diff options
Diffstat (limited to '')
| -rw-r--r-- | admin/install.php | 442 |
1 files changed, 221 insertions, 221 deletions
diff --git a/admin/install.php b/admin/install.php index c87a63bbd..00058365f 100644 --- a/admin/install.php +++ b/admin/install.php @@ -14,9 +14,9 @@ * the Free Software Foundation; * * * ***************************************************************************/ - function header_install() - { - $output = " +function header_install() +{ + $output = " <html> <head> <title>PhpWebGallery 1.2</title> @@ -125,12 +125,12 @@ <table width=\"700\" class=\"table1\" style=\"margin:auto;\"> <tr> <td class=\"contenucellule\">"; - return $output; - } + return $output; +} - function footer_install() - { - $output = " +function footer_install() +{ + $output = " </td> </tr> </table> @@ -139,92 +139,92 @@ </table> </body> </html>"; - return $output; - } + return $output; +} - if ( isset( $HTTP_GET_VARS['language'] ) ) - { - $isadmin = true; - $lang = array(); - include( "../language/".$HTTP_GET_VARS['language'].".php" ); - } +if ( isset( $HTTP_GET_VARS['language'] ) ) +{ + $isadmin = true; + $lang = array(); + include( "../language/".$HTTP_GET_VARS['language'].".php" ); +} - /*---------------------------------------Step 1------------------------------------*/ - if ( $HTTP_GET_VARS['step'] == 1 ) - { - $erreur1 = true; - $message = ""; - // création du fichier de configuration de connexion à la BD mysql - if( isset( $HTTP_POST_VARS['cfgBase'] ) && isset( $HTTP_POST_VARS['cfgUser'] ) && isset( $HTTP_POST_VARS['cfgPassword'] ) && isset( $HTTP_POST_VARS['cfgHote'] ) ) - { - if ( @mysql_connect( $HTTP_POST_VARS['cfgHote'], $HTTP_POST_VARS['cfgUser'], $HTTP_POST_VARS['cfgPassword'] ) ) - { - if ( @mysql_select_db($HTTP_POST_VARS['cfgBase'] ) ) - { - $message.= "<div class=\"info\">".$lang['step1_confirmation']."</div>"; - $erreur1 = false; - } - else - { - $message.= "<div class=\"erreur\">".$lang['step1_err_db']."</div>"; - } - } - else - { - $message.= "<div class=\"erreur\">".$lang['step1_err_server']."</div>"; - } +/*---------------------------------------Step 1------------------------------------*/ +if ( $HTTP_GET_VARS['step'] == 1 ) +{ + $erreur1 = true; + $message = ""; + // création du fichier de configuration de connexion à la BD mysql + if( isset( $HTTP_POST_VARS['cfgBase'] ) && isset( $HTTP_POST_VARS['cfgUser'] ) && isset( $HTTP_POST_VARS['cfgPassword'] ) && isset( $HTTP_POST_VARS['cfgHote'] ) ) + { + if ( @mysql_connect( $HTTP_POST_VARS['cfgHote'], $HTTP_POST_VARS['cfgUser'], $HTTP_POST_VARS['cfgPassword'] ) ) + { + if ( @mysql_select_db($HTTP_POST_VARS['cfgBase'] ) ) + { + $message.= "<div class=\"info\">".$lang['step1_confirmation']."</div>"; + $erreur1 = false; + } + else + { + $message.= "<div class=\"erreur\">".$lang['step1_err_db']."</div>"; + } + } + else + { + $message.= "<div class=\"erreur\">".$lang['step1_err_server']."</div>"; + } - if ( !$erreur1 ) - { - // écriture du fichier de configuration - if ( $fp = @fopen("../include/mysql.inc.php","a+") ) - { - fwrite( $fp, "<?php\n\t\$cfgBase='".$HTTP_POST_VARS['cfgBase']."';\n\t\$cfgUser='".$HTTP_POST_VARS['cfgUser']."';\n\t\$cfgPassword='".$HTTP_POST_VARS['cfgPassword']."';\n\t\$cfgHote='".$HTTP_POST_VARS['cfgHote']."';\n\t\$prefixeTable='".$HTTP_POST_VARS['prefixe']."';\n?>" ); - fclose( $fp ); - } - $cfgHote = ""; - $cfgUser = ""; - $cfgPassword = ""; - $cfgBase = ""; - include ( "../include/mysql.inc.php" ); - $erreur2 = true; - if ( @mysql_connect( $cfgHote, $cfgUser, $cfgPassword ) ) - { - if ( @mysql_select_db ( $cfgBase ) ) - { - $erreur2 = false; - } - } - if ( $erreur2 ) - { - $message.="<br /><br />".$lang['step1_err_copy']." :<br /> + if ( !$erreur1 ) + { + // écriture du fichier de configuration + if ( $fp = @fopen("../include/mysql.inc.php","a+") ) + { + fwrite( $fp, "<?php\n\t\$cfgBase='".$HTTP_POST_VARS['cfgBase']."';\n\t\$cfgUser='".$HTTP_POST_VARS['cfgUser']."';\n\t\$cfgPassword='".$HTTP_POST_VARS['cfgPassword']."';\n\t\$cfgHote='".$HTTP_POST_VARS['cfgHote']."';\n\t\PREFIX_TABLE='".$HTTP_POST_VARS['prefixe']."';\n?>" ); + fclose( $fp ); + } + $cfgHote = ""; + $cfgUser = ""; + $cfgPassword = ""; + $cfgBase = ""; + include ( "../include/mysql.inc.php" ); + $erreur2 = true; + if ( @mysql_connect( $cfgHote, $cfgUser, $cfgPassword ) ) + { + if ( @mysql_select_db ( $cfgBase ) ) + { + $erreur2 = false; + } + } + if ( $erreur2 ) + { + $message.="<br /><br />".$lang['step1_err_copy']." :<br /> -----------------------------------------------------<br /> <div style=\"color:blue;\"><?php<br /> \$cfgBase = '".$HTTP_POST_VARS['cfgBase']."';<br /> \$cfgUser = '".$HTTP_POST_VARS['cfgUser']."';<br /> \$cfgPassword = '".$HTTP_POST_VARS['cfgPassword']."';<br /> \$cfgHote = '".$HTTP_POST_VARS['cfgHote']."';<br /> - \$prefixeTable = '".$HTTP_POST_VARS['prefixe']."';<br /> + \PREFIX_TABLE = '".$HTTP_POST_VARS['prefixe']."';<br /> ?></div> -----------------------------------------------------<br />"; - $message.= "<div style=\"text-align:center;\">".$lang['step1_err_copy_2']."<br />"; - $message.= "<a href=\"install.php?step=2&language=".$HTTP_GET_VARS['language']."\">".$lang['step1_err_copy_next']."</a></div>"; - } - else - { - $url = "install.php?step=2&language=".$HTTP_GET_VARS['language']; - header("Request-URI: $url"); - header("Content-Location: $url"); - header("Location: $url"); - exit(); - } - } - } + $message.= "<div style=\"text-align:center;\">".$lang['step1_err_copy_2']."<br />"; + $message.= "<a href=\"install.php?step=2&language=".$HTTP_GET_VARS['language']."\">".$lang['step1_err_copy_next']."</a></div>"; + } + else + { + $url = "install.php?step=2&language=".$HTTP_GET_VARS['language']; + header("Request-URI: $url"); + header("Content-Location: $url"); + header("Location: $url"); + exit(); + } + } + } - echo header_install(); - if ( isset( $message ) && $message != "" ) - { - echo" + echo header_install(); + if ( isset( $message ) && $message != "" ) + { + echo" <table width=\"100%\"> <tr> <th>".$lang['install_message']."</th> @@ -233,10 +233,10 @@ <td>$message</td> </tr> </table>"; - } - if ( $erreur1 ) - { - echo" + } + if ( $erreur1 ) + { + echo" <form method=\"post\" action=\"install.php?step=1&language=".$HTTP_GET_VARS['language']."\"> <table width=\"100%\"> <tr> @@ -248,15 +248,15 @@ <tr> <td>".$lang['step1_host']."</td> <td align=center><input type='text' name='cfgHote' value='"; - if ( !isset( $HTTP_POST_VARS['cfgHote'] ) ) - { - echo"localhost"; - } - else - { - echo $HTTP_POST_VARS['cfgHote']; - } - echo"'></td> + if ( !isset( $HTTP_POST_VARS['cfgHote'] ) ) + { + echo"localhost"; + } + else + { + echo $HTTP_POST_VARS['cfgHote']; + } + echo"'></td> <td class=\"row2\">".$lang['step1_host_info']."</td> </tr> <tr> @@ -277,15 +277,15 @@ <tr> <td>".$lang['step1_prefix']."</td> <td align=center><input type='text' name='prefixe' value='"; - if ( !isset( $HTTP_POST_VARS['prefixe'] ) ) - { - echo"phpwebgallery_"; - } - else - { - echo $HTTP_POST_VARS['prefixe']; - } - echo"'></td> + if ( !isset( $HTTP_POST_VARS['prefixe'] ) ) + { + echo"phpwebgallery_"; + } + else + { + echo $HTTP_POST_VARS['prefixe']; + } + echo"'></td> <td class=\"row2\">".$lang['step1_prefix_info']."</td> </tr> <tr> @@ -296,19 +296,19 @@ </tr> </table> </form>"; - } - echo footer_install(); - } - /*---------------------------------------Step 2------------------------------------*/ - else if ( $HTTP_GET_VARS['step'] == 2 ) - { - include( "../include/mysql.inc.php" ); - mysql_connect( $cfgHote, $cfgUser, $cfgPassword ) or die ( "erreur de connexion au serveur" ); - mysql_select_db( $cfgBase ) or die ( "erreur de connexion a la base de donnees" ); + } + echo footer_install(); +} +/*---------------------------------------Step 2------------------------------------*/ +else if ( $HTTP_GET_VARS['step'] == 2 ) +{ + include( "../include/mysql.inc.php" ); + mysql_connect( $cfgHote, $cfgUser, $cfgPassword ) or die ( "erreur de connexion au serveur" ); + mysql_select_db( $cfgBase ) or die ( "erreur de connexion a la base de donnees" ); - if ( !isset( $HTTP_POST_VARS['submit'] ) ) - { - $query = "CREATE TABLE ".$prefixeTable."categories ( + if ( !isset( $HTTP_POST_VARS['submit'] ) ) + { + $query = "CREATE TABLE ".PREFIX_TABLE."categories ( id tinyint(3) unsigned NOT NULL auto_increment, date_dernier date NOT NULL default '0000-00-00', nb_images smallint(5) unsigned NOT NULL default '0', @@ -321,8 +321,8 @@ site_id tinyint(4) unsigned NOT NULL default '1', PRIMARY KEY (id) );"; - mysql_query( $query ); - $query = "CREATE TABLE ".$prefixeTable."comments ( + mysql_query( $query ); + $query = "CREATE TABLE ".PREFIX_TABLE."comments ( id int(11) unsigned NOT NULL auto_increment, image_id smallint(5) unsigned NOT NULL default '0', date int(11) unsigned NOT NULL default '0', @@ -330,8 +330,8 @@ content longtext, PRIMARY KEY (id) );"; - mysql_query( $query ); - $query = "CREATE TABLE ".$prefixeTable."config ( + mysql_query( $query ); + $query = "CREATE TABLE ".PREFIX_TABLE."config ( periode_courte smallint(5) unsigned NOT NULL default '7', periode_longue smallint(5) unsigned NOT NULL default '14', prefixe_thumbnail varchar(10) NOT NULL default 'TN-', @@ -352,14 +352,14 @@ upload_maxwidth_thumbnail smallint(5) unsigned NOT NULL default '150', upload_maxheight_thumbnail smallint(5) unsigned NOT NULL default '100' );"; - mysql_query( $query ); - $query = "CREATE TABLE ".$prefixeTable."favorites ( + mysql_query( $query ); + $query = "CREATE TABLE ".PREFIX_TABLE."favorites ( user_id smallint(5) unsigned NOT NULL default '0', image_id smallint(5) unsigned NOT NULL default '0', KEY user_id (user_id,image_id) );"; - mysql_query( $query ); - $query = "CREATE TABLE ".$prefixeTable."history ( + mysql_query( $query ); + $query = "CREATE TABLE ".PREFIX_TABLE."history ( date int(11) NOT NULL default '0', login varchar(15) default NULL, IP varchar(50) NOT NULL default '', @@ -368,8 +368,8 @@ titre varchar(150) default NULL, commentaire varchar(200) default NULL );"; - mysql_query( $query ); - $query = "CREATE TABLE ".$prefixeTable."images ( + mysql_query( $query ); + $query = "CREATE TABLE ".PREFIX_TABLE."images ( id smallint(5) unsigned NOT NULL auto_increment, file varchar(255) NOT NULL default '', cat_id tinyint(3) unsigned NOT NULL default '0', @@ -386,29 +386,29 @@ PRIMARY KEY (id), KEY cat_id (cat_id) );"; - mysql_query( $query ); - $query = "CREATE TABLE ".$prefixeTable."restrictions ( + mysql_query( $query ); + $query = "CREATE TABLE ".PREFIX_TABLE."restrictions ( user_id smallint(5) unsigned NOT NULL default '0', cat_id tinyint(3) unsigned NOT NULL default '0', PRIMARY KEY (user_id,cat_id) );"; - mysql_query( $query ); - $query = "CREATE TABLE ".$prefixeTable."sessions ( + mysql_query( $query ); + $query = "CREATE TABLE ".PREFIX_TABLE."sessions ( id varchar(255) binary NOT NULL default '', user_id smallint(5) unsigned NOT NULL default '0', expiration int(10) unsigned NOT NULL default '0', ip varchar(255) NOT NULL default '', PRIMARY KEY (id) );"; - mysql_query( $query ); - $query = "CREATE TABLE ".$prefixeTable."sites ( + mysql_query( $query ); + $query = "CREATE TABLE ".PREFIX_TABLE."sites ( id tinyint(4) NOT NULL auto_increment, galleries_url varchar(255) NOT NULL default '', PRIMARY KEY (id), UNIQUE KEY galleries_url (galleries_url) );"; - mysql_query( $query ); - $query = "CREATE TABLE ".$prefixeTable."users ( + mysql_query( $query ); + $query = "CREATE TABLE ".PREFIX_TABLE."users ( id smallint(5) unsigned NOT NULL auto_increment, pseudo varchar(20) binary NOT NULL default '', password varchar(255) NOT NULL default '', @@ -423,8 +423,8 @@ PRIMARY KEY (id), UNIQUE KEY pseudo (pseudo) );"; - mysql_query( $query ); - $query = "CREATE TABLE ".$prefixeTable."waiting ( + mysql_query( $query ); + $query = "CREATE TABLE ".PREFIX_TABLE."waiting ( id int(10) unsigned NOT NULL auto_increment, cat_id tinyint(3) unsigned NOT NULL default '0', file varchar(255) NOT NULL default '', @@ -434,67 +434,67 @@ tn_ext char(3) default NULL, PRIMARY KEY (id) );"; - mysql_query( $query ); - } - if ( isset( $HTTP_POST_VARS['submit'] ) ) - { - $configuration = false; - $erreur = ""; - $nb_erreur = 0; - // le pseudo du webmaster ne doit pas - // 1. être vide - // 2. commencer ou se terminer par un espace - // 3. comporter les caractères ' ou " - // Notes sur le pseudo du webmaster : - // - lorsque l'on trouve plusieurs occurences - // consécutives du caractère espace, on réduit à une seule occurence - if ( $HTTP_POST_VARS['webmaster'] == "" ) - { - $erreur .= "<li>".$lang['step2_err_login1']."</li>"; - $nb_erreur++; - } - $webmaster = ereg_replace( "[ ]{2,}", " ", $HTTP_POST_VARS['webmaster'] ); - if ( ereg( "^.* $", $webmaster ) || ereg( "^ .*$", $webmaster) ) - { - $erreur .= "<li>".$lang['step2_err_login2']."</li>"; - $nb_erreur++; - } - if ( ereg( "'",$webmaster ) || ereg( "\"",$webmaster ) ) - { - $erreur .= "<li>".$lang['step2_err_login3']."</li>"; - $nb_erreur++; - } - // on vérifie que le password rentré correspond bien à la confirmation faite par l'utilisateur - if ( $HTTP_POST_VARS['pwdWebmaster'] != $HTTP_POST_VARS['pwdWebmasterConf'] ) - { - $erreur .= "<li>".$lang['step2_err_pass']."</li>"; - $nb_erreur++; - } - // le mail doit être conforme à qqch du type : nom@serveur.com - if( !ereg("([_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)+)", $HTTP_POST_VARS['mail_webmaster'] ) ) - { - $erreur .= "<li>".$lang['step2_err_mail']."</li>"; - $nb_erreur++; - } - // on met à jour les paramètres de l'application dans le cas où il n'y aucune erreur - if ( $nb_erreur == 0 ) - { - mysql_query( "delete from $prefixeTable"."config" ); - $query = "insert into $prefixeTable"."config (webmaster,mail_webmaster) values ('$webmaster','".$HTTP_POST_VARS['mail_webmaster']."')"; - mysql_query($query); - $query = "insert into $prefixeTable"."sites values (1, './galleries/');"; - mysql_query($query); - $query = "insert into $prefixeTable"."users (pseudo,password,status,language) values ('$webmaster','".md5( $pwdWebmaster )."','admin','".$HTTP_GET_VARS['language']."')"; - mysql_query($query); - mysql_query("insert into $prefixeTable"."users (pseudo,password,status,language) values ('visiteur','".md5( "" )."','visiteur','".$HTTP_GET_VARS['language']."')"); - $configuration = true; - } - } + mysql_query( $query ); + } + if ( isset( $HTTP_POST_VARS['submit'] ) ) + { + $configuration = false; + $erreur = ""; + $nb_erreur = 0; + // le pseudo du webmaster ne doit pas + // 1. être vide + // 2. commencer ou se terminer par un espace + // 3. comporter les caractères ' ou " + // Notes sur le pseudo du webmaster : + // - lorsque l'on trouve plusieurs occurences + // consécutives du caractère espace, on réduit à une seule occurence + if ( $HTTP_POST_VARS['webmaster'] == "" ) + { + $erreur .= "<li>".$lang['step2_err_login1']."</li>"; + $nb_erreur++; + } + $webmaster = ereg_replace( "[ ]{2,}", " ", $HTTP_POST_VARS['webmaster'] ); + if ( ereg( "^.* $", $webmaster ) || ereg( "^ .*$", $webmaster) ) + { + $erreur .= "<li>".$lang['step2_err_login2']."</li>"; + $nb_erreur++; + } + if ( ereg( "'",$webmaster ) || ereg( "\"",$webmaster ) ) + { + $erreur .= "<li>".$lang['step2_err_login3']."</li>"; + $nb_erreur++; + } + // on vérifie que le password rentré correspond bien à la confirmation faite par l'utilisateur + if ( $HTTP_POST_VARS['pwdWebmaster'] != $HTTP_POST_VARS['pwdWebmasterConf'] ) + { + $erreur .= "<li>".$lang['step2_err_pass']."</li>"; + $nb_erreur++; + } + // le mail doit être conforme à qqch du type : nom@serveur.com + if( !ereg("([_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)+)", $HTTP_POST_VARS['mail_webmaster'] ) ) + { + $erreur .= "<li>".$lang['step2_err_mail']."</li>"; + $nb_erreur++; + } + // on met à jour les paramètres de l'application dans le cas où il n'y aucune erreur + if ( $nb_erreur == 0 ) + { + mysql_query( "delete from PREFIX_TABLE"."config" ); + $query = "insert into PREFIX_TABLE"."config (webmaster,mail_webmaster) values ('$webmaster','".$HTTP_POST_VARS['mail_webmaster']."')"; + mysql_query($query); + $query = "insert into PREFIX_TABLE"."sites values (1, './galleries/');"; + mysql_query($query); + $query = "insert into PREFIX_TABLE"."users (pseudo,password,status,language) values ('$webmaster','".md5( $pwdWebmaster )."','admin','".$HTTP_GET_VARS['language']."')"; + mysql_query($query); + mysql_query("insert into PREFIX_TABLE"."users (pseudo,password,status,language) values ('visiteur','".md5( "" )."','visiteur','".$HTTP_GET_VARS['language']."')"); + $configuration = true; + } + } - echo header_install(); - if ( $configuration ) - { - echo" + echo header_install(); + if ( $configuration ) + { + echo" <table width=\"100%\"> <tr> <th>".$lang['install_end_title']."</th> @@ -506,12 +506,12 @@ <td>".$lang['install_end_message']."</td> </tr> </table>"; - } - else - { - if ( $nb_erreur > 0 ) - { - echo" + } + else + { + if ( $nb_erreur > 0 ) + { + echo" <table width=100%> <tr> <th>".$lang['install_message']."</th> @@ -526,8 +526,8 @@ <td> </td> </tr> </table>"; - } - echo" + } + echo" <form method=\"post\" action=\"install.php?step=2&language=".$HTTP_GET_VARS['language']."\"> <table width=100%> <tr> @@ -566,34 +566,34 @@ </tr> </table> </form>"; - } - echo footer_install(); - } - /*----------------------------------Language choice------------------------------------*/ - else - { - include( "../include/functions.php" ); - echo header_install(); - echo" + } + echo footer_install(); +} +/*----------------------------------Language choice------------------------------------*/ +else +{ + include( "../include/functions.php" ); + echo header_install(); + echo" <form method=\"get\" action=\"install.php\"> <input type=\"hidden\" name=\"step\" value=\"1\"/> <table width=\"100%\"> <tr> <td align=\"center\"> <select name=\"language\">"; - $languages = get_languages( "../language/" ); - for ( $i = 0; $i < sizeof ( $languages ); $i++ ) - { - echo" + $languages = get_languages( "../language/" ); + for ( $i = 0; $i < sizeof ( $languages ); $i++ ) + { + echo" <option>".$languages[$i]."</option>"; - } - echo" + } + echo" </select> <input type=\"submit\" value=\"Go\"> </td> </tr> </table> </form>"; - echo footer_install(); - } + echo footer_install(); +} ?>
\ No newline at end of file |