTTP_USER_AGENT'], 0, 211);
  1280. $smcFunc['db_insert']('replace',
  1281. '{db_prefix}sessions',
  1282. array(
  1283. 'session_id' => 'string', 'last_update' => 'int', 'data' => 'string',
  1284. ),
  1285. array(
  1286. session_id(), time(), 'USER_AGENT|s:' . strlen($_SERVER['HTTP_USER_AGENT']) . ':"' . $_SERVER['HTTP_USER_AGENT'] . '";admin_time|i:' . time() . ';',
  1287. ),
  1288. array('session_id')
  1289. );
  1290. }
  1291. updateStats('member');
  1292. updateStats('message');
  1293. updateStats('topic');
  1294. // This function is needed to do the updateStats('subject') call.
  1295. $smcFunc['strtolower'] = $db_character_set === 'utf8' || $txt['lang_character_set'] === 'UTF-8' ? create_function('$string', '
  1296. return $string;') : 'strtolower';
  1297. $request = $smcFunc['db_query']('', '
  1298. SELECT id_msg
  1299. FROM {db_prefix}messages
  1300. WHERE id_msg = 1
  1301. AND modified_time = 0
  1302. LIMIT 1',
  1303. array(
  1304. 'db_error_skip' => true,
  1305. )
  1306. );
  1307. if ($smcFunc['db_num_rows']($request) > 0)
  1308. updateStats('subject', 1, htmlspecialchars($txt['default_topic_subject']));
  1309. $smcFunc['db_free_result']($request);
  1310. // Now is the perfect time to fetch the SM files.
  1311. require_once($sourcedir . '/ScheduledTasks.php');
  1312. // Sanity check that they loaded earlier!
  1313. if (isset($modSettings['recycle_board']))
  1314. {
  1315. $forum_version = $current_smf_version; // The variable is usually defined in index.php so lets just use our variable to do it for us.
  1316. scheduled_fetchSMfiles(); // Now go get those files!
  1317. // We've just installed!
  1318. $user_info['ip'] = $_SERVER['REMOTE_ADDR'];
  1319. $user_info['id'] = isset($incontext['member_id']) ? $incontext['member_id'] : 0;
  1320. logAction('install', array('version' => $forum_version), 'admin');
  1321. }
  1322. // Check if we need some stupid MySQL fix.
  1323. $server_version = $smcFunc['db_server_info']();
  1324. if ($db_type == 'mysql' && in_array(substr($server_version, 0, 6), array('5.0.50', '5.0.51')))
  1325. updateSettings(array('db_mysql_group_by_fix' => '1'));
  1326. // Some final context for the template.
  1327. $incontext['dir_still_writable'] = is_writable(dirname(__FILE__)) && substr(__FILE__, 1, 2) != ':\\';
  1328. $incontext['probably_delete_install'] = isset($_SESSION['installer_temp_ftp']) || is_writable(dirname(__FILE__)) || is_writable(__FILE__);
  1329. return false;
  1330. }
  1331. // http://www.faqs.org/rfcs/rfc959.html
  1332. class ftp_connection
  1333. {
  1334. var $connection = 'no_connection', $error = false, $last_message, $pasv = array();
  1335. // Create a new FTP connection...
  1336. function ftp_connection($ftp_server, $ftp_port = 21, $ftp_user = 'anonymous', $ftp_pass = '[email protected]')
  1337. {
  1338. if ($ftp_server !== null)
  1339. $this->connect($ftp_server, $ftp_port, $ftp_user, $ftp_pass);
  1340. }
  1341. function connect($ftp_server, $ftp_port = 21, $ftp_user = 'anonymous', $ftp_pass = '[email protected]')
  1342. {
  1343. if (substr($ftp_server, 0, 6) == 'ftp://')
  1344. $ftp_server = substr($ftp_server, 6);
  1345. elseif (substr($ftp_server, 0, 7) == 'ftps://')
  1346. $ftp_server = 'ssl://' . substr($ftp_server, 7);
  1347. if (substr($ftp_server, 0, 7) == 'http://')
  1348. $ftp_server = substr($ftp_server, 7);
  1349. $ftp_server = strtr($ftp_server, array('/' => '', ':' => '', '@' => ''));
  1350. // Connect to the FTP server.
  1351. $this->connection = @fsockopen($ftp_server, $ftp_port, $err, $err, 5);
  1352. if (!$this->connection)
  1353. {
  1354. $this->error = 'bad_server';
  1355. return;
  1356. }
  1357. // Get the welcome message...
  1358. if (!$this->check_response(220))
  1359. {
  1360. $this->error = 'bad_response';
  1361. return;
  1362. }
  1363. // Send the username, it should ask for a password.
  1364. fwrite($this->connection, 'USER ' . $ftp_user . "\r\n");
  1365. if (!$this->check_response(331))
  1366. {
  1367. $this->error = 'bad_username';
  1368. return;
  1369. }
  1370. // Now send the password... and hope it goes okay.
  1371. fwrite($this->connection, 'PASS ' . $ftp_pass . "\r\n");
  1372. if (!$this->check_response(230))
  1373. {
  1374. $this->error = 'bad_password';
  1375. return;
  1376. }
  1377. }
  1378. function chdir($ftp_path)
  1379. {
  1380. if (!is_resource($this->connection))
  1381. return false;
  1382. // No slash on the end, please...
  1383. if (substr($ftp_path, -1) == '/')
  1384. $ftp_path = substr($ftp_path, 0, -1);
  1385. fwrite($this->connection, 'CWD ' . $ftp_path . "\r\n");
  1386. if (!$this->check_response(250))
  1387. {
  1388. $this->error = 'bad_path';
  1389. return false;
  1390. }
  1391. return true;
  1392. }
  1393. function chmod($ftp_file, $chmod)
  1394. {
  1395. if (!is_resource($this->connection))
  1396. return false;
  1397. // Convert the chmod value from octal (0777) to text ("777")
  1398. fwrite($this->connection, 'SITE CHMOD ' . decoct($chmod) . ' ' . $ftp_file . "\r\n");
  1399. if (!$this->check_response(200))
  1400. {
  1401. $this->error = 'bad_file';
  1402. return false;
  1403. }
  1404. return true;
  1405. }
  1406. function unlink($ftp_file)
  1407. {
  1408. // We are actually connected, right?
  1409. if (!is_resource($this->connection))
  1410. return false;
  1411. // Delete file X.
  1412. fwrite($this->connection, 'DELE ' . $ftp_file . "\r\n");
  1413. if (!$this->check_response(250))
  1414. {
  1415. fwrite($this->connection, 'RMD ' . $ftp_file . "\r\n");
  1416. // Still no love?
  1417. if (!$this->check_response(250))
  1418. {
  1419. $this->error = 'bad_file';
  1420. return false;
  1421. }
  1422. }
  1423. return true;
  1424. }
  1425. function check_response($desired)
  1426. {
  1427. // Wait for a response that isn't continued with -, but don't wait too long.
  1428. $time = time();
  1429. do
  1430. $this->last_message = fgets($this->connection, 1024);
  1431. while (substr($this->last_message, 3, 1) != ' ' && time() - $time < 5);
  1432. // Was the desired response returned?
  1433. return is_array($desired) ? in_array(substr($this->last_message, 0, 3), $desired) : substr($this->last_message, 0, 3) == $desired;
  1434. }
  1435. function passive()
  1436. {
  1437. // We can't create a passive data connection without a primary one first being there.
  1438. if (!is_resource($this->connection))
  1439. return false;
  1440. // Request a passive connection - this means, we'll talk to you, you don't talk to us.
  1441. @fwrite($this->connection, "PASV\r\n");
  1442. $time = time();
  1443. do
  1444. $response = fgets($this->connection, 1024);
  1445. while (substr($response, 3, 1) != ' ' && time() - $time < 5);
  1446. // If it's not 227, we weren't given an IP and port, which means it failed.
  1447. if (substr($response, 0, 4) != '227 ')
  1448. {
  1449. $this->error = 'bad_response';
  1450. return false;
  1451. }
  1452. // Snatch the IP and port information, or die horribly trying...
  1453. if (preg_match('~\((\d+),\s*(\d+),\s*(\d+),\s*(\d+),\s*(\d+)(?:,\s*(\d+))\)~', $response, $match) == 0)
  1454. {
  1455. $this->error = 'bad_response';
  1456. return false;
  1457. }
  1458. // This is pretty simple - store it for later use ;)
  1459. $this->pasv = array('ip' => $match[1] . '.' . $match[2] . '.' . $match[3] . '.' . $match[4], 'port' => $match[5] * 256 + $match[6]);
  1460. return true;
  1461. }
  1462. function create_file($ftp_file)
  1463. {
  1464. // First, we have to be connected... very important.
  1465. if (!is_resource($this->connection))
  1466. return false;
  1467. // I'd like one passive mode, please!
  1468. if (!$this->passive())
  1469. return false;
  1470. // Seems logical enough, so far...
  1471. fwrite($this->connection, 'STOR ' . $ftp_file . "\r\n");
  1472. // Okay, now we connect to the data port. If it doesn't work out, it's probably "file already exists", etc.
  1473. $fp = @fsockopen($this->pasv['ip'], $this->pasv['port'], $err, $err, 5);
  1474. if (!$fp || !$this->check_response(150))
  1475. {
  1476. $this->error = 'bad_file';
  1477. @fclose($fp);
  1478. return false;
  1479. }
  1480. // This may look strange, but we're just closing it to indicate a zero-byte upload.
  1481. fclose($fp);
  1482. if (!$this->check_response(226))
  1483. {
  1484. $this->error = 'bad_response';
  1485. return false;
  1486. }
  1487. return true;
  1488. }
  1489. function list_dir($ftp_path = '', $search = false)
  1490. {
  1491. // Are we even connected...?
  1492. if (!is_resource($this->connection))
  1493. return false;
  1494. // Passive... non-agressive...
  1495. if (!$this->passive())
  1496. return false;
  1497. // Get the listing!
  1498. fwrite($this->connection, 'LIST -1' . ($search ? 'R' : '') . ($ftp_path == '' ? '' : ' ' . $ftp_path) . "\r\n");
  1499. // Connect, assuming we've got a connection.
  1500. $fp = @fsockopen($this->pasv['ip'], $this->pasv['port'], $err, $err, 5);
  1501. if (!$fp || !$this->check_response(array(150, 125)))
  1502. {
  1503. $this->error = 'bad_response';
  1504. @fclose($fp);
  1505. return false;
  1506. }
  1507. // Read in the file listing.
  1508. $data = '';
  1509. while (!feof($fp))
  1510. $data .= fread($fp, 4096);
  1511. fclose($fp);
  1512. // Everything go okay?
  1513. if (!$this->check_response(226))
  1514. {
  1515. $this->error = 'bad_response';
  1516. return false;
  1517. }
  1518. return $data;
  1519. }
  1520. function locate($file, $listing = null)
  1521. {
  1522. if ($listing === null)
  1523. $listing = $this->list_dir('', true);
  1524. $listing = explode("\n", $listing);
  1525. @fwrite($this->connection, "PWD\r\n");
  1526. $time = time();
  1527. do
  1528. $response = fgets($this->connection, 1024);
  1529. while (substr($response, 3, 1) != ' ' && time() - $time < 5);
  1530. // Check for 257!
  1531. if (preg_match('~^257 "(.+?)" ~', $response, $match) != 0)
  1532. $current_dir = strtr($match[1], array('""' => '"'));
  1533. else
  1534. $current_dir = '';
  1535. for ($i = 0, $n = count($listing); $i < $n; $i++)
  1536. {
  1537. if (trim($listing[$i]) == '' && isset($listing[$i + 1]))
  1538. {
  1539. $current_dir = substr(trim($listing[++$i]), 0, -1);
  1540. $i++;
  1541. }
  1542. // Okay, this file's name is:
  1543. $listing[$i] = $current_dir . '/' . trim(strlen($listing[$i]) > 30 ? strrchr($listing[$i], ' ') : $listing[$i]);
  1544. if (substr($file, 0, 1) == '*' && substr($listing[$i], -(strlen($file) - 1)) == substr($file, 1))
  1545. return $listing[$i];
  1546. if (substr($file, -1) == '*' && substr($listing[$i], 0, strlen($file) - 1) == substr($file, 0, -1))
  1547. return $listing[$i];
  1548. if (basename($listing[$i]) == $file || $listing[$i] == $file)
  1549. return $listing[$i];
  1550. }
  1551. return false;
  1552. }
  1553. function create_dir($ftp_dir)
  1554. {
  1555. // We must be connected to the server to do something.
  1556. if (!is_resource($this->connection))
  1557. return false;
  1558. // Make this new beautiful directory!
  1559. fwrite($this->connection, 'MKD ' . $ftp_dir . "\r\n");
  1560. if (!$this->check_response(257))
  1561. {
  1562. $this->error = 'bad_file';
  1563. return false;
  1564. }
  1565. return true;
  1566. }
  1567. function detect_path($filesystem_path, $lookup_file = null)
  1568. {
  1569. $username = '';
  1570. if (isset($_SERVER['DOCUMENT_ROOT']))
  1571. {
  1572. if (preg_match('~^/home[2]?/([^/]+?)/public_html~', $_SERVER['DOCUMENT_ROOT'], $match))
  1573. {
  1574. $username = $match[1];
  1575. $path = strtr($_SERVER['DOCUMENT_ROOT'], array('/home/' . $match[1] . '/' => '', '/home2/' . $match[1] . '/' => ''));
  1576. if (substr($path, -1) == '/')
  1577. $path = substr($path, 0, -1);
  1578. if (strlen(dirname($_SERVER['PHP_SELF'])) > 1)
  1579. $path .= dirname($_SERVER['PHP_SELF']);
  1580. }
  1581. elseif (substr($filesystem_path, 0, 9) == '/var/www/')
  1582. $path = substr($filesystem_path, 8);
  1583. else
  1584. $path = strtr(strtr($filesystem_path, array('\\' => '/')), array($_SERVER['DOCUMENT_ROOT'] => ''));
  1585. }
  1586. else
  1587. $path = '';
  1588. if (is_resource($this->connection) && $this->list_dir($path) == '')
  1589. {
  1590. $data = $this->list_dir('', true);
  1591. if ($lookup_file === null)
  1592. $lookup_file = $_SERVER['PHP_SELF'];
  1593. $found_path = dirname($this->locate('*' . basename(dirname($lookup_file)) . '/' . basename($lookup_file), $data));
  1594. if ($found_path == false)
  1595. $found_path = dirname($this->locate(basename($lookup_file)));
  1596. if ($found_path != false)
  1597. $path = $found_path;
  1598. }
  1599. elseif (is_resource($this->connection))
  1600. $found_path = true;
  1601. return array($username, $path, isset($found_path));
  1602. }
  1603. function close()
  1604. {
  1605. // Goodbye!
  1606. fwrite($this->connection, "QUIT\r\n");
  1607. fclose($this->connection);
  1608. return true;
  1609. }
  1610. }
  1611. function updateSettingsFile($vars)
  1612. {
  1613. // Modify Settings.php.
  1614. $settingsArray = file(dirname(__FILE__) . '/Settings.php');
  1615. // @todo Do we just want to read the file in clean, and split it this way always?
  1616. if (count($settingsArray) == 1)
  1617. $settingsArray = preg_split('~[\r\n]~', $settingsArray[0]);
  1618. for ($i = 0, $n = count($settingsArray); $i < $n; $i++)
  1619. {
  1620. // Remove the redirect...
  1621. if (trim($settingsArray[$i]) == 'if (file_exists(dirname(__FILE__) . \'/install.php\'))' && trim($settingsArray[$i + 1]) == '{' && trim($settingsArray[$i + 3]) == '}')
  1622. {
  1623. // Get the four lines to nothing.
  1624. $settingsArray[$i] = '';
  1625. $settingsArray[++$i] = '';
  1626. $settingsArray[++$i] = '';
  1627. $settingsArray[++$i] = '';
  1628. continue;
  1629. }
  1630. if (trim($settingsArray[$i]) == '?' . '>')
  1631. $settingsArray[$i] = '';
  1632. // Don't trim or bother with it if it's not a variable.
  1633. if (substr($settingsArray[$i], 0, 1) != '$')
  1634. continue;
  1635. $settingsArray[$i] = rtrim($settingsArray[$i]) . "\n";
  1636. foreach ($vars as $var => $val)
  1637. if (strncasecmp($settingsArray[$i], '$' . $var, 1 + strlen($var)) == 0)
  1638. {
  1639. $comment = strstr($settingsArray[$i], '#');
  1640. $settingsArray[$i] = '$' . $var . ' = \'' . $val . '\';' . ($comment != '' ? "\t\t" . $comment : "\n");
  1641. unset($vars[$var]);
  1642. }
  1643. }
  1644. // Uh oh... the file wasn't empty... was it?
  1645. if (!empty($vars))
  1646. {
  1647. $settingsArray[$i++] = '';
  1648. foreach ($vars as $var => $val)
  1649. $settingsArray[$i++] = '$' . $var . ' = \'' . $val . '\';' . "\n";
  1650. }
  1651. // Blank out the file - done to fix a oddity with some servers.
  1652. $fp = @fopen(dirname(__FILE__) . '/Settings.php', 'w');
  1653. if (!$fp)
  1654. return false;
  1655. fclose($fp);
  1656. $fp = fopen(dirname(__FILE__) . '/Settings.php', 'r+');
  1657. // Gotta have one of these ;)
  1658. if (trim($settingsArray[0]) != '<?php')
  1659. fwrite($fp, "<?php\n");
  1660. $lines = count($settingsArray);
  1661. for ($i = 0; $i < $lines - 1; $i++)
  1662. {
  1663. // Don't just write a bunch of blank lines.
  1664. if ($settingsArray[$i] != '' || @$settingsArray[$i - 1] != '')
  1665. fwrite($fp, strtr($settingsArray[$i], "\r", ''));
  1666. }
  1667. fwrite($fp, $settingsArray[$i] . '?' . '>');
  1668. fclose($fp);
  1669. return true;
  1670. }
  1671. function updateDbLastError()
  1672. {
  1673. // Write out the db_last_error file with the error timestamp
  1674. file_put_contents(dirname(__FILE__) . '/db_last_error.php', '<' . '?' . "php\n" . '$db_last_error = 0;' . "\n" . '?' . '>');
  1675. return true;
  1676. }
  1677. // Create an .htaccess file to prevent mod_security. SMF has filtering built-in.
  1678. function fixModSecurity()
  1679. {
  1680. $htaccess_addition = '
  1681. <IfModule mod_security.c>
  1682. # Turn off mod_security filtering. SMF is a big boy, it doesn\'t need its hands held.
  1683. SecFilterEngine Off
  1684. # The below probably isn\'t needed, but better safe than sorry.
  1685. SecFilterScanPOST Off
  1686. </IfModule>';
  1687. if (!function_exists('apache_get_modules') || !in_array('mod_security', apache_get_modules()))
  1688. return true;
  1689. elseif (file_exists(dirname(__FILE__) . '/.htaccess') && is_writable(dirname(__FILE__) . '/.htaccess'))
  1690. {
  1691. $current_htaccess = implode('', file(dirname(__FILE__) . '/.htaccess'));
  1692. // Only change something if mod_security hasn't been addressed yet.
  1693. if (strpos($current_htaccess, '<IfModule mod_security.c>') === false)
  1694. {
  1695. if ($ht_handle = fopen(dirname(__FILE__) . '/.htaccess', 'a'))
  1696. {
  1697. fwrite($ht_handle, $htaccess_addition);
  1698. fclose($ht_handle);
  1699. return true;
  1700. }
  1701. else
  1702. return false;
  1703. }
  1704. else
  1705. return true;
  1706. }
  1707. elseif (file_exists(dirname(__FILE__) . '/.htaccess'))
  1708. return strpos(implode('', file(dirname(__FILE__) . '/.htaccess')), '<IfModule mod_security.c>') !== false;
  1709. elseif (is_writable(dirname(__FILE__)))
  1710. {
  1711. if ($ht_handle = fopen(dirname(__FILE__) . '/.htaccess', 'w'))
  1712. {
  1713. fwrite($ht_handle, $htaccess_addition);
  1714. fclose($ht_handle);
  1715. return true;
  1716. }
  1717. else
  1718. return false;
  1719. }
  1720. else
  1721. return false;
  1722. }
  1723. function template_install_above()
  1724. {
  1725. global $incontext, $txt, $smfsite, $installurl;
  1726. echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
  1727. <html xmlns="http://www.w3.org/1999/xhtml"', !empty($txt['lang_rtl']) ? ' dir="rtl"' : '', '>
  1728. <head>
  1729. <meta http-equiv="Content-Type" content="text/html; charset=', isset($txt['lang_character_set']) ? $txt['lang_character_set'] : 'ISO-8859-1', '" />
  1730. <meta name="robots" content="noindex" />
  1731. <title>', $txt['smf_installer'], '</title>
  1732. <link rel="stylesheet" type="text/css" href="Themes/default/css/index.css?alp21" />
  1733. <link rel="stylesheet" type="text/css" href="Themes/default/css/install.css?alp21" />
  1734. <script type="text/javascript" src="Themes/default/scripts/script.js"></script>
  1735. </head>
  1736. <body>
  1737. <div id="header">
  1738. <div class="frame">
  1739. <h1 class="forumtitle">', $txt['smf_installer'], '</h1>
  1740. <img id="smflogo" src="Themes/default/images/smflogo.png" alt="Simple Machines Forum" title="Simple Machines Forum" />
  1741. </div>
  1742. </div>
  1743. <div id="wrapper">
  1744. <div id="upper_section">
  1745. <div id="inner_section">
  1746. <div id="inner_wrap">';
  1747. // Have we got a language drop down - if so do it on the first step only.
  1748. if (!empty($incontext['detected_languages']) && count($incontext['detected_languages']) > 1 && $incontext['current_step'] == 0)
  1749. {
  1750. echo '
  1751. <div class="news">
  1752. <form action="', $installurl, '" method="get">
  1753. <label for="installer_language">', $txt['installer_language'], ':</label>
  1754. <select id="installer_language" name="lang_file" onchange="location.href = \'', $installurl, '?lang_file=\' + this.options[this.selectedIndex].value;">';
  1755. foreach ($incontext['detected_languages'] as $lang => $name)
  1756. echo '
  1757. <option', isset($_SESSION['installer_temp_lang']) && $_SESSION['installer_temp_lang'] == $lang ? ' selected="selected"' : '', ' value="', $lang, '">', $name, '</option>';
  1758. echo '
  1759. </select>
  1760. <noscript><input type="submit" value="', $txt['installer_language_set'], '" class="button_submit" /></noscript>
  1761. </form>
  1762. </div>
  1763. <hr class="clear" />';
  1764. }
  1765. echo '
  1766. </div>
  1767. </div>
  1768. </div>
  1769. <div id="content_section">
  1770. <div id="main_content_section">
  1771. <div id="main_steps">
  1772. <h2>', $txt['upgrade_progress'], '</h2>
  1773. <ul>';
  1774. foreach ($incontext['steps'] as $num => $step)
  1775. echo '
  1776. <li class="', $num < $incontext['current_step'] ? 'stepdone' : ($num == $incontext['current_step'] ? 'stepcurrent' : 'stepwaiting'), '">', $txt['upgrade_step'], ' ', $step[0], ': ', $step[1], '</li>';
  1777. echo '
  1778. </ul>
  1779. </div>
  1780. <div id="progress_bar">
  1781. <div id="overall_text">', $incontext['overall_percent'], '%</div>
  1782. <div id="overall_progress" style="width: ', $incontext['overall_percent'], '%;">&nbsp;</div>
  1783. <div class="overall_progress">', $txt['upgrade_overall_progress'], '</div>
  1784. </div>
  1785. <div id="main_screen" class="clear">
  1786. <h2>', $incontext['page_title'], '</h2>
  1787. <div class="panel">';
  1788. }
  1789. function template_install_below()
  1790. {
  1791. global $incontext, $txt;
  1792. if (!empty($incontext['continue']) || !empty($incontext['skip']))
  1793. {
  1794. echo '
  1795. <div>';
  1796. if (!empty($incontext['continue']))
  1797. echo '
  1798. <input type="submit" id="contbutt" name="contbutt" value="', $txt['upgrade_continue'], '" onclick="return submitThisOnce(this);" class="button_submit" />';
  1799. if (!empty($incontext['skip']))
  1800. echo '
  1801. <input type="submit" id="skip" name="skip" value="', $txt['upgrade_skip'], '" onclick="return submitThisOnce(this);" class="button_submit" />';
  1802. echo '
  1803. </div>';
  1804. }
  1805. // Show the closing form tag and other data only if not in the last step
  1806. if (count($incontext['steps']) - 1 !== (int) $incontext['current_step'])
  1807. echo '
  1808. </form>';
  1809. echo '
  1810. </div>
  1811. </div>
  1812. </div>
  1813. </div>
  1814. </div>
  1815. <div id="footer_section">
  1816. <div class="frame">
  1817. <ul class="reset">
  1818. <li class="copyright"><a href="http://www.simplemachines.org/" title="Simple Machines Forum" target="_blank" class="new_win">SMF &copy; 2011, Simple Machines</a></li>
  1819. </ul>
  1820. </div>
  1821. </div>
  1822. </body>
  1823. </html>';
  1824. }
  1825. // Welcome them to the wonderful world of SMF!
  1826. function template_welcome_message()
  1827. {
  1828. global $incontext, $installurl, $txt;
  1829. echo '
  1830. <script type="text/javascript" src="http://www.simplemachines.org/smf/current-version.js?version=' . $GLOBALS['current_smf_version'] . '"></script>
  1831. <form action="', $incontext['form_url'], '" method="post">
  1832. <p>', sprintf($txt['install_welcome_desc'], $GLOBALS['current_smf_version']), '</p>
  1833. <div id="version_warning" style="margin: 2ex; padding: 2ex; border: 2px dashed #a92174; color: black; background-color: #fbbbe2; display: none;">
  1834. <div style="float: left; width: 2ex; font-size: 2em; color: red;">!!</div>
  1835. <strong style="text-decoration: underline;">', $txt['error_warning_notice'], '</strong><br />
  1836. <div style="padding-left: 6ex;">
  1837. ', sprintf($txt['error_script_outdated'], '<em id="smfVersion" style="white-space: nowrap;">??</em>', '<em id="yourVersion" style="white-space: nowrap;">' . $GLOBALS['current_smf_version'] . '</em>'), '
  1838. </div>
  1839. </div>';
  1840. // Show the warnings, or not.
  1841. if (template_warning_divs())
  1842. echo '
  1843. <h3>', $txt['install_all_lovely'], '</h3>';
  1844. // Say we want the continue button!
  1845. if (empty($incontext['error']))
  1846. $incontext['continue'] = 1;
  1847. // For the latest version stuff.
  1848. echo '
  1849. <script type="text/javascript"><!-- // --><![CDATA[
  1850. // Latest version?
  1851. function smfCurrentVersion()
  1852. {
  1853. var smfVer, yourVer;
  1854. if (!(\'smfVersion\' in window))
  1855. return;
  1856. window.smfVersion = window.smfVersion.replace(/SMF\s?/g, \'\');
  1857. smfVer = document.getElementById("smfVersion");
  1858. yourVer = document.getElementById("yourVersion");
  1859. setInnerHTML(smfVer, window.smfVersion);
  1860. var currentVersion = getInnerHTML(yourVer);
  1861. if (currentVersion < window.smfVersion)
  1862. document.getElementById(\'version_warning\').style.display = \'\';
  1863. }
  1864. addLoadEvent(smfCurrentVersion);
  1865. // ]]></script>';
  1866. }
  1867. // A shortcut for any warning stuff.
  1868. function template_warning_divs()
  1869. {
  1870. global $txt, $incontext;
  1871. // Errors are very serious..
  1872. if (!empty($incontext['error']))
  1873. echo '
  1874. <div style="margin: 2ex; padding: 2ex; border: 2px dashed #cc3344; color: black; background-color: #ffe4e9;">
  1875. <div style="float: left; width: 2ex; font-size: 2em; color: red;">!!</div>
  1876. <strong style="text-decoration: underline;">', $txt['upgrade_critical_error'], '</strong><br />
  1877. <div style="padding-left: 6ex;">
  1878. ', $incontext['error'], '
  1879. </div>
  1880. </div>';
  1881. // A warning message?
  1882. elseif (!empty($incontext['warning']))
  1883. echo '
  1884. <div style="margin: 2ex; padding: 2ex; border: 2px dashed #cc3344; color: black; background-color: #ffe4e9;">
  1885. <div style="float: left; width: 2ex; font-size: 2em; color: red;">!!</div>
  1886. <strong style="text-decoration: underline;">', $txt['upgrade_warning'], '</strong><br />
  1887. <div style="padding-left: 6ex;">
  1888. ', $incontext['warning'], '
  1889. </div>
  1890. </div>';
  1891. return empty($incontext['error']) && empty($incontext['warning']);
  1892. }
  1893. function template_chmod_files()
  1894. {
  1895. global $txt, $incontext;
  1896. echo '
  1897. <p>', $txt['ftp_setup_why_info'], '</p>
  1898. <ul style="margin: 2.5ex; font-family: monospace;">
  1899. <li>', implode('</li>
  1900. <li>', $incontext['failed_files']), '</li>
  1901. </ul>';
  1902. // This is serious!
  1903. if (!template_warning_divs())
  1904. return;
  1905. echo '
  1906. <hr />
  1907. <p>', $txt['ftp_setup_info'], '</p>';
  1908. if (!empty($incontext['ftp_errors']))
  1909. echo '
  1910. <div class="error_message">
  1911. <div style="color: red;">
  1912. ', $txt['error_ftp_no_connect'], '<br />
  1913. <br />
  1914. <code>', implode('<br />', $incontext['ftp_errors']), '</code>
  1915. </div>
  1916. </div>
  1917. <br />';
  1918. echo '
  1919. <form action="', $incontext['form_url'], '" method="post">
  1920. <table width="520" cellspacing="0" cellpadding="0" border="0" align="center" style="margin: 1em 0;">
  1921. <tr>
  1922. <td width="26%" valign="top" class="textbox"><label for="ftp_server">', $txt['ftp_server'], ':</label></td>
  1923. <td>
  1924. <div style="float: ', empty($txt['lang_rtl']) ? 'right' : 'left', '; margin-', empty($txt['lang_rtl']) ? 'right' : 'left', ': 1px;"><label for="ftp_port" class="textbox"><strong>', $txt['ftp_port'], ':&nbsp;</strong></label> <input type="text" size="3" name="ftp_port" id="ftp_port" value="', $incontext['ftp']['port'], '" class="input_text" /></div>
  1925. <input type="text" size="30" name="ftp_server" id="ftp_server" value="', $incontext['ftp']['server'], '" style="width: 70%;" class="input_text" />
  1926. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['ftp_server_info'], '</div>
  1927. </td>
  1928. </tr><tr>
  1929. <td width="26%" valign="top" class="textbox"><label for="ftp_username">', $txt['ftp_username'], ':</label></td>
  1930. <td>
  1931. <input type="text" size="50" name="ftp_username" id="ftp_username" value="', $incontext['ftp']['username'], '" style="width: 99%;" class="input_text" />
  1932. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['ftp_username_info'], '</div>
  1933. </td>
  1934. </tr><tr>
  1935. <td width="26%" valign="top" class="textbox"><label for="ftp_password">', $txt['ftp_password'], ':</label></td>
  1936. <td>
  1937. <input type="password" size="50" name="ftp_password" id="ftp_password" style="width: 99%;" class="input_password" />
  1938. <div style="font-size: smaller; margin-bottom: 3ex;">', $txt['ftp_password_info'], '</div>
  1939. </td>
  1940. </tr><tr>
  1941. <td width="26%" valign="top" class="textbox"><label for="ftp_path">', $txt['ftp_path'], ':</label></td>
  1942. <td style="padding-bottom: 1ex;">
  1943. <input type="text" size="50" name="ftp_path" id="ftp_path" value="', $incontext['ftp']['path'], '" style="width: 99%;" class="input_text" />
  1944. <div style="font-size: smaller; margin-bottom: 2ex;">', $incontext['ftp']['path_msg'], '</div>
  1945. </td>
  1946. </tr>
  1947. </table>
  1948. <div style="margin: 1ex; margin-top: 1ex; text-align: ', empty($txt['lang_rtl']) ? 'right' : 'left', ';"><input type="submit" value="', $txt['ftp_connect'], '" onclick="return submitThisOnce(this);" class="button_submit" /></div>
  1949. </form>
  1950. <a href="', $incontext['form_url'], '">', $txt['error_message_click'], '</a> ', $txt['ftp_setup_again'];
  1951. }
  1952. // Get the database settings prepared.
  1953. function template_database_settings()
  1954. {
  1955. global $incontext, $installurl, $txt;
  1956. echo '
  1957. <form action="', $incontext['form_url'], '" method="post">
  1958. <p>', $txt['db_settings_info'], '</p>';
  1959. template_warning_divs();
  1960. echo '
  1961. <table width="100%" cellpadding="0" cellspacing="0" border="0" style="margin: 1em 0;">';
  1962. // More than one database type?
  1963. if (count($incontext['supported_databases']) > 1)
  1964. {
  1965. echo '
  1966. <tr>
  1967. <td width="20%" valign="top" class="textbox"><label for="db_type_input">', $txt['db_settings_type'], ':</label></td>
  1968. <td>
  1969. <select name="db_type" id="db_type_input" onchange="toggleDBInput();">';
  1970. foreach ($incontext['supported_databases'] as $key => $db)
  1971. echo '
  1972. <option value="', $key, '"', isset($_POST['db_type']) && $_POST['db_type'] == $key ? ' selected="selected"' : '', '>', $db['name'], '</option>';
  1973. echo '
  1974. </select><div id="db_sqlite_warning" style="color: blue; display: none;" class="smalltext">', $txt['db_sqlite_warning'], '</div>
  1975. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['db_settings_type_info'], '</div>
  1976. </td>
  1977. </tr>';
  1978. }
  1979. else
  1980. {
  1981. echo '
  1982. <tr style="display: none;">
  1983. <td>
  1984. <input type="hidden" name="db_type" value="', $incontext['db']['type'], '" />
  1985. </td>
  1986. </tr>';
  1987. }
  1988. echo '
  1989. <tr id="db_server_contain">
  1990. <td width="20%" valign="top" class="textbox"><label for="db_server_input">', $txt['db_settings_server'], ':</label></td>
  1991. <td>
  1992. <input type="text" name="db_server" id="db_server_input" value="', $incontext['db']['server'], '" size="30" class="input_text" /><br />
  1993. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['db_settings_server_info'], '</div>
  1994. </td>
  1995. </tr><tr id="db_user_contain">
  1996. <td valign="top" class="textbox"><label for="db_user_input">', $txt['db_settings_username'], ':</label></td>
  1997. <td>
  1998. <input type="text" name="db_user" id="db_user_input" value="', $incontext['db']['user'], '" size="30" class="input_text" /><br />
  1999. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['db_settings_username_info'], '</div>
  2000. </td>
  2001. </tr><tr id="db_passwd_contain">
  2002. <td valign="top" class="textbox"><label for="db_passwd_input">', $txt['db_settings_password'], ':</label></td>
  2003. <td>
  2004. <input type="password" name="db_passwd" id="db_passwd_input" value="', $incontext['db']['pass'], '" size="30" class="input_password" /><br />
  2005. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['db_settings_password_info'], '</div>
  2006. </td>
  2007. </tr><tr id="db_name_contain">
  2008. <td valign="top" class="textbox"><label for="db_name_input">', $txt['db_settings_database'], ':</label></td>
  2009. <td>
  2010. <input type="text" name="db_name" id="db_name_input" value="', empty($incontext['db']['name']) ? 'smf' : $incontext['db']['name'], '" size="30" class="input_text" /><br />
  2011. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['db_settings_database_info'], '
  2012. <span id="db_name_info_warning">', $txt['db_settings_database_info_note'], '</span></div>
  2013. </td>
  2014. </tr><tr id="db_filename_contain" style="display: none;">
  2015. <td valign="top" class="textbox"><label for="db_filename_input">', $txt['db_settings_database_file'], ':</label></td>
  2016. <td>
  2017. <input type="text" name="db_filename" id="db_filename_input" value="', empty($incontext['db']['name']) ? dirname(__FILE__) . '/smf_' . substr(md5(microtime()), 0, 10) : stripslashes($incontext['db']['name']), '" size="30" class="input_text" /><br />
  2018. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['db_settings_database_file_info'], '</div>
  2019. </td>
  2020. </tr><tr>
  2021. <td valign="top" class="textbox"><label for="db_prefix_input">', $txt['db_settings_prefix'], ':</label></td>
  2022. <td>
  2023. <input type="text" name="db_prefix" id="db_prefix_input" value="', $incontext['db']['prefix'], '" size="30" class="input_text" /><br />
  2024. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['db_settings_prefix_info'], '</div>
  2025. </td>
  2026. </tr>
  2027. </table>';
  2028. // Allow the toggling of input boxes for SQLite etc.
  2029. echo '
  2030. <script type="text/javascript"><!-- // --><![CDATA[
  2031. function toggleDBInput()
  2032. {
  2033. // What state is it?';
  2034. if (!isset($incontext['supported_databases']['sqlite']))
  2035. echo '
  2036. var showAll = true;';
  2037. elseif (count($incontext['supported_databases']) < 2)
  2038. echo '
  2039. var showAll = false;';
  2040. // If we have more than one DB including SQLite, what should we be doing?
  2041. else
  2042. echo '
  2043. var showAll = document.getElementById(\'db_type_input\').value == \'sqlite\' ? false : true;';
  2044. echo '
  2045. document.getElementById(\'db_passwd_contain\').style.display = showAll ? \'\' : \'none\';
  2046. document.getElementById(\'db_server_contain\').style.display = showAll ? \'\' : \'none\';
  2047. document.getElementById(\'db_user_contain\').style.display = showAll ? \'\' : \'none\';
  2048. document.getElementById(\'db_name_contain\').style.display = showAll ? \'\' : \'none\';
  2049. document.getElementById(\'db_filename_contain\').style.display = !showAll ? \'\' : \'none\';
  2050. document.getElementById(\'db_sqlite_warning\').style.display = !showAll ? \'\' : \'none\';
  2051. if (document.getElementById(\'db_type_input\').value == \'postgresql\')
  2052. document.getElementById(\'db_name_info_warning\').style.display = \'none\';
  2053. else
  2054. document.getElementById(\'db_name_info_warning\').style.display = \'\';
  2055. }
  2056. toggleDBInput();
  2057. // ]]></script>';
  2058. }
  2059. // Stick in their forum settings.
  2060. function template_forum_settings()
  2061. {
  2062. global $incontext, $installurl, $txt;
  2063. echo '
  2064. <form action="', $incontext['form_url'], '" method="post">
  2065. <h3>', $txt['install_settings_info'], '</h3>';
  2066. template_warning_divs();
  2067. echo '
  2068. <table style="width: 100%; margin: 1em 0;">
  2069. <tr>
  2070. <td class="textbox" style="width: 20%; vertical-align: top;">
  2071. <label for="mbname_input">', $txt['install_settings_name'], ':</label>
  2072. </td>
  2073. <td>
  2074. <input type="text" name="mbname" id="mbname_input" value="', $txt['install_settings_name_default'], '" size="65" class="input_text" />
  2075. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['install_settings_name_info'], '</div>
  2076. </td>
  2077. </tr>
  2078. <tr>
  2079. <td class="textbox" style="vertical-align: top;">
  2080. <label for="boardurl_input">', $txt['install_settings_url'], ':</label>
  2081. </td>
  2082. <td>
  2083. <input type="text" name="boardurl" id="boardurl_input" value="', $incontext['detected_url'], '" size="65" class="input_text" />
  2084. <br />
  2085. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['install_settings_url_info'], '</div>
  2086. </td>
  2087. </tr>
  2088. <tr>
  2089. <td class="textbox" style="vertical-align: top;">
  2090. <label for="reg_mode">', $txt['install_settings_reg_mode'], ':</label>
  2091. </td>
  2092. <td>
  2093. <select name="reg_mode" id="reg_mode">
  2094. <optgroup label="', $txt['install_settings_reg_modes'], ':">
  2095. <option value="0" selected="selected">', $txt['install_settings_reg_immediate'], '</option>
  2096. <option value="1">', $txt['install_settings_reg_email'], '</option>
  2097. <option value="2">', $txt['install_settings_reg_admin'], '</option>
  2098. <option value="3">', $txt['install_settings_reg_disabled'], '</option>
  2099. </optgroup>
  2100. </select>
  2101. <br />
  2102. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['install_settings_reg_mode_info'], '</div>
  2103. </td>
  2104. </tr>
  2105. <tr>
  2106. <td class="textbox" style="vertical-align: top;">', $txt['install_settings_compress'], ':</td>
  2107. <td>
  2108. <input type="checkbox" name="compress" id="compress_check" checked="checked" class="input_check" />&nbsp;
  2109. <label for="compress_check">', $txt['install_settings_compress_title'], '</label>
  2110. <br />
  2111. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['install_settings_compress_info'], '</div>
  2112. </td>
  2113. </tr>
  2114. <tr>
  2115. <td class="textbox" style="vertical-align: top;">', $txt['install_settings_dbsession'], ':</td>
  2116. <td>
  2117. <input type="checkbox" name="dbsession" id="dbsession_check" checked="checked" class="input_check" />&nbsp;
  2118. <label for="dbsession_check">', $txt['install_settings_dbsession_title'], '</label>
  2119. <br />
  2120. <div style="font-size: smaller; margin-bottom: 2ex;">', $incontext['test_dbsession'] ? $txt['install_settings_dbsession_info1'] : $txt['install_settings_dbsession_info2'], '</div>
  2121. </td>
  2122. </tr>
  2123. <tr>
  2124. <td class="textbox" style="vertical-align: top;">', $txt['install_settings_utf8'], ':</td>
  2125. <td>
  2126. <input type="checkbox" name="utf8" id="utf8_check"', $incontext['utf8_default'] ? ' checked="checked"' : '', ' class="input_check"', $incontext['utf8_required'] ? ' disabled="disabled"' : '', ' />&nbsp;
  2127. <label for="utf8_check">', $txt['install_settings_utf8_title'], '</label>
  2128. <br />
  2129. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['install_settings_utf8_info'], '</div>
  2130. </td>
  2131. </tr>
  2132. <tr>
  2133. <td class="textbox" style="vertical-align: top;">', $txt['install_settings_stats'], ':</td>
  2134. <td>
  2135. <input type="checkbox" name="stats" id="stats_check" class="input_check" />&nbsp;
  2136. <label for="stats_check">', $txt['install_settings_stats_title'], '</label>
  2137. <br />
  2138. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['install_settings_stats_info'], '</div>
  2139. </td>
  2140. </tr>
  2141. </table>
  2142. ';
  2143. }
  2144. // Show results of the database population.
  2145. function template_populate_database()
  2146. {
  2147. global $incontext, $installurl, $txt;
  2148. echo '
  2149. <form action="', $incontext['form_url'], '" method="post">
  2150. <p>', !empty($incontext['was_refresh']) ? $txt['user_refresh_install_desc'] : $txt['db_populate_info'], '</p>';
  2151. if (!empty($incontext['sql_results']))
  2152. {
  2153. echo '
  2154. <ul>
  2155. <li>', implode('</li><li>', $incontext['sql_results']), '</li>
  2156. </ul>';
  2157. }
  2158. if (!empty($incontext['failures']))
  2159. {
  2160. echo '
  2161. <div style="color: red;">', $txt['error_db_queries'], '</div>
  2162. <ul>';
  2163. foreach ($incontext['failures'] as $line => $fail)
  2164. echo '
  2165. <li><strong>', $txt['error_db_queries_line'], $line + 1, ':</strong> ', nl2br(htmlspecialchars($fail)), '</li>';
  2166. echo '
  2167. </ul>';
  2168. }
  2169. echo '
  2170. <p>', $txt['db_populate_info2'], '</p>';
  2171. template_warning_divs();
  2172. echo '
  2173. <input type="hidden" name="pop_done" value="1" />';
  2174. }
  2175. // Create the admin account.
  2176. function template_admin_account()
  2177. {
  2178. global $incontext, $installurl, $txt;
  2179. echo '
  2180. <form action="', $incontext['form_url'], '" method="post">
  2181. <p>', $txt['user_settings_info'], '</p>';
  2182. template_warning_divs();
  2183. echo '
  2184. <table width="100%" cellspacing="0" cellpadding="0" border="0" style="margin: 2em 0;">
  2185. <tr>
  2186. <td width="18%" valign="top" class="textbox"><label for="username">', $txt['user_settings_username'], ':</label></td>
  2187. <td>
  2188. <input type="text" name="username" id="username" value="', $incontext['username'], '" size="40" class="input_text" />
  2189. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['user_settings_username_info'], '</div>
  2190. </td>
  2191. </tr><tr>
  2192. <td valign="top" class="textbox"><label for="password1">', $txt['user_settings_password'], ':</label></td>
  2193. <td>
  2194. <input type="password" name="password1" id="password1" size="40" class="input_password" />
  2195. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['user_settings_password_info'], '</div>
  2196. </td>
  2197. </tr><tr>
  2198. <td valign="top" class="textbox"><label for="password2">', $txt['user_settings_again'], ':</label></td>
  2199. <td>
  2200. <input type="password" name="password2" id="password2" size="40" class="input_password" />
  2201. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['user_settings_again_info'], '</div>
  2202. </td>
  2203. </tr><tr>
  2204. <td valign="top" class="textbox"><label for="email">', $txt['user_settings_email'], ':</label></td>
  2205. <td>
  2206. <input type="text" name="email" id="email" value="', $incontext['email'], '" size="40" class="input_text" />
  2207. <div style="font-size: smaller; margin-bottom: 2ex;">', $txt['user_settings_email_info'], '</div>
  2208. </td>
  2209. </tr>
  2210. </table>';
  2211. if ($incontext['require_db_confirm'])
  2212. echo '
  2213. <h2>', $txt['user_settings_database'], '</h2>
  2214. <p>', $txt['user_settings_database_info'], '</p>
  2215. <div style="margin-bottom: 2ex; padding-', empty($txt['lang_rtl']) ? 'left' : 'right', ': 50px;">
  2216. <input type="password" name="password3" size="30" class="input_password" />
  2217. </div>';
  2218. }
  2219. // Tell them it's done, and to delete.
  2220. function template_delete_install()
  2221. {
  2222. global $incontext, $installurl, $txt, $boardurl;
  2223. echo '
  2224. <p>', $txt['congratulations_help'], '</p>';
  2225. template_warning_divs();
  2226. // Install directory still writable?
  2227. if ($incontext['dir_still_writable'])
  2228. echo '
  2229. <em>', $txt['still_writable'], '</em><br />
  2230. <br />';
  2231. // Don't show the box if it's like 99% sure it won't work :P.
  2232. if ($incontext['probably_delete_install'])
  2233. echo '
  2234. <div style="margin: 1ex; font-weight: bold;">
  2235. <label for="delete_self"><input type="checkbox" id="delete_self" onclick="doTheDelete();" class="input_check" /> ', $txt['delete_installer'], !isset($_SESSION['installer_temp_ftp']) ? ' ' . $txt['delete_installer_maybe'] : '', '</label>
  2236. </div>
  2237. <script type="text/javascript"><!-- // --><![CDATA[
  2238. function doTheDelete()
  2239. {
  2240. var theCheck = document.getElementById ? document.getElementById("delete_self") : document.all.delete_self;
  2241. var tempImage = new Image();
  2242. tempImage.src = "', $installurl, '?delete=1&ts_" + (new Date().getTime());
  2243. tempImage.width = 0;
  2244. theCheck.disabled = true;
  2245. }
  2246. // ]]></script>
  2247. <br />';
  2248. echo '
  2249. ', sprintf($txt['go_to_your_forum'], $boardurl . '/index.php'), '<br />
  2250. <br />
  2251. ', $txt['good_luck'];
  2252. }
  2253. ?>