This commit is contained in:
redmatrix 2015-05-24 15:59:03 -07:00
commit d9061fd09e
6 changed files with 324 additions and 276 deletions

View File

@ -170,17 +170,12 @@ function comanche_block($s, $class = '') {
if($r) { if($r) {
$o .= (($var['wrap'] == 'none') ? '' : '<div class="' . $class . '">'); $o .= (($var['wrap'] == 'none') ? '' : '<div class="' . $class . '">');
if($r[0]['title'] && trim($r[0]['title']) != '$content') { if($r[0]['title'] && trim($r[0]['body']) != '$content') {
$o .= '<h3>' . $r[0]['title'] . '</h3>'; $o .= '<h3>' . $r[0]['title'] . '</h3>';
} }
if($r[0]['title'] && trim($r[0]['title']) === '$content' && get_app()->data['webpage'][0]['title']) {
$o .= '<h3>' . get_app()->page['title'] . '</h3>';
}
if(trim($r[0]['body']) === '$content') { if(trim($r[0]['body']) === '$content') {
$o .= prepare_text(get_app()->page['content'], get_app()->data['webpage'][0]['mimetype']); $o .= get_app()->page['content'];
} }
else { else {
$o .= prepare_text($r[0]['body'], $r[0]['mimetype']); $o .= prepare_text($r[0]['body'], $r[0]['mimetype']);

View File

@ -4389,8 +4389,6 @@ function zot_feed($uid,$observer_hash,$arr) {
$mindate = null; $mindate = null;
$message_id = null; $message_id = null;
require_once('include/security.php');
if(array_key_exists('mindate',$arr)) { if(array_key_exists('mindate',$arr)) {
$mindate = datetime_convert('UTC','UTC',$arr['mindate']); $mindate = datetime_convert('UTC','UTC',$arr['mindate']);
} }
@ -4404,7 +4402,7 @@ function zot_feed($uid,$observer_hash,$arr) {
$mindate = dbesc($mindate); $mindate = dbesc($mindate);
logger('zot_feed: requested for uid ' . $uid . ' from observer ' . $observer_xchan, LOGGER_DEBUG); logger('zot_feed: requested for uid ' . $uid . ' from observer ' . $observer_hash, LOGGER_DEBUG);
if($message_id) if($message_id)
logger('message_id: ' . $message_id,LOGGER_DEBUG); logger('message_id: ' . $message_id,LOGGER_DEBUG);

View File

@ -75,12 +75,12 @@ class FKOAuthDataStore extends OAuthDataStore {
$k = $consumer; $k = $consumer;
} }
$r = q("INSERT INTO tokens (id, secret, client_id, scope, expires) VALUES ('%s','%s','%s','%s', UNIX_TIMESTAMP()+%d)", $r = q("INSERT INTO tokens (id, secret, client_id, scope, expires) VALUES ('%s','%s','%s','%s', %d)",
dbesc($key), dbesc($key),
dbesc($sec), dbesc($sec),
dbesc($k), dbesc($k),
'request', 'request',
intval(REQUEST_TOKEN_DURATION)); time()+intval(REQUEST_TOKEN_DURATION));
if (!$r) return null; if (!$r) return null;
return new OAuthToken($key,$sec); return new OAuthToken($key,$sec);
@ -104,12 +104,12 @@ class FKOAuthDataStore extends OAuthDataStore {
$key = $this->gen_token(); $key = $this->gen_token();
$sec = $this->gen_token(); $sec = $this->gen_token();
$r = q("INSERT INTO tokens (id, secret, client_id, scope, expires, uid) VALUES ('%s','%s','%s','%s', UNIX_TIMESTAMP()+%d, %d)", $r = q("INSERT INTO tokens (id, secret, client_id, scope, expires, uid) VALUES ('%s','%s','%s','%s', %d, %d)",
dbesc($key), dbesc($key),
dbesc($sec), dbesc($sec),
dbesc($consumer->key), dbesc($consumer->key),
'access', 'access',
intval(ACCESS_TOKEN_DURATION), time()+intval(ACCESS_TOKEN_DURATION),
intval($uverifier)); intval($uverifier));
if ($r) if ($r)

127
index.php
View File

@ -1,47 +1,42 @@
<?php /** @file */ <?php
/** /**
* @file index.php
* *
* Red Matrix * @brief The main entry point to the application.
* *
* Bootstrap the application, load configuration, load modules, load theme, etc.
*/ */
/** /*
*
* bootstrap the application * bootstrap the application
*
*/ */
require_once('boot.php'); require_once('boot.php');
// our global App object
$a = new App; $a = new App;
/** /*
*
* Load the configuration file which contains our DB credentials. * Load the configuration file which contains our DB credentials.
* Ignore errors. If the file doesn't exist or is empty, we are running in installation mode.' * Ignore errors. If the file doesn't exist or is empty, we are running in
* * installation mode.
*/ */
$a->install = ((file_exists('.htconfig.php') && filesize('.htconfig.php')) ? false : true); $a->install = ((file_exists('.htconfig.php') && filesize('.htconfig.php')) ? false : true);
@include(".htconfig.php"); @include('.htconfig.php');
$a->timezone = ((x($default_timezone)) ? $default_timezone : 'UTC'); $a->timezone = ((x($default_timezone)) ? $default_timezone : 'UTC');
date_default_timezone_set($a->timezone); date_default_timezone_set($a->timezone);
/** /*
*
* Try to open the database; * Try to open the database;
*
*/ */
require_once("include/dba/dba_driver.php"); require_once('include/dba/dba_driver.php');
if(! $a->install) { if(! $a->install) {
$db = dba_factory($db_host, $db_port, $db_user, $db_pass, $db_data, $db_type, $a->install); $db = dba_factory($db_host, $db_port, $db_user, $db_pass, $db_data, $db_type, $a->install);
unset($db_host, $db_port, $db_user, $db_pass, $db_data, $db_type); unset($db_host, $db_port, $db_user, $db_pass, $db_data, $db_type);
/** /**
* Load configs from db. Overwrite configs from .htconfig.php * Load configs from db. Overwrite configs from .htconfig.php
@ -51,10 +46,10 @@ if(! $a->install) {
load_config('system'); load_config('system');
load_config('feature'); load_config('feature');
require_once("include/session.php"); require_once('include/session.php');
load_hooks(); load_hooks();
call_hooks('init_1'); call_hooks('init_1');
$a->language = get_best_language(); $a->language = get_best_language();
load_translation_table($a->language); load_translation_table($a->language);
// Force the cookie to be secure (https only) if this site is SSL enabled. Must be done before session_start(). // Force the cookie to be secure (https only) if this site is SSL enabled. Must be done before session_start().
@ -82,7 +77,7 @@ else {
* *
* The order of these may be important so use caution if you think they're all * The order of these may be important so use caution if you think they're all
* intertwingled with no logical order and decide to sort it out. Some of the * intertwingled with no logical order and decide to sort it out. Some of the
* dependencies have changed, but at least at one time in the recent past - the * dependencies have changed, but at least at one time in the recent past - the
* order was critical to everything working properly * order was critical to everything working properly
* *
*/ */
@ -100,7 +95,7 @@ if(array_key_exists('system_language',$_POST)) {
else else
unset($_SESSION['language']); unset($_SESSION['language']);
} }
if((x($_SESSION,'language')) && ($_SESSION['language'] !== $lang)) { if((x($_SESSION, 'language')) && ($_SESSION['language'] !== $lang)) {
$a->language = $_SESSION['language']; $a->language = $_SESSION['language'];
load_translation_table($a->language); load_translation_table($a->language);
} }
@ -113,20 +108,19 @@ if((x($_GET,'zid')) && (! $a->install)) {
} }
} }
if((x($_SESSION,'authenticated')) || (x($_POST,'auth-params')) || ($a->module === 'login')) if((x($_SESSION, 'authenticated')) || (x($_POST, 'auth-params')) || ($a->module === 'login'))
require("include/auth.php"); require('include/auth.php');
if(! x($_SESSION, 'sysmsg'))
if(! x($_SESSION,'sysmsg'))
$_SESSION['sysmsg'] = array(); $_SESSION['sysmsg'] = array();
if(! x($_SESSION,'sysmsg_info')) if(! x($_SESSION, 'sysmsg_info'))
$_SESSION['sysmsg_info'] = array(); $_SESSION['sysmsg_info'] = array();
/* /*
* check_config() is responsible for running update scripts. These automatically * check_config() is responsible for running update scripts. These automatically
* update the DB schema whenever we push a new one out. It also checks to see if * update the DB schema whenever we push a new one out. It also checks to see if
* any plugins have been added or removed and reacts accordingly. * any plugins have been added or removed and reacts accordingly.
*/ */
@ -154,23 +148,22 @@ $a->set_apps($arr['app_menu']);
* and use it for handling our URL request. * and use it for handling our URL request.
* The module file contains a few functions that we call in various circumstances * The module file contains a few functions that we call in various circumstances
* and in the following order: * and in the following order:
* *
* "module"_init * "module"_init
* "module"_post (only called if there are $_POST variables) * "module"_post (only called if there are $_POST variables)
* "module"_aside * "module"_aside
* $theme_$module_aside (and $extends_$module_aside) are run first if either exist * $theme_$module_aside (and $extends_$module_aside) are run first if either exist
* if either of these return false, module_aside is not called * if either of these return false, module_aside is not called
* This allows a theme to over-ride the sidebar layout completely. * This allows a theme to over-ride the sidebar layout completely.
* "module"_content - the string return of this function contains our page body * "module"_content - the string return of this function contains our page body
* *
* Modules which emit other serialisations besides HTML (XML,JSON, etc.) should do * Modules which emit other serialisations besides HTML (XML,JSON, etc.) should do
* so within the module init and/or post functions and then invoke killme() to terminate * so within the module init and/or post functions and then invoke killme() to terminate
* further processing. * further processing.
*/ */
if(strlen($a->module)) { if(strlen($a->module)) {
/** /**
* *
* We will always have a module name. * We will always have a module name.
@ -184,7 +177,6 @@ if(strlen($a->module)) {
$a->module_loaded = true; $a->module_loaded = true;
} }
if((strpos($a->module,'admin') === 0) && (! is_site_admin())) { if((strpos($a->module,'admin') === 0) && (! is_site_admin())) {
$a->module_loaded = false; $a->module_loaded = false;
notice( t('Permission denied.') . EOL); notice( t('Permission denied.') . EOL);
@ -197,7 +189,6 @@ if(strlen($a->module)) {
*/ */
if(! $a->module_loaded) { if(! $a->module_loaded) {
if(file_exists("mod/site/{$a->module}.php")) { if(file_exists("mod/site/{$a->module}.php")) {
include_once("mod/site/{$a->module}.php"); include_once("mod/site/{$a->module}.php");
$a->module_loaded = true; $a->module_loaded = true;
@ -210,37 +201,36 @@ if(strlen($a->module)) {
/** /**
*
* The URL provided does not resolve to a valid module. * The URL provided does not resolve to a valid module.
* *
* On Dreamhost sites, quite often things go wrong for no apparent reason and they send us to '/internal_error.html'. * On Dreamhost sites, quite often things go wrong for no apparent reason and they send us to '/internal_error.html'.
* We don't like doing this, but as it occasionally accounts for 10-20% or more of all site traffic - * We don't like doing this, but as it occasionally accounts for 10-20% or more of all site traffic -
* we are going to trap this and redirect back to the requested page. As long as you don't have a critical error on your page * we are going to trap this and redirect back to the requested page. As long as you don't have a critical error on your page
* this will often succeed and eventually do the right thing. * this will often succeed and eventually do the right thing.
* *
* Otherwise we are going to emit a 404 not found. * Otherwise we are going to emit a 404 not found.
*
*/ */
if(! $a->module_loaded) { if(! $a->module_loaded) {
// Stupid browser tried to pre-fetch our Javascript img template. Don't log the event or return anything - just quietly exit. // Stupid browser tried to pre-fetch our Javascript img template. Don't log the event or return anything - just quietly exit.
if((x($_SERVER,'QUERY_STRING')) && preg_match('/{[0-9]}/',$_SERVER['QUERY_STRING']) !== 0) { if((x($_SERVER, 'QUERY_STRING')) && preg_match('/{[0-9]}/', $_SERVER['QUERY_STRING']) !== 0) {
killme(); killme();
} }
if((x($_SERVER,'QUERY_STRING')) && ($_SERVER['QUERY_STRING'] === 'q=internal_error.html') && isset($dreamhost_error_hack)) { if((x($_SERVER, 'QUERY_STRING')) && ($_SERVER['QUERY_STRING'] === 'q=internal_error.html') && isset($dreamhost_error_hack)) {
logger('index.php: dreamhost_error_hack invoked. Original URI =' . $_SERVER['REQUEST_URI']); logger('index.php: dreamhost_error_hack invoked. Original URI =' . $_SERVER['REQUEST_URI']);
goaway($a->get_baseurl() . $_SERVER['REQUEST_URI']); goaway($a->get_baseurl() . $_SERVER['REQUEST_URI']);
} }
logger('index.php: page not found: ' . $_SERVER['REQUEST_URI'] . ' ADDRESS: ' . $_SERVER['REMOTE_ADDR'] . ' QUERY: ' . $_SERVER['QUERY_STRING'], LOGGER_DEBUG); logger('index.php: page not found: ' . $_SERVER['REQUEST_URI'] . ' ADDRESS: ' . $_SERVER['REMOTE_ADDR'] . ' QUERY: ' . $_SERVER['QUERY_STRING'], LOGGER_DEBUG);
header($_SERVER["SERVER_PROTOCOL"] . ' 404 ' . t('Not Found')); header($_SERVER['SERVER_PROTOCOL'] . ' 404 ' . t('Not Found'));
$tpl = get_markup_template("404.tpl"); $tpl = get_markup_template('404.tpl');
$a->page['content'] = replace_macros($tpl, array( $a->page['content'] = replace_macros($tpl, array(
'$message' => t('Page not found.' ) '$message' => t('Page not found.')
)); ));
// pretend this is a module so it will initialise the theme.
// pretend this is a module so it will initialise the theme
$a->module = '404'; $a->module = '404';
$a->module_loaded = true; $a->module_loaded = true;
} }
@ -249,11 +239,10 @@ if(strlen($a->module)) {
/* initialise content region */ /* initialise content region */
if(! x($a->page,'content')) if(! x($a->page, 'content'))
$a->page['content'] = ''; $a->page['content'] = '';
if(! ($a->module === 'setup')) { if(! ($a->module === 'setup')) {
/* set JS cookie */ /* set JS cookie */
if($_COOKIE['jsAvailable'] != 1) { if($_COOKIE['jsAvailable'] != 1) {
@ -263,9 +252,9 @@ if(! ($a->module === 'setup')) {
$_COOKIE['jsAvailable'] = 1; $_COOKIE['jsAvailable'] = 1;
} }
} }
call_hooks('page_content_top',$a->page['content']);
}
call_hooks('page_content_top', $a->page['content']);
}
@ -282,7 +271,7 @@ if($a->module_loaded) {
* For this reason, please restrict the use of templates to those which * For this reason, please restrict the use of templates to those which
* do not provide any presentation details - as themes will not be able * do not provide any presentation details - as themes will not be able
* to over-ride them. * to over-ride them.
*/ */
if(function_exists($a->module . '_init')) { if(function_exists($a->module . '_init')) {
call_hooks($a->module . '_mod_init', $placeholder); call_hooks($a->module . '_mod_init', $placeholder);
@ -310,32 +299,31 @@ if($a->module_loaded) {
* load current theme info * load current theme info
*/ */
$theme_info_file = "view/theme/".current_theme()."/php/theme.php"; $theme_info_file = 'view/theme/' . current_theme() . '/php/theme.php';
if (file_exists($theme_info_file)){ if (file_exists($theme_info_file)){
require_once($theme_info_file); require_once($theme_info_file);
} }
if(function_exists(str_replace('-','_',current_theme()) . '_init')) { if(function_exists(str_replace('-', '_', current_theme()) . '_init')) {
$func = str_replace('-','_',current_theme()) . '_init'; $func = str_replace('-', '_', current_theme()) . '_init';
$func($a); $func($a);
} }
elseif (x($a->theme_info,"extends") && file_exists("view/theme/".$a->theme_info["extends"]."/php/theme.php")) { elseif (x($a->theme_info, 'extends') && file_exists('view/theme/' . $a->theme_info['extends'] . '/php/theme.php')) {
require_once("view/theme/".$a->theme_info["extends"]."/php/theme.php"); require_once('view/theme/' . $a->theme_info['extends'] . '/php/theme.php');
if(function_exists(str_replace('-','_',$a->theme_info["extends"]) . '_init')) { if(function_exists(str_replace('-', '_', $a->theme_info['extends']) . '_init')) {
$func = str_replace('-','_',$a->theme_info["extends"]) . '_init'; $func = str_replace('-', '_', $a->theme_info['extends']) . '_init';
$func($a); $func($a);
} }
} }
if(($_SERVER['REQUEST_METHOD'] === 'POST') && (! $a->error) if(($_SERVER['REQUEST_METHOD'] === 'POST') && (! $a->error)
&& (function_exists($a->module . '_post')) && (function_exists($a->module . '_post'))
&& (! x($_POST,'auth-params'))) { && (! x($_POST, 'auth-params'))) {
call_hooks($a->module . '_mod_post', $_POST); call_hooks($a->module . '_mod_post', $_POST);
$func = $a->module . '_post'; $func = $a->module . '_post';
$func($a); $func($a);
} }
if(! $a->error) { if(! $a->error) {
// If a theme has defined an _aside() function, run that first // If a theme has defined an _aside() function, run that first
// //
@ -353,9 +341,9 @@ if($a->module_loaded) {
$func = str_replace('-','_',current_theme()) . '_' . $a->module . '_aside'; $func = str_replace('-','_',current_theme()) . '_' . $a->module . '_aside';
$aside_default = $func($a); $aside_default = $func($a);
} }
elseif($aside_default && x($a->theme_info,"extends") elseif($aside_default && x($a->theme_info, "extends")
&& (function_exists(str_replace('-','_',$a->theme_info["extends"]) . '_' . $a->module . '_aside'))) { && (function_exists(str_replace('-', '_',$a->theme_info["extends"]) . '_' . $a->module . '_aside'))) {
$func = str_replace('-','_',$a->theme_info["extends"]) . '_' . $a->module . '_aside'; $func = str_replace('-', '_', $a->theme_info["extends"]) . '_' . $a->module . '_aside';
$aside_default = $func($a); $aside_default = $func($a);
} }
if($aside_default && function_exists($a->module . '_aside')) { if($aside_default && function_exists($a->module . '_aside')) {
@ -373,24 +361,25 @@ if($a->module_loaded) {
call_hooks($a->module . '_mod_aftercontent', $arr); call_hooks($a->module . '_mod_aftercontent', $arr);
$a->page['content'] .= $arr['content']; $a->page['content'] .= $arr['content'];
} }
} }
// If you're just visiting, let javascript take you home // If you're just visiting, let javascript take you home
if(x($_SESSION,'visitor_home')) if(x($_SESSION, 'visitor_home')) {
$homebase = $_SESSION['visitor_home']; $homebase = $_SESSION['visitor_home'];
elseif(local_channel()) } elseif(local_channel()) {
$homebase = $a->get_baseurl() . '/channel/' . $a->channel['channel_address']; $homebase = $a->get_baseurl() . '/channel/' . $a->channel['channel_address'];
}
if(isset($homebase)) if(isset($homebase)) {
$a->page['content'] .= '<script>var homebase="' . $homebase . '" ; </script>'; $a->page['content'] .= '<script>var homebase = "' . $homebase . '";</script>';
}
// now that we've been through the module content, see if the page reported // now that we've been through the module content, see if the page reported
// a permission problem and if so, a 403 response would seem to be in order. // a permission problem and if so, a 403 response would seem to be in order.
if(stristr( implode("",$_SESSION['sysmsg']), t('Permission denied'))) { if(stristr(implode("", $_SESSION['sysmsg']), t('Permission denied'))) {
header($_SERVER["SERVER_PROTOCOL"] . ' 403 ' . t('Permission denied.')); header($_SERVER['SERVER_PROTOCOL'] . ' 403 ' . t('Permission denied.'));
} }

View File

@ -345,12 +345,12 @@ function connedit_content(&$a) {
$o .= "<script>function connectDefaultShare() { $o .= "<script>function connectDefaultShare() {
\$('.abook-edit-me').each(function() { \$('.abook-edit-me').each(function() {
if(! $(this).is(':disabled')) if(! $(this).is(':disabled'))
$(this).removeAttr('checked'); $(this).prop('checked', false);
});\n\n"; });\n\n";
$perms = get_perms(); $perms = get_perms();
foreach($perms as $p => $v) { foreach($perms as $p => $v) {
if($my_perms & $v[1]) { if($my_perms & $v[1]) {
$o .= "\$('#me_id_perms_" . $p . "').attr('checked','checked'); \n"; $o .= "\$('#me_id_perms_" . $p . "').prop('checked', true); \n";
} }
} }
$o .= " }\n</script>\n"; $o .= " }\n</script>\n";

View File

@ -1,40 +1,53 @@
<?php <?php
/**
* @file mod/setup.php
*
* Controller for the initial setup/installation.
*
* @todo This setup module could need some love and improvements.
*/
$install_wizard_pass=1; $install_wizard_pass = 1;
/**
* @brief Initialisation for the setup module.
*
* @param[in,out] App &$a
*/
function setup_init(&$a){ function setup_init(&$a){
// Ensure that if somebody hasn't read the install documentation and doesn't have all // Ensure that if somebody hasn't read the install documentation and doesn't have all
// the required modules or has a totally borked shared hosting provider and they can't // the required modules or has a totally borked shared hosting provider and they can't
// figure out what the hell is going on - that we at least spit out an error message which // figure out what the hell is going on - that we at least spit out an error message which
// we can inquire about when they write to tell us that our software doesn't work. // we can inquire about when they write to tell us that our software doesn't work.
// The worst thing we can do at this point is throw a white screen of death and rely on // The worst thing we can do at this point is throw a white screen of death and rely on
// them knowing about servers and php modules and logfiles enough so that we can guess // them knowing about servers and php modules and logfiles enough so that we can guess
// at the source of the problem. As ugly as it may be, we need to throw a technically worded // at the source of the problem. As ugly as it may be, we need to throw a technically worded
// PHP error message in their face. Once installation is complete application errors will // PHP error message in their face. Once installation is complete application errors will
// throw a white screen because these error messages divulge information which can // throw a white screen because these error messages divulge information which can
// potentially be useful to hackers. // potentially be useful to hackers.
error_reporting(E_ERROR | E_WARNING | E_PARSE );
error_reporting(E_ERROR | E_WARNING | E_PARSE ); ini_set('log_errors', '0');
ini_set('log_errors','0');
ini_set('display_errors', '1'); ini_set('display_errors', '1');
// $baseurl/setup/testrwrite to test if rewite in .htaccess is working // $baseurl/setup/testrwrite to test if rewite in .htaccess is working
if (argc() ==2 && argv(1)=="testrewrite") { if (argc() == 2 && argv(1) == "testrewrite") {
echo "ok"; echo 'ok';
killme(); killme();
} }
global $install_wizard_pass; global $install_wizard_pass;
if (x($_POST,'pass')) if (x($_POST, 'pass'))
$install_wizard_pass = intval($_POST['pass']); $install_wizard_pass = intval($_POST['pass']);
} }
/**
* @brief Handle the actions of the different setup steps.
*
* @param[in,out] App &$a
*/
function setup_post(&$a) { function setup_post(&$a) {
global $install_wizard_pass, $db; global $install_wizard_pass, $db;
@ -58,8 +71,9 @@ function setup_post(&$a) {
require_once('include/dba/dba_driver.php'); require_once('include/dba/dba_driver.php');
unset($db); unset($db);
$db = dba_factory($dbhost, $dbport, $dbuser, $dbpass, $dbdata, $dbtype, true); $db = dba_factory($dbhost, $dbport, $dbuser, $dbpass, $dbdata, $dbtype, true);
if(! $db->connected) { if(! $db->connected) {
echo "Database Connect failed: " . $db->error; echo 'Database Connect failed: ' . $db->error;
killme(); killme();
$a->data['db_conn_failed']=true; $a->data['db_conn_failed']=true;
} }
@ -83,10 +97,10 @@ function setup_post(&$a) {
} }
}*/ }*/
//if(get_db_errno()) { //if(get_db_errno()) {
//} //}
return; return;
break; break;
case 4: case 4:
$urlpath = $a->get_path(); $urlpath = $a->get_path();
@ -100,10 +114,9 @@ function setup_post(&$a) {
$timezone = notags(trim($_POST['timezone'])); $timezone = notags(trim($_POST['timezone']));
$adminmail = notags(trim($_POST['adminmail'])); $adminmail = notags(trim($_POST['adminmail']));
$siteurl = notags(trim($_POST['siteurl'])); $siteurl = notags(trim($_POST['siteurl']));
if($siteurl != z_root()) { if($siteurl != z_root()) {
$test = z_fetch_url($siteurl."/setup/testrewrite"); $test = z_fetch_url($siteurl."/setup/testrewrite");
if((! $test['success']) || ($test['body'] != 'ok')) { if((! $test['success']) || ($test['body'] != 'ok')) {
$a->data['url_fail'] = true; $a->data['url_fail'] = true;
$a->data['url_error'] = $test['error']; $a->data['url_error'] = $test['error'];
@ -147,7 +160,7 @@ function setup_post(&$a) {
$a->data['db_installed'] = true; $a->data['db_installed'] = true;
return; return;
break; break;
} }
} }
@ -156,47 +169,50 @@ function get_db_errno() {
return mysqli_connect_errno(); return mysqli_connect_errno();
else else
return mysql_errno(); return mysql_errno();
} }
/**
* @brief Get output for the setup page.
*
* Depending on the state we are currently in it returns different content.
*
* @param App &$a
* @return string parsed HTML output
*/
function setup_content(&$a) { function setup_content(&$a) {
global $install_wizard_pass, $db; global $install_wizard_pass, $db;
$o = '';
$wizard_status = "";
$install_title = t('$Projectname Server - Setup');
$o = '';
if(x($a->data,'db_conn_failed')) { $wizard_status = '';
$install_title = t('$Projectname Server - Setup');
if(x($a->data, 'db_conn_failed')) {
$install_wizard_pass = 2; $install_wizard_pass = 2;
$wizard_status = t('Could not connect to database.'); $wizard_status = t('Could not connect to database.');
} }
if(x($a->data,'url_fail')) { if(x($a->data, 'url_fail')) {
$install_wizard_pass = 3; $install_wizard_pass = 3;
$wizard_status = t('Could not connect to specified site URL. Possible SSL certificate or DNS issue.'); $wizard_status = t('Could not connect to specified site URL. Possible SSL certificate or DNS issue.');
if($a->data['url_error']) if($a->data['url_error'])
$wizard_status .= ' ' . $a->data['url_error']; $wizard_status .= ' ' . $a->data['url_error'];
} }
if(x($a->data,'db_create_failed')) { if(x($a->data, 'db_create_failed')) {
$install_wizard_pass = 2; $install_wizard_pass = 2;
$wizard_status = t('Could not create table.'); $wizard_status = t('Could not create table.');
} }
$db_return_text = '';
$db_return_text=""; if(x($a->data, 'db_installed')) {
if(x($a->data,'db_installed')) {
$txt = '<p style="font-size: 130%;">'; $txt = '<p style="font-size: 130%;">';
$txt .= t('Your site database has been installed.') . EOL; $txt .= t('Your site database has been installed.') . EOL;
$db_return_text .= $txt; $db_return_text .= $txt;
} }
if(x($a->data, 'db_failed')) {
if(x($a->data,'db_failed')) {
$txt = t('You may need to import the file "install/schema_xxx.sql" manually using a database client.') . EOL; $txt = t('You may need to import the file "install/schema_xxx.sql" manually using a database client.') . EOL;
$txt .= t('Please see the file "install/INSTALL.txt".') . EOL ."<hr>" ; $txt .= t('Please see the file "install/INSTALL.txt".') . EOL ."<hr>" ;
$txt .= "<pre>".$a->data['db_failed'] . "</pre>". EOL ; $txt .= "<pre>".$a->data['db_failed'] . "</pre>". EOL ;
$db_return_text .= $txt; $db_return_text .= $txt;
} }
if($db && $db->connected) { if($db && $db->connected) {
$r = q("SELECT COUNT(*) as `total` FROM `account`"); $r = q("SELECT COUNT(*) as `total` FROM `account`");
if($r && count($r) && $r[0]['total']) { if($r && count($r) && $r[0]['total']) {
@ -210,23 +226,22 @@ function setup_content(&$a) {
} }
} }
if(x($a->data,'txt') && strlen($a->data['txt'])) { if(x($a->data, 'txt') && strlen($a->data['txt'])) {
$db_return_text .= manual_config($a); $db_return_text .= manual_config($a);
} }
if ($db_return_text!="") { if ($db_return_text != "") {
$tpl = get_markup_template('install.tpl'); $tpl = get_markup_template('install.tpl');
return replace_macros($tpl, array( return replace_macros($tpl, array(
'$title' => $install_title, '$title' => $install_title,
'$pass' => "", '$pass' => '',
'$text' => $db_return_text . what_next(), '$text' => $db_return_text . what_next(),
)); ));
} }
switch ($install_wizard_pass){ switch ($install_wizard_pass){
case 1: { // System check case 1: { // System check
$checks = array(); $checks = array();
check_funcs($checks); check_funcs($checks);
@ -238,22 +253,23 @@ function setup_content(&$a) {
check_smarty3($checks); check_smarty3($checks);
check_keys($checks); check_keys($checks);
if(x($_POST,'phpath')) if (x($_POST, 'phpath'))
$phpath = notags(trim($_POST['phpath'])); $phpath = notags(trim($_POST['phpath']));
check_php($phpath, $checks); check_php($phpath, $checks);
check_htaccess($checks); check_phpconfig($checks);
function check_passed($v, $c){ check_htaccess($checks);
function check_passed($v, $c) {
if ($c['required']) if ($c['required'])
$v = $v && $c['status']; $v = $v && $c['status'];
return $v; return $v;
} }
$checkspassed = array_reduce($checks, "check_passed", true); $checkspassed = array_reduce($checks, "check_passed", true);
$tpl = get_markup_template('install_checks.tpl'); $tpl = get_markup_template('install_checks.tpl');
$o .= replace_macros($tpl, array( $o .= replace_macros($tpl, array(
@ -269,7 +285,7 @@ function setup_content(&$a) {
)); ));
return $o; return $o;
}; break; }; break;
case 2: { // Database config case 2: { // Database config
$dbhost = ((x($_POST,'dbhost')) ? notags(trim($_POST['dbhost'])) : 'localhost'); $dbhost = ((x($_POST,'dbhost')) ? notags(trim($_POST['dbhost'])) : 'localhost');
@ -281,7 +297,6 @@ function setup_content(&$a) {
$phpath = notags(trim($_POST['phpath'])); $phpath = notags(trim($_POST['phpath']));
$adminmail = notags(trim($_POST['adminmail'])); $adminmail = notags(trim($_POST['adminmail']));
$siteurl = notags(trim($_POST['siteurl'])); $siteurl = notags(trim($_POST['siteurl']));
$tpl = get_markup_template('install_db.tpl'); $tpl = get_markup_template('install_db.tpl');
$o .= replace_macros($tpl, array( $o .= replace_macros($tpl, array(
@ -292,7 +307,7 @@ function setup_content(&$a) {
'$info_03' => t('The database you specify below should already exist. If it does not, please create it before continuing.'), '$info_03' => t('The database you specify below should already exist. If it does not, please create it before continuing.'),
'$status' => $wizard_status, '$status' => $wizard_status,
'$dbhost' => array('dbhost', t('Database Server Name'), $dbhost, t('Default is localhost')), '$dbhost' => array('dbhost', t('Database Server Name'), $dbhost, t('Default is localhost')),
'$dbport' => array('dbport', t('Database Port'), $dbport, t('Communication port number - use 0 for default')), '$dbport' => array('dbport', t('Database Port'), $dbport, t('Communication port number - use 0 for default')),
'$dbuser' => array('dbuser', t('Database Login Name'), $dbuser, ''), '$dbuser' => array('dbuser', t('Database Login Name'), $dbuser, ''),
@ -302,16 +317,14 @@ function setup_content(&$a) {
'$adminmail' => array('adminmail', t('Site administrator email address'), $adminmail, t('Your account email address must match this in order to use the web admin panel.')), '$adminmail' => array('adminmail', t('Site administrator email address'), $adminmail, t('Your account email address must match this in order to use the web admin panel.')),
'$siteurl' => array('siteurl', t('Website URL'), z_root(), t('Please use SSL (https) URL if available.')), '$siteurl' => array('siteurl', t('Website URL'), z_root(), t('Please use SSL (https) URL if available.')),
'$lbl_10' => t('Please select a default timezone for your website'), '$lbl_10' => t('Please select a default timezone for your website'),
'$baseurl' => $a->get_baseurl(), '$baseurl' => $a->get_baseurl(),
'$phpath' => $phpath, '$phpath' => $phpath,
'$submit' => t('Submit'), '$submit' => t('Submit'),
)); ));
return $o; return $o;
}; break; }; break;
@ -324,241 +337,296 @@ function setup_content(&$a) {
$dbdata = notags(trim($_POST['dbdata'])); $dbdata = notags(trim($_POST['dbdata']));
$dbtype = intval(notags(trim($_POST['dbtype']))); $dbtype = intval(notags(trim($_POST['dbtype'])));
$phpath = notags(trim($_POST['phpath'])); $phpath = notags(trim($_POST['phpath']));
$adminmail = notags(trim($_POST['adminmail'])); $adminmail = notags(trim($_POST['adminmail']));
$siteurl = notags(trim($_POST['siteurl'])); $siteurl = notags(trim($_POST['siteurl']));
$timezone = ((x($_POST,'timezone')) ? ($_POST['timezone']) : 'America/Los_Angeles'); $timezone = ((x($_POST,'timezone')) ? ($_POST['timezone']) : 'America/Los_Angeles');
$tpl = get_markup_template('install_settings.tpl'); $tpl = get_markup_template('install_settings.tpl');
$o .= replace_macros($tpl, array( $o .= replace_macros($tpl, array(
'$title' => $install_title, '$title' => $install_title,
'$pass' => t('Site settings'), '$pass' => t('Site settings'),
'$status' => $wizard_status, '$status' => $wizard_status,
'$dbhost' => $dbhost, '$dbhost' => $dbhost,
'$dbport' => $dbport, '$dbport' => $dbport,
'$dbuser' => $dbuser, '$dbuser' => $dbuser,
'$dbpass' => $dbpass, '$dbpass' => $dbpass,
'$dbdata' => $dbdata, '$dbdata' => $dbdata,
'$phpath' => $phpath, '$phpath' => $phpath,
'$dbtype' => $dbtype, '$dbtype' => $dbtype,
'$adminmail' => array('adminmail', t('Site administrator email address'), $adminmail, t('Your account email address must match this in order to use the web admin panel.')), '$adminmail' => array('adminmail', t('Site administrator email address'), $adminmail, t('Your account email address must match this in order to use the web admin panel.')),
'$siteurl' => array('siteurl', t('Website URL'), z_root(), t('Please use SSL (https) URL if available.')), '$siteurl' => array('siteurl', t('Website URL'), z_root(), t('Please use SSL (https) URL if available.')),
'$timezone' => array('timezone', t('Please select a default timezone for your website'), $timezone, '', get_timezones()), '$timezone' => array('timezone', t('Please select a default timezone for your website'), $timezone, '', get_timezones()),
'$baseurl' => $a->get_baseurl(), '$baseurl' => $a->get_baseurl(),
'$submit' => t('Submit'), '$submit' => t('Submit'),
)); ));
return $o; return $o;
}; break; }; break;
} }
} }
/** /**
* checks : array passed to template * @brief Add a check result to the array for output.
* title : string *
* status : boolean * @param[in,out] array &$checks array passed to template
* required : boolean * @param string $title a title for the check
* help : string optional * @param boolean $status
* @param boolean $required
* @param[optional] string $help optional help string
*/ */
function check_add(&$checks, $title, $status, $required, $help){ function check_add(&$checks, $title, $status, $required, $help = '') {
$checks[] = array( $checks[] = array(
'title' => $title, 'title' => $title,
'status' => $status, 'status' => $status,
'required' => $required, 'required' => $required,
'help' => $help, 'help' => $help
); );
} }
/**
* @brief Checks the PHP environment.
*
* @param[in,out] string &$phpath
* @param[out] array &$checks
*/
function check_php(&$phpath, &$checks) { function check_php(&$phpath, &$checks) {
if (strlen($phpath)){ $help = '';
if (strlen($phpath)) {
$passed = file_exists($phpath); $passed = file_exists($phpath);
} else { } else {
if(is_windows()) if(is_windows())
$phpath = trim(shell_exec('where php')); $phpath = trim(shell_exec('where php'));
else else
$phpath = trim(shell_exec('which php')); $phpath = trim(shell_exec('which php'));
$passed = strlen($phpath); $passed = strlen($phpath);
} }
$help = "";
if(!$passed) { if(!$passed) {
$help .= t('Could not find a command line version of PHP in the web server PATH.'). EOL; $help .= t('Could not find a command line version of PHP in the web server PATH.'). EOL;
$help .= t("If you don't have a command line version of PHP installed on server, you will not be able to run background polling via cron.") . EOL; $help .= t('If you don\'t have a command line version of PHP installed on server, you will not be able to run background polling via cron.') . EOL;
$help .= EOL . EOL ; $help .= EOL . EOL ;
$tpl = get_markup_template('field_input.tpl'); $tpl = get_markup_template('field_input.tpl');
$help .= replace_macros($tpl, array( $help .= replace_macros($tpl, array(
'$field' => array('phpath', t('PHP executable path'), $phpath, t('Enter full path to php executable. You can leave this blank to continue the installation.')), '$field' => array('phpath', t('PHP executable path'), $phpath, t('Enter full path to php executable. You can leave this blank to continue the installation.')),
)); ));
$phpath=""; $phpath = '';
} }
check_add($checks, t('Command line PHP').($passed?" (<tt>$phpath</tt>)":""), $passed, false, $help); check_add($checks, t('Command line PHP').($passed?" (<tt>$phpath</tt>)":""), $passed, false, $help);
if($passed) { if($passed) {
$str = autoname(8); $str = autoname(8);
$cmd = "$phpath install/testargs.php $str"; $cmd = "$phpath install/testargs.php $str";
$result = trim(shell_exec($cmd)); $result = trim(shell_exec($cmd));
$passed2 = $result == $str; $passed2 = $result == $str;
$help = ""; $help = '';
if(!$passed2) { if(!$passed2) {
$help .= t('The command line version of PHP on your system does not have "register_argc_argv" enabled.'). EOL; $help .= t('The command line version of PHP on your system does not have "register_argc_argv" enabled.'). EOL;
$help .= t('This is required for message delivery to work.'); $help .= t('This is required for message delivery to work.');
} }
check_add($checks, t('PHP register_argc_argv'), $passed, true, $help); check_add($checks, t('PHP register_argc_argv'), $passed, true, $help);
} }
} }
function check_keys(&$checks) { /**
* @brief Some PHP configuration checks.
*
* @todo Change how we display such informational text. Add more description
* how to change them.
*
* @param[out] array &$checks
*/
function check_phpconfig(&$checks) {
require_once 'include/environment.php';
$help = ''; $help = '';
$result = getPhpiniUploadLimits();
$help = sprintf(t('Your max allowed total upload size is set to %s. Maximum size of one file to upload is set to %s. You are allowed to upload up to %d files at once.'),
userReadableSize($result['post_max_size']),
userReadableSize($result['max_upload_filesize']),
$result['max_file_uploads']
);
$help .= '<br>' . t('You can adjust these settings in the servers php.ini.');
check_add($checks, t('PHP upload limits'), true, false, $help);
}
/**
* @brief Check if the openssl implementation can generate keys.
*
* @param[out] array $checks
*/
function check_keys(&$checks) {
$help = '';
$res = false; $res = false;
if(function_exists('openssl_pkey_new')) if (function_exists('openssl_pkey_new')) {
$res=openssl_pkey_new(array( $res = openssl_pkey_new(array(
'digest_alg' => 'sha1', 'digest_alg' => 'sha1',
'private_key_bits' => 4096, 'private_key_bits' => 4096,
'encrypt_key' => false )); 'encrypt_key' => false)
);
}
// Get private key // Get private key
if(! $res) { if (! $res) {
$help .= t('Error: the "openssl_pkey_new" function on this system is not able to generate encryption keys'). EOL; $help .= t('Error: the "openssl_pkey_new" function on this system is not able to generate encryption keys'). EOL;
$help .= t('If running under Windows, please see "http://www.php.net/manual/en/openssl.installation.php".'); $help .= t('If running under Windows, please see "http://www.php.net/manual/en/openssl.installation.php".');
} }
check_add($checks, t('Generate encryption keys'), $res, true, $help);
check_add($checks, t('Generate encryption keys'), $res, true, $help);
} }
/**
* @brief Check for some PHP functions and modules.
*
* @param[in,out] array &$checks
*/
function check_funcs(&$checks) { function check_funcs(&$checks) {
$ck_funcs = array(); $ck_funcs = array();
check_add($ck_funcs, t('libCurl PHP module'), true, true, "");
check_add($ck_funcs, t('GD graphics PHP module'), true, true, ""); // add check metadata, the real check is done bit later and return values set
check_add($ck_funcs, t('OpenSSL PHP module'), true, true, ""); check_add($ck_funcs, t('libCurl PHP module'), true, true);
check_add($ck_funcs, t('mysqli or postgres PHP module'), true, true, ""); check_add($ck_funcs, t('GD graphics PHP module'), true, true);
check_add($ck_funcs, t('mb_string PHP module'), true, true, ""); check_add($ck_funcs, t('OpenSSL PHP module'), true, true);
check_add($ck_funcs, t('mcrypt PHP module'), true, true, ""); check_add($ck_funcs, t('mysqli or postgres PHP module'), true, true);
check_add($ck_funcs, t('mb_string PHP module'), true, true);
check_add($ck_funcs, t('mcrypt PHP module'), true, true);
check_add($ck_funcs, t('xml PHP module'), true, true);
if(function_exists('apache_get_modules')){ if(function_exists('apache_get_modules')){
if (! in_array('mod_rewrite',apache_get_modules())) { if (! in_array('mod_rewrite', apache_get_modules())) {
check_add($ck_funcs, t('Apache mod_rewrite module'), false, true, t('Error: Apache webserver mod-rewrite module is required but not installed.')); check_add($ck_funcs, t('Apache mod_rewrite module'), false, true, t('Error: Apache webserver mod-rewrite module is required but not installed.'));
} else { } else {
check_add($ck_funcs, t('Apache mod_rewrite module'), true, true, ""); check_add($ck_funcs, t('Apache mod_rewrite module'), true, true);
} }
} }
if((! function_exists('proc_open')) || strstr(ini_get('disable_functions'),'proc_open')) { if((! function_exists('proc_open')) || strstr(ini_get('disable_functions'),'proc_open')) {
check_add($ck_funcs, t('proc_open'), false, true, t('Error: proc_open is required but is either not installed or has been disabled in php.ini')); check_add($ck_funcs, t('proc_open'), false, true, t('Error: proc_open is required but is either not installed or has been disabled in php.ini'));
} }
else { else {
check_add($ck_funcs, t('proc_open'), true, true, ""); check_add($ck_funcs, t('proc_open'), true, true);
} }
if(! function_exists('curl_init')){ if(! function_exists('curl_init')) {
$ck_funcs[0]['status']= false; $ck_funcs[0]['status'] = false;
$ck_funcs[0]['help']= t('Error: libCURL PHP module required but not installed.'); $ck_funcs[0]['help'] = t('Error: libCURL PHP module required but not installed.');
} }
if(! function_exists('imagecreatefromjpeg')){ if(! function_exists('imagecreatefromjpeg')) {
$ck_funcs[1]['status']= false; $ck_funcs[1]['status'] = false;
$ck_funcs[1]['help']= t('Error: GD graphics PHP module with JPEG support required but not installed.'); $ck_funcs[1]['help'] = t('Error: GD graphics PHP module with JPEG support required but not installed.');
} }
if(! function_exists('openssl_public_encrypt')) { if(! function_exists('openssl_public_encrypt')) {
$ck_funcs[2]['status']= false; $ck_funcs[2]['status'] = false;
$ck_funcs[2]['help']= t('Error: openssl PHP module required but not installed.'); $ck_funcs[2]['help'] = t('Error: openssl PHP module required but not installed.');
} }
if(! function_exists('mysqli_connect') && !function_exists('pg_connect')){ if(! function_exists('mysqli_connect') && !function_exists('pg_connect')) {
$ck_funcs[3]['status']= false; $ck_funcs[3]['status'] = false;
$ck_funcs[3]['help']= t('Error: mysqli or postgres PHP module required but neither are installed.'); $ck_funcs[3]['help'] = t('Error: mysqli or postgres PHP module required but neither are installed.');
} }
if(! function_exists('mb_strlen')){ if(! function_exists('mb_strlen')) {
$ck_funcs[4]['status']= false; $ck_funcs[4]['status'] = false;
$ck_funcs[4]['help']= t('Error: mb_string PHP module required but not installed.'); $ck_funcs[4]['help'] = t('Error: mb_string PHP module required but not installed.');
} }
if(! function_exists('mcrypt_encrypt')){ if(! function_exists('mcrypt_encrypt')) {
$ck_funcs[5]['status']= false; $ck_funcs[5]['status'] = false;
$ck_funcs[5]['help']= t('Error: mcrypt PHP module required but not installed.'); $ck_funcs[5]['help'] = t('Error: mcrypt PHP module required but not installed.');
}
if(! extension_loaded('xml')) {
$ck_funcs[6]['status'] = false;
$ck_funcs[6]['help'] = t('Error: xml PHP module required for DAV but not installed.');
} }
$checks = array_merge($checks, $ck_funcs);
$checks = array_merge($checks, $ck_funcs);
} }
/**
* @brief Check for .htconfig requirements.
*
* @param[out] array &$checks
*/
function check_htconfig(&$checks) { function check_htconfig(&$checks) {
$status = true; $status = true;
$help = ""; $help = '';
if( (file_exists('.htconfig.php') && !is_writable('.htconfig.php')) ||
(!file_exists('.htconfig.php') && !is_writable('.')) ) {
$status=false;
$help = t('The web installer needs to be able to create a file called ".htconfig.php" in the top folder of your web server and it is unable to do so.') .EOL;
$help .= t('This is most often a permission setting, as the web server may not be able to write files in your folder - even if you can.').EOL;
$help .= t('At the end of this procedure, we will give you a text to save in a file named .htconfig.php in your Red top folder.').EOL;
$help .= t('You can alternatively skip this procedure and perform a manual installation. Please see the file "install/INSTALL.txt" for instructions.').EOL;
}
check_add($checks, t('.htconfig.php is writable'), $status, false, $help);
if( (file_exists('.htconfig.php') && !is_writable('.htconfig.php')) ||
(!file_exists('.htconfig.php') && !is_writable('.')) ) {
$status = false;
$help = t('The web installer needs to be able to create a file called ".htconfig.php" in the top folder of your web server and it is unable to do so.') .EOL;
$help .= t('This is most often a permission setting, as the web server may not be able to write files in your folder - even if you can.').EOL;
$help .= t('At the end of this procedure, we will give you a text to save in a file named .htconfig.php in your Red top folder.').EOL;
$help .= t('You can alternatively skip this procedure and perform a manual installation. Please see the file "install/INSTALL.txt" for instructions.').EOL;
}
check_add($checks, t('.htconfig.php is writable'), $status, false, $help);
} }
/**
* @brief Checks for our templating engine Smarty3 requirements.
*
* @param[out] array &$checks
*/
function check_smarty3(&$checks) { function check_smarty3(&$checks) {
$status = true; $status = true;
$help = ""; $help = '';
if( !is_writable(TEMPLATE_BUILD_PATH) ) {
if(! is_writable(TEMPLATE_BUILD_PATH) ) {
$status=false; $status = false;
$help = t('Red uses the Smarty3 template engine to render its web views. Smarty3 compiles templates to PHP to speed up rendering.') .EOL; $help = t('Red uses the Smarty3 template engine to render its web views. Smarty3 compiles templates to PHP to speed up rendering.') .EOL;
$help .= sprintf( t('In order to store these compiled templates, the web server needs to have write access to the directory %s under the Red top level folder.'), TEMPLATE_BUILD_PATH) . EOL; $help .= sprintf( t('In order to store these compiled templates, the web server needs to have write access to the directory %s under the Red top level folder.'), TEMPLATE_BUILD_PATH) . EOL;
$help .= t('Please ensure that the user that your web server runs as (e.g. www-data) has write access to this folder.').EOL; $help .= t('Please ensure that the user that your web server runs as (e.g. www-data) has write access to this folder.').EOL;
$help .= sprintf( t('Note: as a security measure, you should give the web server write access to %s only--not the template files (.tpl) that it contains.'), TEMPLATE_BUILD_PATH) . EOL; $help .= sprintf( t('Note: as a security measure, you should give the web server write access to %s only--not the template files (.tpl) that it contains.'), TEMPLATE_BUILD_PATH) . EOL;
} }
check_add($checks, sprintf( t('%s is writable'), TEMPLATE_BUILD_PATH), $status, true, $help);
check_add($checks, sprintf( t('%s is writable'), TEMPLATE_BUILD_PATH), $status, true, $help);
} }
/**
* @brief Check for store directory.
*
* @param[out] array &$checks
*/
function check_store(&$checks) { function check_store(&$checks) {
$status = true; $status = true;
$help = ""; $help = '';
@os_mkdir(TEMPLATE_BUILD_PATH,STORAGE_DEFAULT_PERMISSIONS,true); @os_mkdir(TEMPLATE_BUILD_PATH, STORAGE_DEFAULT_PERMISSIONS, true);
if( !is_writable('store') ) { if(! is_writable('store')) {
$status = false;
$status=false;
$help = t('Red uses the store directory to save uploaded files. The web server needs to have write access to the store directory under the Red top level folder') . EOL; $help = t('Red uses the store directory to save uploaded files. The web server needs to have write access to the store directory under the Red top level folder') . EOL;
$help .= t('Please ensure that the user that your web server runs as (e.g. www-data) has write access to this folder.').EOL; $help .= t('Please ensure that the user that your web server runs as (e.g. www-data) has write access to this folder.').EOL;
} }
check_add($checks, t('store is writable'), $status, true, $help);
check_add($checks, t('store is writable'), $status, true, $help);
} }
/**
* @brief Check URL rewrite und SSL certificate.
*
* @param[out] array &$checks
*/
function check_htaccess(&$checks) { function check_htaccess(&$checks) {
$a = get_app(); $a = get_app();
$status = true; $status = true;
$help = ""; $help = '';
$ssl_error = false; $ssl_error = false;
$url = $a->get_baseurl() . '/setup/testrewrite'; $url = $a->get_baseurl() . '/setup/testrewrite';
if (function_exists('curl_init')){ if (function_exists('curl_init')){
$test = z_fetch_url($url); $test = z_fetch_url($url);
if(! $test['success']) { if(! $test['success']) {
if(strstr($url,'https://')) { if(strstr($url,'https://')) {
$test = z_fetch_url($url,false,0,array('novalidate' => true)); $test = z_fetch_url($url,false,0,array('novalidate' => true));
@ -581,26 +649,27 @@ function check_htaccess(&$checks) {
$help .= t('This can cause usability issues elsewhere (not just on your own site) so we must insist on this requirement.') .EOL; $help .= t('This can cause usability issues elsewhere (not just on your own site) so we must insist on this requirement.') .EOL;
$help .= t('Providers are available that issue free certificates which are browser-valid.'). EOL; $help .= t('Providers are available that issue free certificates which are browser-valid.'). EOL;
check_add($checks, t('SSL certificate validation'),false,true, $help); check_add($checks, t('SSL certificate validation'), false, true, $help);
} }
} }
if ((! $test['success']) || ($test['body'] != "ok")) { if ((! $test['success']) || ($test['body'] != "ok")) {
$status = false; $status = false;
$help = t('Url rewrite in .htaccess is not working. Check your server configuration.'.'Test: '.var_export($test,true)); $help = t('Url rewrite in .htaccess is not working. Check your server configuration.'.'Test: '.var_export($test,true));
} }
check_add($checks, t('Url rewrite is working'), $status, true, $help);
} else { check_add($checks, t('Url rewrite is working'), $status, true, $help);
// cannot check modrewrite if libcurl is not installed } else {
} // cannot check modrewrite if libcurl is not installed
}
} }
function manual_config(&$a) { function manual_config(&$a) {
$data = htmlspecialchars($a->data['txt'],ENT_COMPAT,'UTF-8'); $data = htmlspecialchars($a->data['txt'], ENT_COMPAT, 'UTF-8');
$o = t('The database configuration file ".htconfig.php" could not be written. Please use the enclosed text to create a configuration file in your web server root.'); $o = t('The database configuration file ".htconfig.php" could not be written. Please use the enclosed text to create a configuration file in your web server root.');
$o .= "<textarea rows=\"24\" cols=\"80\" >$data</textarea>"; $o .= "<textarea rows=\"24\" cols=\"80\" >$data</textarea>";
return $o; return $o;
} }
@ -619,50 +688,47 @@ function load_database($db) {
$arr = explode(';',$str); $arr = explode(';',$str);
$errors = false; $errors = false;
foreach($arr as $a) { foreach($arr as $a) {
if(strlen(trim($a))) { if(strlen(trim($a))) {
$r = @$db->q(trim($a)); $r = @$db->q(trim($a));
if(! $r) { if(! $r) {
$errors .= t('Errors encountered creating database tables.') . $a . EOL; $errors .= t('Errors encountered creating database tables.') . $a . EOL;
} }
} }
} }
return $errors; return $errors;
} }
function what_next() { function what_next() {
$a = get_app(); $a = get_app();
// install the standard theme // install the standard theme
set_config('system','allowed_themes','redbasic'); set_config('system', 'allowed_themes', 'redbasic');
// Set a lenient list of ciphers if using openssl. Other ssl engines // Set a lenient list of ciphers if using openssl. Other ssl engines
// (e.g. NSS used in RedHat) require different syntax, so hopefully // (e.g. NSS used in RedHat) require different syntax, so hopefully
// the default curl cipher list will work for most sites. If not, // the default curl cipher list will work for most sites. If not,
// this can set via config. Many distros are now disabling RC4, // this can set via config. Many distros are now disabling RC4,
// but many Red sites still use it and are unable to change it. // but many Red sites still use it and are unable to change it.
// We do not use SSL for encryption, only to protect session cookies. // We do not use SSL for encryption, only to protect session cookies.
// z_fetch_url() is also used to import shared links and other content // z_fetch_url() is also used to import shared links and other content
// so in theory most any cipher could show up and we should do our best // so in theory most any cipher could show up and we should do our best
// to make the content available rather than tell folks that there's a // to make the content available rather than tell folks that there's a
// weird SSL error which they can't do anything about. // weird SSL error which they can't do anything about.
$x = curl_version(); $x = curl_version();
if(stristr($x['ssl_version'],'openssl')) if(stristr($x['ssl_version'],'openssl'))
set_config('system','curl_ssl_ciphers','ALL:!eNULL'); set_config('system','curl_ssl_ciphers','ALL:!eNULL');
// Create a system channel // Create a system channel
require_once ('include/identity.php'); require_once ('include/identity.php');
create_sys_channel(); create_sys_channel();
$baseurl = $a->get_baseurl(); $baseurl = $a->get_baseurl();
return return
t('<h1>What next</h1>') t('<h1>What next</h1>')
."<p>".t('IMPORTANT: You will need to [manually] setup a scheduled task for the poller.') ."<p>".t('IMPORTANT: You will need to [manually] setup a scheduled task for the poller.')
.t('Please see the file "install/INSTALL.txt".') .t('Please see the file "install/INSTALL.txt".')
."</p><p>" ."</p><p>"
.t("Go to your new Red node <a href='$baseurl/register'>registration page</a> and register as new user. Remember to use the same email you have entered as administrator email. This will allow you to enter the site admin panel.") .t("Go to your new Red node <a href='$baseurl/register'>registration page</a> and register as new user. Remember to use the same email you have entered as administrator email. This will allow you to enter the site admin panel.")
."</p>"; ."</p>";
} }