2 /**********************************************************************
3 This installer is based on code from the
4 Website Baker Project <http://www.websitebaker.org/>
5 Copyright (C) 2004-2007, Ryan Djurovich.
6 The code is released under GPLv3
7 modified by FrontAcounting, LLC.
8 ***********************************************************************/
9 error_reporting(E_ALL);
10 ini_set("display_errors", "On");
11 ini_set("max_execution_time", "180");
14 if(!defined('SESSION_STARTED'))
16 session_name('ba_session_id');
18 define('SESSION_STARTED', true);
21 if (!function_exists("_")) {
26 // Installer version of display_error function.
28 function display_error($message)
31 if(isset($message) AND $message != '')
33 // Copy values entered into session so user doesn't have to re-enter everything
34 if(isset($_POST['company_name']))
36 $_SESSION['ba_url'] = $_POST['ba_url'];
37 $_SESSION['operating_system'] = isset($_POST['operating_system']);
38 $_SESSION['world_writeable'] = isset($_POST['world_writeable']);
39 $_SESSION['database_host'] = $_POST['database_host'];
40 $_SESSION['database_username'] = $_POST['database_username'];
41 $_SESSION['database_password'] = $_POST['database_password'];
42 $_SESSION['database_name'] = $_POST['database_name'];
43 $_SESSION['demo_data'] = isset($_POST['demo_data']);
44 $_SESSION['table_prefix'] = isset($_POST['table_prefix']);
45 $_SESSION['install_tables'] = isset($_POST['install_tables']);
46 $_SESSION['company_name'] = $_POST['company_name'];
47 $_SESSION['admin_email'] = $_POST['admin_email'];
48 $_SESSION['admin_password'] = $_POST['admin_password'];
52 $_SESSION['message'] = $message;
53 // Specify that session support is enabled
54 $_SESSION['session_support'] = '<font class="good">Enabled</font>';
55 // Redirect to first page again and exit
56 @unlink($path_to_root."/config.php"); // remove just created config file
57 header('Location: index.php?sessions_checked=true');
62 // Function to workout what the default permissions are for files created by the webserver
63 function default_file_mode($temp_dir)
65 $v = explode(".",PHP_VERSION);
67 if($v > 41 && is_writable($temp_dir))
69 $filename = $temp_dir.'/test_permissions.txt';
70 $handle = fopen($filename, 'w');
71 fwrite($handle, 'This file is to get the default file permissions');
73 $default_file_mode = '0'.substr(sprintf('%o', fileperms($filename)), -3);
78 $default_file_mode = '0777';
80 return $default_file_mode;
83 // Function to workout what the default permissions are for directories created by the webserver
84 function default_dir_mode($temp_dir)
86 $v = explode(".",PHP_VERSION);
88 if ($v > 41 && is_writable($temp_dir))
90 $dirname = $temp_dir.'/test_permissions/';
92 $default_dir_mode = '0'.substr(sprintf('%o', fileperms($dirname)), -3);
97 $default_dir_mode = '0777';
99 return $default_dir_mode;
102 function add_slashes($input)
104 if (get_magic_quotes_gpc() || (!is_string($input)))
108 $output = addslashes($input);
111 function check_db_error($err_msg, $sql)
116 if (isset($_POST['path_to_root']))
117 $path_to_root = $_POST['path_to_root'];
119 $path_to_root = "..";
121 // Begin check to see if form was even submitted
122 // Set error if no post vars found
123 if (!isset($_POST['company_name']))
125 display_error('Please fill-in the form below');
127 // End check to see if form was even submitted
129 // Begin path and timezone details code
131 // Check if user has entered the installation url
132 if (!isset($_POST['ba_url']) || $_POST['ba_url'] == '')
134 display_error('Please enter an absolute URL');
138 $ba_url = $_POST['ba_url'];
141 // Remove any slashes at the end of the URL
142 if(substr($ba_url, strlen($ba_url) - 1, 1) == "/")
144 $ba_url = substr($ba_url, 0, strlen($ba_url) - 1);
146 if(substr($ba_url, strlen($ba_url) - 1, 1) == "\\")
148 $ba_url = substr($ba_url, 0, strlen($ba_url) - 1);
150 if(substr($ba_url, strlen($ba_url) - 1, 1) == "/")
152 $ba_url = substr($ba_url, 0, strlen($ba_url) - 1);
154 if(substr($ba_url, strlen($ba_url) - 1, 1) == "\\")
156 $ba_url = substr($ba_url, 0, strlen($ba_url) - 1);
160 // Begin operating system specific code
161 // Get operating system
162 if (!isset($_POST['operating_system']) || $_POST['operating_system'] != 'linux' && $_POST['operating_system'] != 'windows')
164 display_error('Please select a valid operating system');
168 $operating_system = $_POST['operating_system'];
170 // Work-out file permissions
171 if($operating_system == 'windows')
176 elseif (isset($_POST['world_writeable']) && $_POST['world_writeable'] == 'true')
183 $file_mode = default_file_mode('../includes');
184 $dir_mode = default_dir_mode('../includes');
186 // End operating system specific code
188 // Begin database details code
189 // Check if user has entered a database host
190 if (!isset($_POST['database_host']) || $_POST['database_host'] == '')
192 display_error('Please enter a database host name');
196 $database_host = $_POST['database_host'];
198 // Check if user has entered a database username
199 if (!isset($_POST['database_username']) || $_POST['database_username'] == '')
201 display_error('Please enter a database username');
205 $database_username = $_POST['database_username'];
207 // Check if user has entered a database password
208 if (!isset($_POST['database_password']))
210 display_error('Please enter a database password');
214 $database_password = $_POST['database_password'];
216 // Check if user has entered a database name
217 if (!isset($_POST['database_name']) || $_POST['database_name'] == '')
219 display_error('Please enter a database name');
223 $database_name = $_POST['database_name'];
226 if (isset($_POST['table_prefix']) && $_POST['table_prefix'] == 'true')
227 $table_prefix = "0_";
231 // Find out if the user wants to install tables and data
232 if (isset($_POST['install_tables']) && $_POST['install_tables'] == 'true')
234 $install_tables = true;
238 $install_tables = false;
240 // End database details code
242 // Begin company name code
244 if (!isset($_POST['company_name']) || $_POST['company_name'] == '')
246 display_error('Please enter a company name');
250 $company_name = add_slashes($_POST['company_name']);
252 // End website company name
254 // Check if the user has entered a correct path
255 if (!file_exists($path_to_root.'/sql/en_US-'.(isset($_POST['demo_data']) ? 'demo':'new').'.sql'))
257 display_error('It appears the Absolute path that you entered is incorrect');
260 // Get admin email and validate it
261 if (!isset($_POST['admin_email']) || $_POST['admin_email'] == '')
263 display_error('Please enter an email for the Administrator account');
267 if (eregi("^([0-9a-zA-Z]+[-._+&])*[0-9a-zA-Z]+@([-0-9a-zA-Z]+[.])+[a-zA-Z]{2,6}$", $_POST['admin_email']))
269 $admin_email = $_POST['admin_email'];
273 display_error('Please enter a valid email address for the Administrator account');
276 // Get the two admin passwords entered, and check that they match
277 if (!isset($_POST['admin_password']) || $_POST['admin_password'] == '')
279 display_error('Please enter a password for the Administrator account');
283 $admin_password = $_POST['admin_password'];
285 if (!isset($_POST['admin_repassword']) || $_POST['admin_repassword'] == '')
287 display_error('Please make sure you re-enter the password for the Administrator account');
291 $admin_repassword = $_POST['admin_repassword'];
293 if ($admin_password != $admin_repassword)
295 display_error('Sorry, the two Administrator account passwords you entered do not match');
297 // End admin user details code
299 copy($path_to_root. "/config.default.php", $path_to_root. "/config.php");
301 include_once($path_to_root . "/includes/db/connect_db.inc");
302 include_once($path_to_root . "/admin/db/maintenance_db.inc");
304 if (!file_exists($path_to_root . "/installed_extensions.php")) {
305 $next_extension_id = 1;
306 write_extensions(array());
307 write_extensions(array(),0);
309 if (!file_exists($path_to_root . "/lang/installed_languages.inc")) {
310 $installed_languages = array (
311 0 => array ('code' => 'en_GB', 'name' => 'English', 'encoding' => 'iso-8859-1'));
312 $dflt_lang = 'en_GB';
316 if (file_exists($path_to_root . "/config_db.php"))
317 include_once($path_to_root . "/config_db.php");
321 $tb_pref_counter = 0;
322 $db_connections = array ();
325 $id = count($db_connections);
326 if ($table_prefix != "" && $id > 0)
327 $table_prefix = $tb_pref_counter . "_";
328 $db_connections[$id]['name'] = $company_name;
329 $db_connections[$id]['host'] = $database_host;
330 $db_connections[$id]['dbuser'] = $database_username;
331 $db_connections[$id]['dbpassword'] = $database_password;
332 $db_connections[$id]['dbname'] = $database_name;
333 $db_connections[$id]['tbpref'] = $table_prefix;
337 $config_filename = $path_to_root . '/config_db.php';
339 // Try connecting to database
341 $db = mysql_connect($database_host, $database_username, $database_password);
344 display_error('Database host name, username and/or password incorrect. MySQL Error:<br />'.mysql_error());
347 if($install_tables == true)
349 if (!mysql_select_db($database_name, $db))
351 // Try to create the database
352 if (!($result = mysql_query('CREATE DATABASE '.$database_name))) {
353 display_error(_("Cannot create database").
354 " '$database_name'");
356 $result = mysql_select_db($database_name, $db);
359 $import_filename = $path_to_root.'/sql/en_US-'.(isset($_POST['demo_data']) ? 'demo':'new').'.sql';
360 db_import($import_filename, $db_connections[$id]);
365 $result = mysql_select_db($database_name, $db);
368 $sql = "UPDATE ".$table_prefix."users SET password = '" . md5($admin_password) . "', email = ".db_escape($admin_email)." WHERE user_id = 'admin'";
369 db_query($sql, "could not update admin account");
370 $sql = "UPDATE ".$table_prefix."company SET coy_name = ".db_escape($company_name)." WHERE coy_code = 1";
371 db_query($sql, "could not update company name. Do it manually later in Setup");
373 $err = write_config_db($table_prefix != "");
375 display_error("Cannot open the configuration file ($config_filename)");
377 display_error("Cannot write to the configuration file ($config_filename)");
379 display_error("The configuration file $config_filename is not writable. Change its permissions so it is, then re-run step 4.");
386 header("Location: ".$path_to_root."/index.php");