ave-cms-team/ave-cms
2
0
Fork 0
mirror of https://github.com/avecms/AVE.cms.git synced 2025-01-22 07:20:07 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
ave-cms/install/index.php
M@d D3n 023e108c2e Fixes
2020-02-26 21:59:06 +03:00

659 lines
21 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
/**
* AVE.cms
*
* @package AVE.cms
* @version 3.x
* @filesource
* @copyright © 2007-2014 AVE.cms, http://www.ave-cms.ru
*
* @license GPL v.2
*/
/**
* Проверка подключения к БД
*
* @param string $dbhost
* @param string $dbuser
* @param string $dbpass
*
* @return bool
*/
function check_mysql_connect ($dbhost = '', $dbuser = '', $dbpass = '')
{
if ($dbhost != '' && $dbuser != '')
if (@mysqli_connect($dbhost, $dbuser, $dbpass))
return true;
return false;
}
/**
* Проверка запроса к БД
*
* @param object $mysql_connect
* @param string $sql
*
* @return bool
*/
function check_mysql_query ($mysql_connect, $sql = '')
{
if ($sql != '' && $mysql_connect != '')
if (@mysqli_query($mysql_connect, $sql))
return true;
return false;
}
/**
* @param string $dbhost
* @param string $dbuser
* @param string $dbpass
* @param string $dbname
*
* @return bool
*/
function check_db_connect ($dbhost = '', $dbuser = '', $dbpass = '', $dbname = '')
{
if ($dbhost != '' && $dbuser != '' && $dbname != '')
if (@mysqli_select_db(@mysqli_connect($dbhost, $dbuser, $dbpass), $dbname))
return true;
return false;
}
/**
* @param $prefix
*
* @return bool
*/
function check_installed ($prefix)
{
global $config;
$mysql = @mysqli_connect($config['dbhost'], $config['dbuser'], $config['dbpass'], $config['dbname']);
$query = @mysqli_query($mysql, "SELECT 1 FROM " . $prefix . "_users LIMIT 1");
if (@mysqli_num_rows($query))
return true;
else
return false;
}
/**
*
*/
function check_required ()
{
global $error_is_required, $lang_i;
$required_php = 522;
$required = array();
$required[] = '/install/eula/ru.tpl';
foreach ($required as $is_required)
{
if (@!is_file(BASE_DIR . $is_required))
array_push($error_is_required, $lang_i['error_is_required'] . $is_required . $lang_i['error_is_required_2'] );
}
$myphp = @PHP_VERSION;
if ($myphp)
{
$myphp_v = str_replace('.', '', $myphp);
if ($myphp_v < $required_php)
array_push($error_is_required, $lang_i['phpversion_toold'] . $required_php);
}
}
/**
*
*/
function check_writable ()
{
global $error_is_required, $lang_i;
$writeable = array();
$writeable[] = '/tmp/';
$writeable[] = '/tmp/cache/';
$writeable[] = '/uploads/';
$writeable[] = '/config/db.config.php';
foreach ($writeable as $must_writeable)
{
if (! is_writable(BASE_DIR . $must_writeable))
array_push($error_is_required, $lang_i['error_is_writeable'] . $must_writeable . $lang_i['error_is_writeable_2'] );
}
}
/**
* @param string $name
* @param string $prefix
* @param $mysql_connect
*/
function clean_db ($name, $prefix, $mysql_connect)
{
@mysqli_select_db($mysql_connect, $name);
$query = @mysqli_query($mysql_connect, "SHOW TABLES FROM " . $name);
while ($row = @mysqli_fetch_array($query, MYSQLI_NUM))
if (preg_match("/^" . $prefix . "/", $row[0]))
@mysqli_query($mysql_connect ,"DROP TABLE " . $row[0]);
}
/**
* Convert size from 10M to bytes
*
* @param string $str e.g. 10M
* @return int
*/
function convertSizeToBytes($str)
{
$str = trim($str);
if (strlen($str) > 0)
{
$cLastAlpha = strtolower(substr($str, -1));
$size = intval($str);
switch($cLastAlpha)
{
case 't':
$size *= 1024;
case 'g':
$size *= 1024;
case 'm':
$size *= 1024;
case 'k':
$size *= 1024;
}
}
else
{
$size = 0;
}
return $size;
}
/**
* Get GD version
* @return string
*/
function getGdVersion()
{
if (function_exists('gd_info'))
{
$gd_info = @gd_info();
return preg_replace('/[^0-9\.]/', '', $gd_info['GD Version']);
}
return NULL;
}
/**
* Get PCRE version
* @return string
*/
function getPcreVersion()
{
defined('PCRE_VERSION')
? list($version) = explode(' ', constant('PCRE_VERSION'))
: $version = NULL;
return $version;
}
/**
* Get MySQL version
* @return string
*/
function getMySQLVersion() {
$output = mysqli_get_client_info();
preg_match('@[0-9]+\.[0-9]+\.[0-9]+@', $output, $version);
return $version[0];
}
/**
* @param $level
* @param $text
*
* @return string
*/
function check_param($level, $text)
{
$level = intval($level);
switch ($level)
{
//Параметр не соответствует.
case 2:
$img = 'ico_delete';
break;
//Несоответствие, не влияющее на функционирование системы.
case 1:
$img = 'ico_ok';
break;
//Параметр соответствует.
case 0:
$img = 'ico_ok_green';
break;
//По умолчанию
default:
$img = 'ico_ok_noproblem';
break;
}
return $img;
}
/* @subpackage install */
error_reporting(E_ERROR);
ini_set('display_errors', 7);
global $config;
ob_start();
define('SETUP', 1);
define('BASE_DIR', str_replace("\\", "/", dirname(dirname(__FILE__))));
//-- Debug Class
require (BASE_DIR . '/class/class.debug.php');
$Debug = new Debug;
if (! is_writable(BASE_DIR . '/tmp/cache/smarty/'))
die('Cache folder is not writeable!');
include (BASE_DIR . '/config/db.config.php');
include (BASE_DIR . '/inc/config.php');
include (BASE_DIR . '/functions/func.common.php');
include (BASE_DIR . '/functions/func.logs.php');
include (BASE_DIR . '/functions/func.helpers.php');
include (BASE_DIR . '/class/class.template.php');
$AVE_Template = new AVE_Template(BASE_DIR . '/install/tpl/');
$lang_file = BASE_DIR . '/install/lang/ru.txt';
$AVE_Template->config_load($lang_file);
$ver = APP_NAME . ' v' . APP_VERSION;
$db_connect = check_db_connect($config['dbhost'], $config['dbuser'], $config['dbpass'], $config['dbname']);
$check_installed = check_installed($config['dbpref']);
if ((true === $db_connect) && $_REQUEST['step'] != 'finish' && check_installed($config['dbpref']))
{
echo '<pre>' . $AVE_Template->get_config_vars('installed') . '</pre>';
exit;
};
$error_is_required = array();
check_required();
check_writable();
// include_once(BASE_DIR . '/inc/errors.php');
$count_error = sizeof((array) $error_is_required);
if (1 == $count_error)
{
$AVE_Template->assign('error_header', $AVE_Template->get_config_vars('erroro'));
}
elseif ($count_error > 1)
{
$AVE_Template->assign('error_header', $AVE_Template->get_config_vars('erroro_more'));
}
if ($count_error > 0 && ! (isset($_REQUEST['force']) && 1 == $_REQUEST['force']))
{
$AVE_Template->assign('error_is_required', $error_is_required);
$AVE_Template->display('error.tpl');
exit;
}
$_REQUEST['step'] = isset($_REQUEST['step']) ? $_REQUEST['step'] : '';
// Минимальные требования к системе
define('PHP_version', '5.6');
define('MySQL_version', '5.0.0');
define('GD_version', '2.0');
define('PCRE_version', '7.0');
define('JSON', $AVE_Template->get_config_vars('mess_on'));
define('MbString', $AVE_Template->get_config_vars('mess_on'));
define('SimpleXML', $AVE_Template->get_config_vars('mess_on'));
define('Iconv', $AVE_Template->get_config_vars('mess_on'));
define('XSLT', $AVE_Template->get_config_vars('mess_supported'));
define('Data_limit', '2'); // Mb
define('TIME_limit', '30'); // Sec
define('DISC_space', '30'); // Mb
define('RAM_space', '32M'); // Mb
define('SAFE_MODE', $AVE_Template->get_config_vars('mess_off'));
define('REGISTER_GLOBALS', $AVE_Template->get_config_vars('mess_off'));
define('MAGIC_QUOTES_GPC', $AVE_Template->get_config_vars('mess_off'));
switch ($_REQUEST['step'])
{
//Начало
case '' :
//Шаг 1
case '1' :
$AVE_Template->display('step1.tpl');
break;
//Шаг 2
case '2' :
$AVE_Template->display('step2.tpl');
break;
//Шаг 3
case '3' :
$test['php_version'] = phpversion();
$test['mysql_version'] = getMySQLVersion();
$test['gd_version'] = getGdVersion();
$test['pcre_version'] = getPcreVersion();
$test['json'] = function_exists('json_encode') ? $AVE_Template->get_config_vars('mess_on') : $AVE_Template->get_config_vars('mess_off');
$test['simplexml'] = function_exists('simplexml_load_string') ? $AVE_Template->get_config_vars('mess_on') : $AVE_Template->get_config_vars('mess_off');
$test['mbstring'] = function_exists('mb_internal_encoding') ? $AVE_Template->get_config_vars('mess_on') : $AVE_Template->get_config_vars('mess_off');
$test['iconv'] = function_exists('iconv') ? $AVE_Template->get_config_vars('mess_on') : $AVE_Template->get_config_vars('mess_off');
$test['xslt'] = (function_exists('xslt_create') || function_exists('domxml_xslt_stylesheet') || (class_exists('DomDocument') && class_exists('XsltProcessor'))) ? XSLT : $AVE_Template->get_config_vars('mess_unsupported');
$test['data_limit'] = ini_get('post_max_size') ? ini_get('post_max_size') : $AVE_Template->get_config_vars('mess_undefined');
$test['time_limit'] = ini_get('max_execution_time') ? ini_get('max_execution_time') : $AVE_Template->get_config_vars('mess_undefined');
$test['disk_space'] = round(@disk_free_space($_SERVER['DOCUMENT_ROOT']) / 1024 / 1024, 2);
$test['memmory_limit'] = ini_get('memory_limit') ? ini_get('memory_limit') : $AVE_Template->get_config_vars('mess_undefined');
$test['s_m'] = (ini_get('safe_mode') == 1) ? $AVE_Template->get_config_vars('mess_on') : $AVE_Template->get_config_vars('mess_off');
$test['r_g'] = (ini_get('register_globals') == 1) ? $AVE_Template->get_config_vars('mess_on') : $AVE_Template->get_config_vars('mess_off');
$test['m_q'] = (ini_get('magic_quotes_gpc') == 1 || ini_get('magic_quotes_runtime') == 1 || ini_get('magic_quotes_sybase') == 1) ? $AVE_Template->get_config_vars('mess_on') : $AVE_Template->get_config_vars('mess_off');
$check['php_version'] = check_param(version_compare(phpversion(), PHP_version, ">=") ? 0 : 2, $test['php_version']);
$check['mysql_version'] = check_param(version_compare(getMySQLVersion(), MySQL_version, ">=") ? 0 : 2, $test['mysql_version']);
$check['gd_version'] = check_param(version_compare($test['gd_version'], GD_version, ">=") ? 0 : 2, $test['gd_version']);
$check['pcre_version'] = check_param(version_compare($test['pcre_version'], PCRE_version, ">=") ? 0 : 2, $test['pcre_version']);
$check['mbstring'] = check_param(function_exists('mb_internal_encoding') ? 0 : 2, $test['mbstring']);
$check['json'] = check_param(function_exists('json_encode') ? 0 : 2, $test['json']);
$check['simplexml'] = check_param(function_exists('simplexml_load_string') ? 0 : 2, $test['simplexml']);
$check['iconv'] = check_param(function_exists('iconv') ? 0 : 2, $test['iconv']);
$check['xslt'] = check_param(($test['xslt'] == XSLT) ? 0 : 2, $test['xslt']);
$check['data_limit'] = check_param(($test['data_limit'] != $AVE_Template->get_config_vars('mess_undefined') && version_compare($test['data_limit'], Data_limit, ">=")) ? 0 : 2, $test['data_limit']);
$check['time_limit'] = check_param(($test['time_limit'] != $AVE_Template->get_config_vars('mess_undefined') && $test['time_limit'] >= TIME_limit) ? 0 : 2, ($test['time_limit'] != $AVE_Template->get_config_vars('mess_undefined')) ? $test['time_limit'] . " " . $AVE_Template->get_config_vars('seconds') : $t_l);
$check['disk_space'] = check_param(($test['disk_space'] != $AVE_Template->get_config_vars('mess_undefined') && $test['disk_space'] >= DISC_space) ? 0 : 2, ($test['disk_space'] != $AVE_Template->get_config_vars('mess_undefined')) ? $test['disk_space'].$AVE_Template->get_config_vars('megabytes') : $test['disk_space']);
$check['memmory_limit'] = check_param(($test['memmory_limit'] != $AVE_Template->get_config_vars('mess_undefined') && convertSizeToBytes($test['memmory_limit']) >= convertSizeToBytes(RAM_space)) ? 0 : (($test['memmory_limit'] != $AVE_Template->get_config_vars('mess_undefined')) ? 2 : 1), $test['memmory_limit']);
$check['s_m'] = check_param(($test['s_m'] == SAFE_MODE) ? 0 : 1, $test['s_m']);
$check['r_g'] = check_param(($test['r_g'] == REGISTER_GLOBALS) ? 0 : 1, $test['r_g']);
$check['m_q'] = check_param(($test['m_q'] == MAGIC_QUOTES_GPC) ? 0 : 1, $test['m_q']);
$AVE_Template->assign('check', $check);
$AVE_Template->assign('test', $test);
$AVE_Template->display('step3.tpl');
break;
//Шаг 4
case '4' :
if (!empty($_POST['dbname']) && !empty($_POST['dbprefix']))
{
$db_connect = check_db_connect($_POST['dbhost'], $_POST['dbuser'], $_POST['dbpass'], $_POST['dbname']);
if (true === $db_connect) {
$mysql_connect = @mysqli_connect($_POST['dbhost'], $_POST['dbuser'], $_POST['dbpass']);
@mysqli_select_db($mysql_connect, $_POST['dbname']);
}
// Очищаем бд (по префиксу)
if (isset($_REQUEST["dbclean"]) && $_REQUEST["dbclean"] == "1") {
clean_db($_POST['dbname'], $_POST['dbprefix'], $mysql_connect);
}
// Создать новую БД
if (isset($_REQUEST['dbcreat']))
{
$link = check_mysql_connect($_POST['dbhost'], $_POST['dbuser'], $_POST['dbpass']);
if (false === $link)
$AVE_Template->assign('warning', $AVE_Template->get_config_vars('error_is_link') . mysqli_error());
else
$mysqli_connect = @mysqli_connect($_POST['dbhost'], $_POST['dbuser'], $_POST['dbpass']);
if (false === $db_connect)
{
@mysqli_query($mysqli_connect, "SET collation_server = 'utf8_general_ci'");
@mysqli_query($mysqli_connect, "SET character_set_server = 'utf8'");
$sql = 'CREATE DATABASE ' . $_POST['dbname'];
if (false === check_mysql_query($mysqli_connect, $sql))
$AVE_Template->assign('warning', $AVE_Template->get_config_vars('error_is_create') . mysqli_error() . "\n");
}
}
$check_installed = check_installed($_POST['dbprefix']);
$connect = check_db_connect($_POST['dbhost'], $_POST['dbuser'], $_POST['dbpass'], $_POST['dbname']);
$config = [
'dbhost' => $_POST['dbhost'],
'dbuser' => $_POST['dbuser'],
'dbpass' => $_POST['dbpass'],
'dbname' => $_POST['dbname'],
'dbpref' => $_POST['dbpref'],
'dbport' => null,
'dbsock' => null
];
if (true === $connect && false === $check_installed)
{
if (! @is_writeable(BASE_DIR . '/config/db.config.php'))
{
$AVE_Template->assign('config_isnt_writeable', 1);
$AVE_Template->display('error.tpl');
exit;
}
$fp = @fopen(BASE_DIR . '/config/db.config.php', 'w+');
// Записываем данные для подключения
@fwrite($fp, "<?php\n"
. "\t\$config = [\n"
. "\t\t'dbhost' => \"" . stripslashes(trim($_POST['dbhost'])) . "\",\n"
. "\t\t'dbuser' => \"" . stripslashes(trim($_POST['dbuser'])) . "\",\n"
. "\t\t'dbpass' => \"" . stripslashes(trim($_POST['dbpass'])) . "\",\n"
. "\t\t'dbname' => \"" . stripslashes(trim($_POST['dbname'])) . "\",\n"
. "\t\t'dbpref' => \"" . stripslashes(trim($_POST['dbprefix'])) . "\",\n"
. "\t\t'dbport' => null,\n"
. "\t\t'dbsock' => null\n"
. "\t];\n"
. "?>"
);
@fclose($fp);
//-- Если параметры не указаны, прерываем работу
if (! file_exists(BASE_DIR . '/config/db.config.php') || ! filesize(BASE_DIR . '/config/db.config.php'))
die('Not writing config file');
// Класс для работы с БД
require_once (BASE_DIR . '/class/class.database.php');
//-- Подключаем конфигурационный файл с параметрами подключения
require_once (BASE_DIR . '/config/db.config.php');
//-- Если не существует объекта по работе с БД
if (! isset($AVE_DB))
{
//-- Если параметры не указаны, прерываем работу
if (! isset($config) || empty($config))
die('No config data');
//-- Если константа префикса таблиц не задана, принудительно определяем ее на основании параметров в файле db.config.php
if (! defined('PREFIX'))
define('PREFIX', $config['dbpref']);
//-- Создаем объект для работы с БД
try {
$AVE_DB = AVE_DB::getInstance($config)
//-- Назначаем кодировку
->setCharset('utf8')
//-- Назначаем БД
->setDatabaseName($config['dbname']);
}
catch (AVE_DB_Exception $e)
{
ob_start();
header('HTTP/1.1 503 Service Temporarily Unavailable');
header('Status: 503 Service Temporarily Unavailable');
header('Retry-After: 3600');
header('X-Powered-By:');
echo $e->getMessage();
die;
}
unset ($config);
}
// Открываем файл структуры БД
$filename = BASE_DIR . '/install/structure_base.sql';
$handle = fopen($filename, 'r');
$db_structure = fread($handle, filesize($filename));
fclose($handle);
// Подставляем префикс
$db_structure = str_replace('%%PRFX%%', $_POST['dbprefix'], $db_structure);
// Массив запросов
$ar = explode('#inst#', $db_structure);
foreach ($ar as $sql)
if (! empty($sql))
$AVE_DB->Query($sql);
$AVE_Template->display('step5.tpl');
exit;
}
elseif (true === $connect && true === $check_installed)
$AVE_Template->assign('installed', $AVE_Template->get_config_vars('database_installed'));
else
$AVE_Template->assign('warning', $AVE_Template->get_config_vars('database_not_connect'));
}
else
{
$dbpref = make_random_string(5, 'abcdefghijklmnopqrstuvwxyz0123456789');
$AVE_Template->assign('dbpref', $dbpref);
}
$AVE_Template->display('step4.tpl');
break;
case '5' :
$_POST['email'] = chop($_POST['email']);
$_POST['username'] = chop($_POST['username']);
$regex_username = '/[^\w-]/';
$regex_password = '/[^\x20-\xFF]/';
$regex_email = '/^[\w.-]+@[a-z0-9.-]+\.(?:[a-z]{2}|com|org|net|edu|gov|mil|biz|info|mobi|name|aero|asia|jobs|museum)$/i';
// Класс для работы с БД
require_once (BASE_DIR . '/class/class.database.php');
//-- Если не существует объекта по работе с БД
if (! isset($AVE_DB))
{
//-- Подключаем конфигурационный файл с параметрами подключения
require_once (BASE_DIR . '/config/db.config.php');
//-- Если параметры не указаны, прерываем работу
if (! isset($config))
exit;
//-- Если константа префикса таблиц не задана, принудительно определяем ее на основании параметров в файле db.config.php
if (! defined('PREFIX'))
define('PREFIX', $config['dbpref']);
//-- Создаем объект для работы с БД
try {
$AVE_DB = AVE_DB::getInstance($config)
//-- Назначаем кодировку
->setCharset('utf8')
//-- Назначаем БД
->setDatabaseName($config['dbname']);
}
catch (AVE_DB_Exception $e)
{
ob_start();
header('HTTP/1.1 503 Service Temporarily Unavailable');
header('Status: 503 Service Temporarily Unavailable');
header('Retry-After: 3600');
header('X-Powered-By:');
echo $e->getMessage();
die;
}
}
$errors = array();
if ($_POST['email'] == '') array_push($errors, $AVE_Template->get_config_vars('noemail'));
if (! preg_match($regex_email, $_POST['email'])) array_push($errors, $AVE_Template->get_config_vars('email_no_specialchars'));
if (empty($_POST['pass']) || preg_match($regex_password, $_POST['pass'])) array_push($errors, $AVE_Template->get_config_vars('check_pass'));
if (strlen($_POST['pass']) < 5) array_push($errors, $AVE_Template->get_config_vars('pass_too_small'));
if (empty($_POST['username']) || preg_match($regex_username, $_POST['username'])) array_push($errors, $AVE_Template->get_config_vars('check_username'));
$AVE_Template->assign('errors', $errors);
if (true === $db_connect && ! sizeof($errors))
{
if (isset($_POST['demo']) && 1 == $_POST['demo'])
$filename = BASE_DIR . '/install/data_demo.sql';
else
$filename = BASE_DIR . '/install/data_base.sql';
$handle = fopen($filename, 'r');
$dbin = fread($handle, filesize($filename));
fclose($handle);
$salt = make_random_string();
$hash = md5(md5($_POST['pass'] . $salt));
$dbin = str_replace('%%SITENAME%%', $ver, $dbin);
$dbin = str_replace('%%PRFX%%', $config['dbpref'], $dbin);
$dbin = str_replace('%%EMAIL%%', $_POST['email'], $dbin);
$dbin = str_replace('%%SALT%%', $salt, $dbin);
$dbin = str_replace('%%PASS%%', $hash, $dbin);
$dbin = str_replace('%%TIME%%', time(), $dbin);
$dbin = str_replace('%%FIRSTNAME%%', $_POST['firstname'], $dbin);
$dbin = str_replace('%%LASTNAME%%', $_POST['lastname'], $dbin);
$dbin = str_replace('%%USERNAME%%', $_POST['username'], $dbin);
$ar = explode('#inst#', $dbin);
foreach ($ar as $sql)
if (! empty($sql))
$AVE_DB->Query($sql);
$AVE_Template->display('step6.tpl');
exit;
}
$AVE_Template->display('step5.tpl');
break;
}
?>
Reference in New Issue View Git Blame Copy Permalink