default_user; Minz_Configuration::register('user', join_path(USERS_PATH, $current_user, 'config.php'), join_path(USERS_PATH, '_', 'config.default.php')); $user_conf = Minz_Configuration::get('user'); // Then, we set $_SESSION vars $_SESSION['title'] = $system_conf->title; $_SESSION['auth_type'] = $system_conf->auth_type; $_SESSION['old_entries'] = $user_conf->old_entries; $_SESSION['mail_login'] = $user_conf->mail_login; $_SESSION['default_user'] = $current_user; $_SESSION['passwordHash'] = $user_conf->passwordHash; $db = $system_conf->db; $_SESSION['bd_type'] = $db['type']; $_SESSION['bd_host'] = $db['host']; $_SESSION['bd_user'] = $db['user']; $_SESSION['bd_password'] = $db['password']; $_SESSION['bd_base'] = $db['base']; $_SESSION['bd_prefix'] = $db['prefix']; $_SESSION['bd_error'] = ''; header('Location: index.php?step=4'); } } function saveStep2() { $user_default_config = Minz_Configuration::get('default_user'); if (!empty($_POST)) { $system_default_config = Minz_Configuration::get('default_system'); $_SESSION['title'] = $system_default_config->title; $_SESSION['old_entries'] = param('old_entries', $user_default_config->old_entries); $_SESSION['auth_type'] = param('auth_type', 'form'); $_SESSION['default_user'] = substr(preg_replace('/[^a-zA-Z0-9]/', '', param('default_user', '')), 0, 16); $_SESSION['mail_login'] = filter_var(param('mail_login', ''), FILTER_VALIDATE_EMAIL); $password_plain = param('passwordPlain', false); if ($password_plain !== false && cryptAvailable()) { if (!function_exists('password_hash')) { include_once(LIB_PATH . '/password_compat.php'); } $passwordHash = password_hash($password_plain, PASSWORD_BCRYPT, array('cost' => BCRYPT_COST)); $passwordHash = preg_replace('/^\$2[xy]\$/', '\$2a\$', $passwordHash); //Compatibility with bcrypt.js $_SESSION['passwordHash'] = $passwordHash; } if (empty($_SESSION['old_entries']) || empty($_SESSION['auth_type']) || empty($_SESSION['default_user'])) { return false; } if (($_SESSION['auth_type'] === 'form' && empty($_SESSION['passwordHash'])) || ($_SESSION['auth_type'] === 'persona' && empty($_SESSION['mail_login']))) { return false; } $_SESSION['salt'] = sha1(uniqid(mt_rand(), true).implode('', stat(__FILE__))); if ((!ctype_digit($_SESSION['old_entries'])) ||($_SESSION['old_entries'] < 1)) { $_SESSION['old_entries'] = $user_default_config->old_entries; } $token = ''; if ($_SESSION['mail_login']) { $token = sha1($_SESSION['salt'] . $_SESSION['mail_login']); } $config_array = array( 'language' => $_SESSION['language'], 'theme' => $user_default_config->theme, 'old_entries' => $_SESSION['old_entries'], 'mail_login' => $_SESSION['mail_login'], 'passwordHash' => $_SESSION['passwordHash'], 'token' => $token, ); // Create default user files but first, we delete previous data to // avoid access right problems. $user_dir = join_path(USERS_PATH, $_SESSION['default_user']); $user_config_path = join_path($user_dir, 'config.php'); recursive_unlink($user_dir); mkdir($user_dir); file_put_contents($user_config_path, " $_SESSION['salt'], 'base_url' => $base_url, 'title' => $_SESSION['title'], 'default_user' => $_SESSION['default_user'], 'auth_type' => $_SESSION['auth_type'], 'db' => array( 'type' => $_SESSION['bd_type'], 'host' => $_SESSION['bd_host'], 'user' => $_SESSION['bd_user'], 'password' => $_SESSION['bd_password'], 'base' => $_SESSION['bd_base'], 'prefix' => $_SESSION['bd_prefix'], 'pdo_options' => array(), ), 'pubsubhubbub_enabled' => server_is_public($base_url), ); @unlink(join_path(DATA_PATH, 'config.php')); //To avoid access-rights problems file_put_contents(join_path(DATA_PATH, 'config.php'), " 'SET NAMES utf8', ); break; case 'sqlite': $str = 'sqlite:' . join_path(USERS_PATH, $_SESSION['default_user'], 'db.sqlite'); $driver_options = array( PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, ); break; default: return false; } return new PDO($str, $_SESSION['bd_user'], $_SESSION['bd_password'], $driver_options); } function deleteInstall() { $res = unlink(join_path(DATA_PATH, 'do-install.txt')); if (!$res) { return false; } header('Location: index.php'); } /*** VÉRIFICATIONS ***/ function checkStep() { $s0 = checkStep0(); $s1 = checkStep1(); $s2 = checkStep2(); $s3 = checkStep3(); if (STEP > 0 && $s0['all'] != 'ok') { header('Location: index.php?step=0'); } elseif (STEP > 1 && $s1['all'] != 'ok') { header('Location: index.php?step=1'); } elseif (STEP > 2 && $s2['all'] != 'ok') { header('Location: index.php?step=2'); } elseif (STEP > 3 && $s3['all'] != 'ok') { header('Location: index.php?step=3'); } $_SESSION['actualize_feeds'] = true; } function checkStep0() { $languages = Minz_Translate::availableLanguages(); $language = isset($_SESSION['language']) && in_array($_SESSION['language'], $languages); return array( 'language' => $language ? 'ok' : 'ko', 'all' => $language ? 'ok' : 'ko' ); } function checkStep1() { $php = version_compare(PHP_VERSION, '5.3.0') >= 0; $minz = file_exists(join_path(LIB_PATH, 'Minz')); $curl = extension_loaded('curl'); $pdo_mysql = extension_loaded('pdo_mysql'); $pdo_sqlite = extension_loaded('pdo_sqlite'); $pdo = $pdo_mysql || $pdo_sqlite; $pcre = extension_loaded('pcre'); $ctype = extension_loaded('ctype'); $dom = class_exists('DOMDocument'); $xml = function_exists('xml_parser_create'); $json = function_exists('json_encode'); $data = DATA_PATH && is_writable(DATA_PATH); $cache = CACHE_PATH && is_writable(CACHE_PATH); $users = USERS_PATH && is_writable(USERS_PATH); $favicons = is_writable(join_path(DATA_PATH, 'favicons')); $persona = is_writable(join_path(DATA_PATH, 'persona')); $http_referer = is_referer_from_same_domain(); return array( 'php' => $php ? 'ok' : 'ko', 'minz' => $minz ? 'ok' : 'ko', 'curl' => $curl ? 'ok' : 'ko', 'pdo-mysql' => $pdo_mysql ? 'ok' : 'ko', 'pdo-sqlite' => $pdo_sqlite ? 'ok' : 'ko', 'pdo' => $pdo ? 'ok' : 'ko', 'pcre' => $pcre ? 'ok' : 'ko', 'ctype' => $ctype ? 'ok' : 'ko', 'dom' => $dom ? 'ok' : 'ko', 'xml' => $xml ? 'ok' : 'ko', 'json' => $json ? 'ok' : 'ko', 'data' => $data ? 'ok' : 'ko', 'cache' => $cache ? 'ok' : 'ko', 'users' => $users ? 'ok' : 'ko', 'favicons' => $favicons ? 'ok' : 'ko', 'persona' => $persona ? 'ok' : 'ko', 'http_referer' => $http_referer ? 'ok' : 'ko', 'all' => $php && $minz && $curl && $pdo && $pcre && $ctype && $dom && $xml && $data && $cache && $users && $favicons && $persona && $http_referer ? 'ok' : 'ko' ); } function freshrss_already_installed() { $conf_path = join_path(DATA_PATH, 'config.php'); if (!file_exists($conf_path)) { return false; } // A configuration file already exists, we try to load it. $system_conf = null; try { Minz_Configuration::register('system', $conf_path); $system_conf = Minz_Configuration::get('system'); } catch (Minz_FileNotExistException $e) { return false; } // ok, the global conf exists... but what about default user conf? $current_user = $system_conf->default_user; try { Minz_Configuration::register('user', join_path(USERS_PATH, $current_user, 'config.php')); } catch (Minz_FileNotExistException $e) { return false; } // ok, ok, default user exists too! return true; } function checkStep2() { $conf = !empty($_SESSION['old_entries']) && isset($_SESSION['mail_login']) && !empty($_SESSION['default_user']); $form = ( isset($_SESSION['auth_type']) && ($_SESSION['auth_type'] != 'form' || !empty($_SESSION['passwordHash'])) ); $persona = ( isset($_SESSION['auth_type']) && ($_SESSION['auth_type'] != 'persona' || !empty($_SESSION['mail_login'])) ); $defaultUser = empty($_POST['default_user']) ? null : $_POST['default_user']; if ($defaultUser === null) { $defaultUser = empty($_SESSION['default_user']) ? '' : $_SESSION['default_user']; } $data = is_writable(join_path(USERS_PATH, $defaultUser, 'config.php')); return array( 'conf' => $conf ? 'ok' : 'ko', 'form' => $form ? 'ok' : 'ko', 'persona' => $persona ? 'ok' : 'ko', 'data' => $data ? 'ok' : 'ko', 'all' => $conf && $form && $persona && $data ? 'ok' : 'ko' ); } function checkStep3() { $conf = is_writable(join_path(DATA_PATH, 'config.php')); $bd = isset($_SESSION['bd_type']) && isset($_SESSION['bd_host']) && isset($_SESSION['bd_user']) && isset($_SESSION['bd_password']) && isset($_SESSION['bd_base']) && isset($_SESSION['bd_prefix']) && isset($_SESSION['bd_error']); $conn = empty($_SESSION['bd_error']); return array( 'bd' => $bd ? 'ok' : 'ko', 'conn' => $conn ? 'ok' : 'ko', 'conf' => $conf ? 'ok' : 'ko', 'all' => $bd && $conn && $conf ? 'ok' : 'ko' ); } function checkBD() { $ok = false; try { $str = ''; $driver_options = null; switch ($_SESSION['bd_type']) { case 'mysql': $driver_options = array( PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8' ); try { // on ouvre une connexion juste pour créer la base si elle n'existe pas $str = 'mysql:host=' . $_SESSION['bd_host'] . ';'; $c = new PDO($str, $_SESSION['bd_user'], $_SESSION['bd_password'], $driver_options); $sql = sprintf(SQL_CREATE_DB, $_SESSION['bd_base']); $res = $c->query($sql); } catch (PDOException $e) { } // on écrase la précédente connexion en sélectionnant la nouvelle BDD $str = 'mysql:host=' . $_SESSION['bd_host'] . ';dbname=' . $_SESSION['bd_base']; break; case 'sqlite': $str = 'sqlite:' . join_path(USERS_PATH, $_SESSION['default_user'], 'db.sqlite'); $driver_options = array( PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, ); break; default: return false; } $c = new PDO($str, $_SESSION['bd_user'], $_SESSION['bd_password'], $driver_options); if (defined('SQL_CREATE_TABLES')) { $sql = sprintf(SQL_CREATE_TABLES, $_SESSION['bd_prefix_user'], _t('gen.short.default_category')); $stm = $c->prepare($sql); $ok = $stm->execute(); } else { global $SQL_CREATE_TABLES; if (is_array($SQL_CREATE_TABLES)) { $ok = true; foreach ($SQL_CREATE_TABLES as $instruction) { $sql = sprintf($instruction, $_SESSION['bd_prefix_user'], _t('gen.short.default_category')); $stm = $c->prepare($sql); $ok &= $stm->execute(); } } } } catch (PDOException $e) { $ok = false; $_SESSION['bd_error'] = $e->getMessage(); } if (!$ok) { @unlink(join_path(DATA_PATH, 'config.php')); } return $ok; } /*** AFFICHAGE ***/ function printStep0() { $actual = Minz_Translate::language(); $languages = Minz_Translate::availableLanguages(); ?>