2 /**********************************************************************
3 Copyright (C) FrontAccounting, LLC.
4 Released under the terms of the GNU Affero General Public License,
5 AGPL, as published by the Free Software Foundation, either version
6 3 of the License, or (at your option) any later version.
7 This program is distributed in the hope that it will be useful,
8 but WITHOUT ANY WARRANTY; without even the implied warranty of
9 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
10 See the License here <http://www.gnu.org/licenses/agpl-3.0.html>.
11 ***********************************************************************/
12 error_reporting(E_ALL);
13 ini_set("display_errors", "On");
14 ini_set("max_execution_time", "180");
17 if(!defined('SESSION_STARTED'))
19 session_name('ba_session_id');
21 define('SESSION_STARTED', true);
24 // Function to set error
25 function set_error($message)
28 if(isset($message) AND $message != '')
30 // Copy values entered into session so user doesn't have to re-enter everything
31 if(isset($_POST['company_name']))
33 $_SESSION['ba_url'] = $_POST['ba_url'];
34 if(!isset($_POST['operating_system']))
36 $_SESSION['operating_system'] = 'linux';
40 $_SESSION['operating_system'] = $_POST['operating_system'];
42 if(!isset($_POST['world_writeable']))
44 $_SESSION['world_writeable'] = false;
48 $_SESSION['world_writeable'] = true;
50 $_SESSION['database_host'] = $_POST['database_host'];
51 $_SESSION['database_username'] = $_POST['database_username'];
52 $_SESSION['database_password'] = $_POST['database_password'];
53 $_SESSION['database_name'] = $_POST['database_name'];
54 if(!isset($_POST['table_prefix']))
56 $_SESSION['table_prefix'] = false;
60 $_SESSION['table_prefix'] = true;
62 if(!isset($_POST['install_tables']))
64 $_SESSION['install_tables'] = false;
68 $_SESSION['install_tables'] = true;
70 $_SESSION['company_name'] = $_POST['company_name'];
71 $_SESSION['admin_email'] = $_POST['admin_email'];
72 $_SESSION['admin_password'] = $_POST['admin_password'];
76 $_SESSION['message'] = $message;
77 // Specify that session support is enabled
78 $_SESSION['session_support'] = '<font class="good">Enabled</font>';
79 // Redirect to first page again and exit
80 header('Location: index.php?sessions_checked=true');
85 // Function to workout what the default permissions are for files created by the webserver
86 function default_file_mode($temp_dir)
88 $v = explode(".",PHP_VERSION);
90 if($v > 41 && is_writable($temp_dir))
92 $filename = $temp_dir.'/test_permissions.txt';
93 $handle = fopen($filename, 'w');
94 fwrite($handle, 'This file is to get the default file permissions');
96 $default_file_mode = '0'.substr(sprintf('%o', fileperms($filename)), -3);
101 $default_file_mode = '0777';
103 return $default_file_mode;
106 // Function to workout what the default permissions are for directories created by the webserver
107 function default_dir_mode($temp_dir)
109 $v = explode(".",PHP_VERSION);
111 if ($v > 41 && is_writable($temp_dir))
113 $dirname = $temp_dir.'/test_permissions/';
115 $default_dir_mode = '0'.substr(sprintf('%o', fileperms($dirname)), -3);
120 $default_dir_mode = '0777';
122 return $default_dir_mode;
125 function add_slashes($input)
127 if (get_magic_quotes_gpc() || (!is_string($input)))
131 $output = addslashes($input);
134 function check_db_error($err_msg, $sql)
139 if (isset($_POST['path_to_root']))
140 $path_to_root = $_POST['path_to_root'];
142 $path_to_root = "..";
144 // Begin check to see if form was even submitted
145 // Set error if no post vars found
146 if (!isset($_POST['company_name']))
148 set_error('Please fill-in the form below');
150 // End check to see if form was even submitted
152 // Begin path and timezone details code
154 // Check if user has entered the installation url
155 if (!isset($_POST['ba_url']) || $_POST['ba_url'] == '')
157 set_error('Please enter an absolute URL');
161 $ba_url = $_POST['ba_url'];
164 // Remove any slashes at the end of the URL
165 if(substr($ba_url, strlen($ba_url) - 1, 1) == "/")
167 $ba_url = substr($ba_url, 0, strlen($ba_url) - 1);
169 if(substr($ba_url, strlen($ba_url) - 1, 1) == "\\")
171 $ba_url = substr($ba_url, 0, strlen($ba_url) - 1);
173 if(substr($ba_url, strlen($ba_url) - 1, 1) == "/")
175 $ba_url = substr($ba_url, 0, strlen($ba_url) - 1);
177 if(substr($ba_url, strlen($ba_url) - 1, 1) == "\\")
179 $ba_url = substr($ba_url, 0, strlen($ba_url) - 1);
183 // Begin operating system specific code
184 // Get operating system
185 if (!isset($_POST['operating_system']) || $_POST['operating_system'] != 'linux' && $_POST['operating_system'] != 'windows')
187 set_error('Please select a valid operating system');
191 $operating_system = $_POST['operating_system'];
193 // Work-out file permissions
194 if($operating_system == 'windows')
199 elseif (isset($_POST['world_writeable']) && $_POST['world_writeable'] == 'true')
206 $file_mode = default_file_mode('../includes');
207 $dir_mode = default_dir_mode('../includes');
209 // End operating system specific code
211 // Begin database details code
212 // Check if user has entered a database host
213 if (!isset($_POST['database_host']) || $_POST['database_host'] == '')
215 set_error('Please enter a database host name');
219 $database_host = $_POST['database_host'];
221 // Check if user has entered a database username
222 if (!isset($_POST['database_username']) || $_POST['database_username'] == '')
224 set_error('Please enter a database username');
228 $database_username = $_POST['database_username'];
230 // Check if user has entered a database password
231 if (!isset($_POST['database_password']))
233 set_error('Please enter a database password');
237 $database_password = $_POST['database_password'];
239 // Check if user has entered a database name
240 if (!isset($_POST['database_name']) || $_POST['database_name'] == '')
242 set_error('Please enter a database name');
246 $database_name = $_POST['database_name'];
249 if (isset($_POST['table_prefix']) && $_POST['table_prefix'] == 'true')
250 $table_prefix = "0_";
254 // Find out if the user wants to install tables and data
255 if (isset($_POST['install_tables']) && $_POST['install_tables'] == 'true')
257 $install_tables = true;
261 $install_tables = false;
263 // End database details code
265 // Begin company name code
267 if (!isset($_POST['company_name']) || $_POST['company_name'] == '')
269 set_error('Please enter a company name');
273 $company_name = add_slashes($_POST['company_name']);
275 // End website company name
277 // Check if the user has entered a correct path
278 if (!file_exists($path_to_root.'/sql/en_US-demo.sql'))
280 set_error('It appears the Absolute path that you entered is incorrect');
283 // Get admin email and validate it
284 if (!isset($_POST['admin_email']) || $_POST['admin_email'] == '')
286 set_error('Please enter an email for the Administrator account');
290 if (eregi("^([0-9a-zA-Z]+[-._+&])*[0-9a-zA-Z]+@([-0-9a-zA-Z]+[.])+[a-zA-Z]{2,6}$", $_POST['admin_email']))
292 $admin_email = $_POST['admin_email'];
296 set_error('Please enter a valid email address for the Administrator account');
299 // Get the two admin passwords entered, and check that they match
300 if (!isset($_POST['admin_password']) || $_POST['admin_password'] == '')
302 set_error('Please enter a password for the Administrator account');
306 $admin_password = $_POST['admin_password'];
308 if (!isset($_POST['admin_repassword']) || $_POST['admin_repassword'] == '')
310 set_error('Please make sure you re-enter the password for the Administrator account');
314 $admin_repassword = $_POST['admin_repassword'];
316 if ($admin_password != $admin_repassword)
318 set_error('Sorry, the two Administrator account passwords you entered do not match');
320 // End admin user details code
322 include_once($path_to_root . "/includes/db/connect_db.inc");
323 include_once($path_to_root . "/admin/db/maintenance_db.inc");
324 include_once($path_to_root . "/config_db.php");
326 $id = count($db_connections);
327 if ($table_prefix != "" && $id > 0)
328 $table_prefix = $tb_pref_counter . "_";
329 $db_connections[$id]['name'] = $company_name;
330 $db_connections[$id]['host'] = $database_host;
331 $db_connections[$id]['dbuser'] = $database_username;
332 $db_connections[$id]['dbpassword'] = $database_password;
333 $db_connections[$id]['dbname'] = $database_name;
334 $db_connections[$id]['tbpref'] = $table_prefix;
338 $config_filename = $path_to_root . '/config_db.php';
340 $err = write_config_db($table_prefix != "");
342 set_error("Cannot open the configuration file ($config_filename)");
344 set_error("Cannot write to the configuration file ($config_filename)");
346 set_error("The configuration file $config_filename is not writable. Change its permissions so it is, then re-run step 4.");
348 // Try connecting to database
350 $db = mysql_connect($database_host, $database_username, $database_password);
353 set_error('Database host name, username and/or password incorrect. MySQL Error:<br />'.mysql_error());
356 if($install_tables == true)
358 if (!mysql_select_db($database_name, $db))
361 // Try to create the database
362 mysql_query('CREATE DATABASE '.$database_name);
363 mysql_select_db($database_name, $db);
365 $import_filename = $path_to_root."/sql/en_US-demo.sql";
366 if (!db_import($import_filename, $db_connections[$id]))
367 set_error("Import error, try to import $import_filename manually via phpMyAdmin");
371 mysql_select_db($database_name, $db);
373 $sql = "UPDATE ".$table_prefix."users SET password = '" . md5($admin_password) . "', email = ".db_escape($admin_email)." WHERE user_id = 'admin'";
374 db_query($sql, "could not update admin account");
375 $sql = "UPDATE ".$table_prefix."company SET coy_name = ".db_escape($company_name)." WHERE coy_code = 1";
376 db_query($sql, "could not update company name. Do it manually later in Setup");
382 header("Location: ".$path_to_root."/index.php");