. */ namespace Fisharebest\Webtrees; use Fisharebest\Webtrees\Functions\FunctionsEdit; use PDOException; error_reporting(E_ALL); define('WT_SCRIPT_NAME', 'setup.php'); define('WT_CONFIG_FILE', 'config.ini.php'); require 'vendor/autoload.php'; // This script (uniquely) does not load session.php. // session.php won’t run until a configuration file exists… // This next block of code is a minimal version of session.php define('WT_WEBTREES', 'webtrees'); define('WT_BASE_URL', ''); define('WT_DATA_DIR', 'data/'); define('WT_DEBUG_SQL', false); define('WT_REQUIRED_MYSQL_VERSION', '5.0.13'); define('WT_REQUIRED_PHP_VERSION', '5.3.2'); define('WT_MODULES_DIR', 'modules_v3/'); define('WT_ROOT', ''); define('WT_CLIENT_IP', $_SERVER['REMOTE_ADDR']); // Convert PHP errors into exceptions set_error_handler(function ($errno, $errstr, $errfile, $errline) { if (error_reporting() & $errno) { throw new \ErrorException($errstr, 0, $errno, $errfile, $errline); } else { return false; } }); if (file_exists(WT_DATA_DIR . WT_CONFIG_FILE)) { header('Location: index.php'); return; } if (version_compare(PHP_VERSION, WT_REQUIRED_PHP_VERSION) < 0) { echo '

Sorry, the setup wizard cannot start.

', '

This server is running PHP version ', PHP_VERSION, '

', '

PHP ', WT_REQUIRED_PHP_VERSION, ' (or any later version) is required

'; return; } define('WT_LOCALE', I18N::init(Filter::post('lang', '[a-zA-Z-]+', Filter::get('lang', '[a-zA-Z-]+')))); header('Content-Type: text/html; charset=UTF-8'); ?> > webtrees setup wizard

'; echo ''; //////////////////////////////////////////////////////////////////////////////// // Step one - choose language and confirm server configuration //////////////////////////////////////////////////////////////////////////////// if (!isset($_POST['lang'])) { $installed_languages = array(); foreach (I18N::installedLocales() as $installed_locale) { $installed_languages[$installed_locale->languageTag()] = $installed_locale->endonym(); } echo '

', I18N::translate('Language'), ' ', FunctionsEdit::selectEditControl('change_lang', $installed_languages, null, WT_LOCALE, 'onchange="window.location=\'' . WT_SCRIPT_NAME . '?lang=\'+this.value;">'), '

', '

', I18N::translate('Checking server configuration'), '

'; $warnings = false; $errors = false; // Mandatory functions $disable_functions = preg_split('/ *, */', ini_get('disable_functions')); foreach (array('parse_ini_file') as $function) { if (in_array($function, $disable_functions)) { echo '

', /* I18N: %s is a PHP function/module/setting */ I18N::translate('%s is disabled on this server. You cannot install webtrees until it is enabled. Please ask your server’s administrator to enable it.', $function . '()'), '

'; $errors = true; } } // Mandatory extensions foreach (array('pcre', 'pdo', 'pdo_mysql', 'session', 'iconv') as $extension) { if (!extension_loaded($extension)) { echo '

', I18N::translate('PHP extension “%s” is disabled. You cannot install webtrees until this is enabled. Please ask your server’s administrator to enable it.', $extension), '

'; $errors = true; } } // Recommended extensions foreach (array( 'gd' => /* I18N: a program feature */ I18N::translate('creating thumbnails of images'), 'xml' => /* I18N: a program feature */ I18N::translate('reporting'), 'simplexml' => /* I18N: a program feature */ I18N::translate('reporting'), ) as $extension => $features) { if (!extension_loaded($extension)) { echo '

', I18N::translate('PHP extension “%1$s” is disabled. Without it, the following features will not work: %2$s. Please ask your server’s administrator to enable it.', $extension, $features), '

'; $warnings = true; } } // Settings foreach (array( 'file_uploads' => /* I18N: a program feature */ I18N::translate('file upload capability'), ) as $setting => $features) { if (!ini_get($setting)) { echo '

', I18N::translate('PHP setting “%1$s” is disabled. Without it, the following features will not work: %2$s. Please ask your server’s administrator to enable it.', $setting, $features), '

'; $warnings = true; } } if (!$warnings && !$errors) { echo '

', I18N::translate('The server configuration is OK.'), '

'; } echo '

', I18N::translate('Checking server capacity'), '

'; // Previously, we tried to determine the maximum value that we could set for these values. // However, this is unreliable, especially on servers with custom restrictions. // Now, we just show the default values. These can (hopefully!) be changed using the // site settings page. $memory_limit = ini_get('memory_limit'); if (substr_compare($memory_limit, 'M', -1) === 0) { $memory_limit = substr($memory_limit, 0, -1); } elseif (substr_compare($memory_limit, 'K', -1) === 0) { $memory_limit = substr($memory_limit, 0, -1) / 1024; } elseif (substr_compare($memory_limit, 'G', -1) === 0) { $memory_limit = substr($memory_limit, 0, -1) * 1024; } $max_execution_time = ini_get('max_execution_time'); echo '

', I18N::translate('The memory and CPU time requirements depend on the number of individuals in your family tree.'), '
', I18N::translate('The following list shows typical requirements.'), '

', I18N::translate('Small systems (500 individuals): 16–32 MB, 10–20 seconds'), '
', I18N::translate('Medium systems (5,000 individuals): 32–64 MB, 20–40 seconds'), '
', I18N::translate('Large systems (50,000 individuals): 64–128 MB, 40–80 seconds'), '

', ($memory_limit < 32 || $max_execution_time > 0 && $max_execution_time < 20) ? '

' : '

', I18N::translate('This server’s memory limit is %s MB and its CPU time limit is %s seconds.', I18N::number($memory_limit), I18N::number($max_execution_time)), '

', I18N::translate('If you try to exceed these limits, you may experience server time-outs and blank pages.'), '

', I18N::translate('If your server’s security policy permits it, you will be able to request increased memory or CPU time using the webtrees administration page. Otherwise, you will need to contact your server’s administrator.'), '

'; if (!$errors) { echo '
'; } echo ''; return; } //////////////////////////////////////////////////////////////////////////////// // Step two - The data folder needs to be writable //////////////////////////////////////////////////////////////////////////////// $text1 = uniqid(); $text2 = ''; try { file_put_contents(WT_DATA_DIR . 'test.txt', $text1); $text2 = file_get_contents(WT_DATA_DIR . 'test.txt'); unlink(WT_DATA_DIR . 'test.txt'); } catch (\ErrorException $ex) { } if ($text1 !== $text2) { echo '

', realpath(WT_DATA_DIR), '

'; echo '

', I18N::translate('Oops! webtrees was unable to create files in this folder.'), '

'; echo '

', I18N::translate('This usually means that you need to change the folder permissions to 777.'), '

'; echo '

', I18N::translate('You must change this before you can continue.'), '

'; echo '
'; echo ''; return; } //////////////////////////////////////////////////////////////////////////////// // Step three - Database connection. //////////////////////////////////////////////////////////////////////////////// if (!isset($_POST['dbhost'])) { $_POST['dbhost'] = 'localhost'; } if (!isset($_POST['dbport'])) { $_POST['dbport'] = '3306'; } if (!isset($_POST['dbuser'])) { $_POST['dbuser'] = ''; } if (!isset($_POST['dbpass'])) { $_POST['dbpass'] = ''; } if (!isset($_POST['dbname'])) { $_POST['dbname'] = ''; } if (!isset($_POST['tblpfx'])) { $_POST['tblpfx'] = 'wt_'; } define('WT_TBLPREFIX', $_POST['tblpfx']); $db_version_ok = false; try { Database::createInstance( $_POST['dbhost'], $_POST['dbport'], '', // No DBNAME - we will connect to it explicitly $_POST['dbuser'], $_POST['dbpass'] ); Database::exec("SET NAMES 'utf8'"); $row = Database::prepare("SHOW VARIABLES LIKE 'VERSION'")->fetchOneRow(); if (version_compare($row->value, WT_REQUIRED_MYSQL_VERSION, '<')) { echo '

', I18N::translate('This database is only running MySQL version %s. You cannot install webtrees here.', $row->value), '

'; } else { $db_version_ok = true; } } catch (PDOException $ex) { Database::disconnect(); if ($_POST['dbuser']) { // If we’ve supplied a login, then show the error echo '

', I18N::translate('Unable to connect using this username and password. Your server gave the following error.'), '

', '
', $ex->getMessage(), '
', '

', I18N::translate('Check the settings and try again.'), '

'; } } if (empty($_POST['dbuser']) || !Database::isConnected() || !$db_version_ok) { echo '

', I18N::translate('Connection to database server'), '

', '

', I18N::translate('webtrees needs a MySQL database, version %s or later.', WT_REQUIRED_MYSQL_VERSION), '

', '

', I18N::translate('Your server’s administrator will provide you with the connection details.'), '

', '
', I18N::translate('Database connection'), '', '
', I18N::translate('Server name'), '', '', I18N::translate('Most sites are configured to use localhost. This means that your database runs on the same computer as your web server.'), '
', I18N::translate('Port number'), '', '', I18N::translate('Most sites are configured to use the default value of 3306.'), '
', I18N::translate('Database user account'), '', '', I18N::translate('This is case sensitive.'), '
', I18N::translate('Database password'), '', '', I18N::translate('This is case sensitive.'), '
', '
', '
', '
', '', ''; return; } else { // Copy these values through to the next step echo ''; echo ''; echo ''; echo ''; } //////////////////////////////////////////////////////////////////////////////// // Step four - Database connection. //////////////////////////////////////////////////////////////////////////////// // The character ` is not valid in database or table names (even if escaped). // By removing it, we can ensure that our SQL statements are quoted correctly. // // Other characters may be invalid (objects must be valid filenames on the // MySQL server’s filesystem), so block the usual ones. $DBNAME = str_replace(array('`', '"', '\'', ':', '/', '\\', '\r', '\n', '\t', '\0'), '', $_POST['dbname']); $TBLPREFIX = str_replace(array('`', '"', '\'', ':', '/', '\\', '\r', '\n', '\t', '\0'), '', $_POST['tblpfx']); // If we have specified a database, and we have not used invalid characters, // try to connect to it. $dbname_ok = false; if ($DBNAME && $DBNAME == $_POST['dbname'] && $TBLPREFIX == $_POST['tblpfx']) { try { // Try to create the database, if it does not exist. Database::exec("CREATE DATABASE IF NOT EXISTS `{$DBNAME}` COLLATE utf8_unicode_ci"); } catch (PDOException $ex) { // If we have no permission to do this, there’s nothing helpful we can say. // We’ll get a more helpful error message from the next test. } try { Database::exec("USE `{$DBNAME}`"); $dbname_ok = true; } catch (PDOException $ex) { echo '

', I18N::translate('Unable to connect using this username and password. Your server gave the following error.'), '

', '
', $ex->getMessage(), '
', '

', I18N::translate('Check the settings and try again.'), '

'; } } // If the database exists, check whether it is already used by another application. if ($dbname_ok) { try { // PhpGedView (4.2.3 and earlier) and many other applications have a USERS table. // webtrees has a USER table Database::prepare("SELECT COUNT(*) FROM `##users`")->fetchOne(); echo '

', I18N::translate('This database and table-prefix appear to be used by another application. If you have an existing PhpGedView system, you should create a new webtrees system. You can import your PhpGedView data and settings later.'), '

'; $dbname_ok = false; } catch (PDOException $ex) { // Table not found? Good! } } if ($dbname_ok) { try { // PhpGedView (4.2.4 and later) has a site_setting.site_setting_name column. // [We changed the column name in webtrees, so we can tell the difference!] Database::prepare("SELECT site_setting_value FROM `##site_setting` WHERE site_setting_name='PGV_SCHEMA_VERSION'")->fetchOne(); echo '

', I18N::translate('This database and table-prefix appear to be used by another application. If you have an existing PhpGedView system, you should create a new webtrees system. You can import your PhpGedView data and settings later.'), '

'; $dbname_ok = false; } catch (PDOException $ex) { // Table/column not found? Good! } } if (!$dbname_ok) { echo '

', I18N::translate('Database and table names'), '

', '

', I18N::translate('A database server can store many separate databases. You need to select an existing database (created by your server’s administrator) or create a new one (if your database user account has sufficient privileges).'), '

', '
', I18N::translate('Database name'), '', '
', I18N::translate('Database name'), '', '', I18N::translate('This is case sensitive. If a database with this name does not already exist webtrees will attempt to create one for you. Success will depend on permissions set for your web server, but you will be notified if this fails.'), '
', I18N::translate('Table prefix'), '', '', I18N::translate('The prefix is optional, but recommended. By giving the table names a unique prefix you can let several different applications share the same database. “wt_” is suggested, but can be anything you want.'), '
', '
', '
', '', ''; return; } else { // Copy these values through to the next step echo ''; echo ''; } //////////////////////////////////////////////////////////////////////////////// // Step five - site setup data //////////////////////////////////////////////////////////////////////////////// if (!isset($_POST['wtname'])) { $_POST['wtname'] = ''; } if (!isset($_POST['wtuser'])) { $_POST['wtuser'] = ''; } if (!isset($_POST['wtpass'])) { $_POST['wtpass'] = ''; } if (!isset($_POST['wtpass2'])) { $_POST['wtpass2'] = ''; } if (!isset($_POST['wtemail'])) { $_POST['wtemail'] = ''; } if (empty($_POST['wtname']) || empty($_POST['wtuser']) || strlen($_POST['wtpass']) < 6 || strlen($_POST['wtpass2']) < 6 || empty($_POST['wtemail']) || $_POST['wtpass'] != $_POST['wtpass2']) { if (strlen($_POST['wtpass']) > 0 && strlen($_POST['wtpass']) < 6) { echo '

', I18N::translate('The password needs to be at least six characters long.'), '

'; } elseif ($_POST['wtpass'] != $_POST['wtpass2']) { echo '

', I18N::translate('The passwords do not match.'), '

'; } elseif ((empty($_POST['wtname']) || empty($_POST['wtuser']) || empty($_POST['wtpass']) || empty($_POST['wtemail'])) && $_POST['wtname'] . $_POST['wtuser'] . $_POST['wtpass'] . $_POST['wtemail'] != '') { echo '

', I18N::translate('You must enter all the administrator account fields.'), '

'; } echo '

', I18N::translate('Administrator account'), '

', '

', I18N::translate('You need to set up an administrator account. This account can control all aspects of this webtrees installation. Please choose a strong password.'), '

', '
', I18N::translate('Administrator account'), '', '
', I18N::translate('Your name'), '', '', I18N::translate('This is your real name, as you would like it displayed on screen.'), '
', I18N::translate('Username'), '', '', I18N::translate('You will use this to sign in to webtrees.'), '
', I18N::translate('Password'), '', '', I18N::translate('This must be at least six characters long. It is case-sensitive.'), '
', '', I18N::translate('Type your password again, to make sure you have typed it correctly.'), '
', I18N::translate('Email address'), '', '', I18N::translate('This email address will be used to send password reminders, website notifications, and messages from other family members who are registered on the website.'), '
', '
', '
', '
', '', ''; return; } else { // Copy these values through to the next step echo ''; echo ''; echo ''; echo ''; echo ''; } //////////////////////////////////////////////////////////////////////////////// // Step six We have a database connection and a writable folder. Do it! //////////////////////////////////////////////////////////////////////////////// try { // Create/update the database tables. Database::updateSchema('\Fisharebest\Webtrees\Schema', 'WT_SCHEMA_VERSION', 30); // If we are re-installing, then this user may already exist. $admin = User::findByIdentifier($_POST['wtemail']); if ($admin === null) { $admin = User::findByIdentifier($_POST['wtuser']); } // Create the user if ($admin === null) { $admin = User::create($_POST['wtuser'], $_POST['wtname'], $_POST['wtemail'], $_POST['wtpass']) ->setPreference('language', WT_LOCALE) ->setPreference('visibleonline', '1'); } else { $admin->setPassword($_POST['wtpass']); } // Make the user an administrator $admin ->setPreference('canadmin', '1') ->setPreference('verified', '1') ->setPreference('verified_by_admin', '1'); // Write the config file. We already checked that this would work. $config_ini_php = '; <' . '?php exit; ?' . '> DO NOT DELETE THIS LINE' . PHP_EOL . 'dbhost="' . addcslashes($_POST['dbhost'], '"') . '"' . PHP_EOL . 'dbport="' . addcslashes($_POST['dbport'], '"') . '"' . PHP_EOL . 'dbuser="' . addcslashes($_POST['dbuser'], '"') . '"' . PHP_EOL . 'dbpass="' . addcslashes($_POST['dbpass'], '"') . '"' . PHP_EOL . 'dbname="' . addcslashes($_POST['dbname'], '"') . '"' . PHP_EOL . 'tblpfx="' . addcslashes($_POST['tblpfx'], '"') . '"' . PHP_EOL; file_put_contents(WT_DATA_DIR . 'config.ini.php', $config_ini_php); // Done - start using webtrees! echo ''; echo ''; } catch (PDOException $ex) { echo '

', I18N::translate('An unexpected database error occurred.'), '

', '
', $ex->getMessage(), '
', '

', I18N::translate('The webtrees developers would be very interested to learn about this error. If you contact them, they will help you resolve the problem.'), '

'; }