aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--install.php211
1 files changed, 113 insertions, 98 deletions
diff --git a/install.php b/install.php
index 467d9075f..706fba2ea 100644
--- a/install.php
+++ b/install.php
@@ -65,6 +65,27 @@ function guess_lang()
return 'en_EN';
}
+function execute_sqlfile( $filepath, $replaced, $replacing )
+{
+ $sql_lines = file( $filepath );
+ $query = '';
+ foreach ( $sql_lines as $sql_line ) {
+ $sql_line = trim( $sql_line );
+ if ( preg_match( '/(^--|^$)/', $sql_line ) ) continue;
+ $query.= ' '.$sql_line;
+ // if we reached the end of query, we execute it and reinitialize the
+ // variable "query"
+ if ( preg_match( '/;$/', $sql_line ) )
+ {
+ $query = trim( $query );
+ $query = str_replace( $replaced, $replacing, $query );
+ // we don't execute "DROP TABLE" queries
+ if ( !preg_match( '/^DROP TABLE/i', $query ) ) mysql_query( $query );
+ $query = '';
+ }
+ }
+}
+
set_magic_quotes_runtime(0); // Disable magic_quotes_runtime
//
// addslashes to vars if magic_quotes_gpc is off this is a security
@@ -182,112 +203,106 @@ $step = 1;
//----------------------------------------------------- form analyze
if ( isset( $_POST['install'] ))
{
- if ( @mysql_connect( $_POST['dbhost'],
- $_POST['dbuser'],
- $_POST['dbpasswd'] ) )
+ if ( @mysql_connect( $_POST['dbhost'],
+ $_POST['dbuser'],
+ $_POST['dbpasswd'] ) )
+ {
+ if ( @mysql_select_db($_POST['dbname'] ) )
{
- if ( @mysql_select_db($_POST['dbname'] ) )
- {
- array_push( $infos, $lang['step1_confirmation'] );
- }
- else
- {
- array_push( $errors, $lang['step1_err_db'] );
- }
+ array_push( $infos, $lang['step1_confirmation'] );
}
else
{
- array_push( $errors, $lang['step1_err_server'] );
+ array_push( $errors, $lang['step1_err_db'] );
}
-
- $webmaster = trim(preg_replace( '/\s{2,}/', ' ', $admin_name ));
- if ( empty($webmaster))
- array_push( $errors, $lang['step2_err_login1'] );
- else if ( preg_match( '/[\'"]/', $webmaster ) )
- array_push( $errors, $lang['step2_err_login3'] );
- if ( $admin_pass1 != $admin_pass2 || empty($admin_pass1) )
- array_push( $errors, $lang['step2_err_pass'] );
- if ( empty($admin_mail))
- array_push( $errors, $lang['reg_err_mail_address'] );
- else
- {
- $error_mail_address = validate_mail_address($admin_mail);
- if (!empty($error_mail_address)) array_push( $errors, $error_mail_address );
- }
-
- if ( count( $errors ) == 0 )
+ }
+ else
+ {
+ array_push( $errors, $lang['step1_err_server'] );
+ }
+
+ $webmaster = trim(preg_replace( '/\s{2,}/', ' ', $admin_name ));
+ if ( empty($webmaster))
+ array_push( $errors, $lang['step2_err_login1'] );
+ else if ( preg_match( '/[\'"]/', $webmaster ) )
+ array_push( $errors, $lang['step2_err_login3'] );
+ if ( $admin_pass1 != $admin_pass2 || empty($admin_pass1) )
+ array_push( $errors, $lang['step2_err_pass'] );
+ if ( empty($admin_mail))
+ array_push( $errors, $lang['reg_err_mail_address'] );
+ else
+ {
+ $error_mail_address = validate_mail_address($admin_mail);
+ if (!empty($error_mail_address))
+ array_push( $errors, $error_mail_address );
+ }
+
+ if ( count( $errors ) == 0 )
+ {
+ $step = 2;
+ $file_content = "<?php";
+ $file_content.= "\n\$dbname = '". $dbname."';";
+ $file_content.= "\n\$dbuser = '". $dbuser."';";
+ $file_content.= "\n\$dbpasswd = '". $dbpasswd."';";
+ $file_content.= "\n\$dbhost = '". $dbhost."';";
+ $file_content.= "\n";
+ $file_content.= "\n\$table_prefix = '".$table_prefix."';";
+ $file_content.= "\n";
+ $file_content.= "\ndefine('PHPWG_INSTALLED', true);";
+ $file_content.= "\n?".">";
+
+ @umask(0111);
+ // writing the configuration file
+ if ( !($fp = @fopen( $config_file, 'w' )))
{
- $step = 2;
- $file_content = "<?php";
- $file_content.= "\n\$dbname = '". $dbname."';";
- $file_content.= "\n\$dbuser = '". $dbuser."';";
- $file_content.= "\n\$dbpasswd = '". $dbpasswd."';";
- $file_content.= "\n\$dbhost = '". $dbhost."';";
- $file_content.= "\n";
- $file_content.= "\n\$table_prefix = '".$table_prefix."';";
- $file_content.= "\n";
- $file_content.= "\ndefine('PHPWG_INSTALLED', true);";
- $file_content.= "\n?".">";
-
- @umask(0111);
- // writing the configuration file
- if ( !($fp = @fopen( $config_file, 'w' )))
- {
- $html_content = htmlentities( $file_content, ENT_QUOTES );
- $html_content = nl2br( $html_content );
- $template->assign_block_vars('error_copy',array('FILE_CONTENT'=>$html_content));
- }
- @fputs($fp, $file_content, strlen($file_content));
- @fclose($fp);
-
- // tables creation, based on phpwebgallery_structure.sql
- $sql_lines = file( './admin/phpwebgallery_structure.sql' );
- $query = '';
- foreach ( $sql_lines as $sql_line )
- {
- $sql_line = trim( $sql_line );
- if ( preg_match( '/(^--|^$)/', $sql_line ) ) continue;
- $query.= ' '.$sql_line;
- // if we reached the end of query, we execute it and reinitialize the
- // variable "query"
- if ( preg_match( '/;$/', $sql_line ) )
- {
- $query = trim( $query );
- $query = str_replace( 'phpwebgallery_', $table_prefix, $query );
- // we don't execute "DROP TABLE" queries
- if ( !preg_match( '/^DROP TABLE/i', $query ) ) mysql_query( $query );
- $query = '';
- }
- }
-
- // We fill the tables with basic informations
- $query = 'DELETE FROM '.CONFIG_TABLE;
- mysql_query( $query );
-
- $query = 'INSERT INTO '.CONFIG_TABLE;
- $query.= ' (webmaster,mail_webmaster) VALUES ';
- $query.= " ('".$admin_name."','".$admin_mail."');";
- mysql_query( $query );
-
- $query = 'INSERT INTO '.SITES_TABLE;
- $query.= " (id,galleries_url) VALUES (1, './galleries/');";
- mysql_query( $query );
+ $html_content = htmlentities( $file_content, ENT_QUOTES );
+ $html_content = nl2br( $html_content );
+ $template->assign_block_vars('error_copy',
+ array('FILE_CONTENT'=>$html_content));
+ }
+ @fputs($fp, $file_content, strlen($file_content));
+ @fclose($fp);
+
+ // tables creation, based on phpwebgallery_structure.sql
+ execute_sqlfile( './install/phpwebgallery_structure.sql'
+ , 'phpwebgallery_'
+ , $table_prefix );
+ // We fill the tables with basic informations
+ execute_sqlfile( './install/config.sql'
+ , 'phpwebgallery_'
+ , $table_prefix );
- // webmaster admin user
- $query = 'INSERT INTO '.USERS_TABLE;
- $query.= ' (id,username,password,status,language,mail_address) VALUES ';
- $query.= "(1,'".$admin_name."','".md5( $admin_pass1 )."'";
- $query.= ",'admin','".$language."'";
- $query.= ",'".$admin_mail."');";
- mysql_query($query);
+ $query = 'UPDATE '.CONFIG_TABLE;
+ $query.= " SET value = '".$admin_name."'";
+ $query.= " WHERE param = 'webmaster'";
+ $query.= ';';
+ mysql_query( $query );
- // guest user
- $query = 'INSERT INTO '.USERS_TABLE;
- $query.= '(id,username,password,status,language) VALUES ';
- $query.= "(2,'guest','','guest','".$language."')";
- $query.= ';';
- mysql_query( $query );
- }
+ $query = 'UPDATE '.CONFIG_TABLE;
+ $query.= " SET value = '".$admin_mail."'";
+ $query.= " WHERE param = 'mail_webmaster'";
+ $query.= ';';
+ mysql_query( $query );
+
+ $query = 'INSERT INTO '.SITES_TABLE;
+ $query.= " (id,galleries_url) VALUES (1, './galleries/');";
+ mysql_query( $query );
+
+ // webmaster admin user
+ $query = 'INSERT INTO '.USERS_TABLE;
+ $query.= ' (id,username,password,status,language,mail_address) VALUES ';
+ $query.= "(1,'".$admin_name."','".md5( $admin_pass1 )."'";
+ $query.= ",'admin','".$language."'";
+ $query.= ",'".$admin_mail."');";
+ mysql_query($query);
+
+ // guest user
+ $query = 'INSERT INTO '.USERS_TABLE;
+ $query.= '(id,username,password,status,language) VALUES ';
+ $query.= "(2,'guest','','guest','".$language."')";
+ $query.= ';';
+ mysql_query( $query );
+ }
}
$template->assign_vars(array(