index.php @ 3731:3770620079d4

Visit:

Revision 3731:3770620079d4, 18.5 KB checked in by franck <carnet.franck.paul@…>, 7 years ago (diff)
Simplify licence block at the beginning of each file

Line
1	<?php
2	/**
3	* @package Dotclear
4	* @subpackage Install
5	*
6	* @copyright Olivier Meunier & Association Dotclear
7	* @copyright GPL-2.0-only
8	*/
9
10	if (isset($_SERVER['DC_RC_PATH'])) {
11	$rc_path = $_SERVER['DC_RC_PATH'];
12	} elseif (isset($_SERVER['REDIRECT_DC_RC_PATH'])) {
13	$rc_path = $_SERVER['REDIRECT_DC_RC_PATH'];
14	} else {
15	$rc_path = dirname(__FILE__) . '/../../inc/config.php';
16	}
17
18	require dirname(__FILE__) . '/../../inc/prepend.php';
19	require dirname(__FILE__) . '/check.php';
20
21	$can_install = true;
22	$err = '';
23
24	# Loading locales for detected language
25	$dlang = http::getAcceptLanguage();
26	if ($dlang != 'en') {
27	l10n::init($dlang);
28	l10n::set(dirname(__FILE__) . '/../../locales/' . $dlang . '/date');
29	l10n::set(dirname(__FILE__) . '/../../locales/' . $dlang . '/main');
30	l10n::set(dirname(__FILE__) . '/../../locales/' . $dlang . '/plugins');
31	}
32
33	if (!defined('DC_MASTER_KEY') \|\| DC_MASTER_KEY == '') {
34	$can_install = false;
35	$err = '<p>' . __('Please set a master key (DC_MASTER_KEY) in configuration file.') . '</p>';
36	}
37
38	# Check if dotclear is already installed
39	$schema = dbSchema::init($core->con);
40	if (in_array($core->prefix . 'post', $schema->getTables())) {
41	$can_install = false;
42	$err = '<p>' . __('Dotclear is already installed.') . '</p>';
43	}
44
45	# Check system capabilites
46	if (!dcSystemCheck($core->con, $_e)) {
47	$can_install = false;
48	$err = '<p>' . __('Dotclear cannot be installed.') . '</p><ul><li>' . implode('</li><li>', $_e) . '</li></ul>';
49	}
50
51	# Get information and perform install
52	$u_email = $u_firstname = $u_name = $u_login = $u_pwd = '';
53	$mail_sent = false;
54	if ($can_install && !empty($_POST)) {
55	$u_email = !empty($_POST['u_email']) ? $_POST['u_email'] : null;
56	$u_firstname = !empty($_POST['u_firstname']) ? $_POST['u_firstname'] : null;
57	$u_name = !empty($_POST['u_name']) ? $_POST['u_name'] : null;
58	$u_login = !empty($_POST['u_login']) ? $_POST['u_login'] : null;
59	$u_pwd = !empty($_POST['u_pwd']) ? $_POST['u_pwd'] : null;
60	$u_pwd2 = !empty($_POST['u_pwd2']) ? $_POST['u_pwd2'] : null;
61
62	try
63	{
64	# Check user information
65	if (empty($u_login)) {
66	throw new Exception(__('No user ID given'));
67	}
68	if (!preg_match('/^[A-Za-z0-9@._-]{2,}$/', $u_login)) {
69	throw new Exception(__('User ID must contain at least 2 characters using letters, numbers or symbols.'));
70	}
71	if ($u_email && !text::isEmail($u_email)) {
72	throw new Exception(__('Invalid email address'));
73	}
74
75	if (empty($u_pwd)) {
76	throw new Exception(__('No password given'));
77	}
78	if ($u_pwd != $u_pwd2) {
79	throw new Exception(__("Passwords don't match"));
80	}
81	if (strlen($u_pwd) < 6) {
82	throw new Exception(__('Password must contain at least 6 characters.'));
83	}
84
85	# Try to guess timezone
86	$default_tz = 'Europe/London';
87	if (!empty($_POST['u_date']) && function_exists('timezone_open')) {
88	if (preg_match('/$(.+)$$/', $_POST['u_date'], $_tz)) {
89	$_tz = $_tz[1];
90	$_tz = @timezone_open($_tz);
91	if ($_tz instanceof DateTimeZone) {
92	$_tz = @timezone_name_get($_tz);
93
94	// check if timezone is valid
95	// date_default_timezone_set throw E_NOTICE and/or E_WARNING if timezone is not valid and return false
96	if (@date_default_timezone_set($_tz) !== false && $_tz) {
97	$default_tz = $_tz;
98	}
99	}
100	unset($_tz);
101	}
102	}
103
104	# Create schema
105	$_s = new dbStruct($core->con, $core->prefix);
106	require dirname(__FILE__) . '/../../inc/dbschema/db-schema.php';
107
108	$si = new dbStruct($core->con, $core->prefix);
109	$changes = $si->synchronize($_s);
110
111	# Create user
112	$cur = $core->con->openCursor($core->prefix . 'user');
113	$cur->user_id = $u_login;
114	$cur->user_super = 1;
115	$cur->user_pwd = $core->auth->crypt($u_pwd);
116	$cur->user_name = (string) $u_name;
117	$cur->user_firstname = (string) $u_firstname;
118	$cur->user_email = (string) $u_email;
119	$cur->user_lang = $dlang;
120	$cur->user_tz = $default_tz;
121	$cur->user_creadt = date('Y-m-d H:i:s');
122	$cur->user_upddt = date('Y-m-d H:i:s');
123	$cur->user_options = serialize($core->userDefaults());
124	$cur->insert();
125
126	$core->auth->checkUser($u_login);
127
128	$admin_url = preg_replace('%install/index.php$%', '', $_SERVER['REQUEST_URI']);
129	$root_url = preg_replace('%/admin/install/index.php$%', '', $_SERVER['REQUEST_URI']);
130
131	# Create blog
132	$cur = $core->con->openCursor($core->prefix . 'blog');
133	$cur->blog_id = 'default';
134	$cur->blog_url = http::getHost() . $root_url . '/index.php?';
135	$cur->blog_name = __('My first blog');
136	$core->addBlog($cur);
137	$core->blogDefaults($cur->blog_id);
138
139	$blog_settings = new dcSettings($core, 'default');
140	$blog_settings->addNamespace('system');
141	$blog_settings->system->put('blog_timezone', $default_tz);
142	$blog_settings->system->put('lang', $dlang);
143	$blog_settings->system->put('public_url', $root_url . '/public');
144	$blog_settings->system->put('themes_url', $root_url . '/themes');
145
146	# date and time formats
147	$formatDate = __('%A, %B %e %Y');
148	$date_formats = array('%Y-%m-%d', '%m/%d/%Y', '%d/%m/%Y', '%Y/%m/%d', '%d.%m.%Y', '%b %e %Y', '%e %b %Y', '%Y %b %e',
149	'%a, %Y-%m-%d', '%a, %m/%d/%Y', '%a, %d/%m/%Y', '%a, %Y/%m/%d', '%B %e, %Y', '%e %B, %Y', '%Y, %B %e', '%e. %B %Y',
150	'%A, %B %e, %Y', '%A, %e %B, %Y', '%A, %Y, %B %e', '%A, %Y, %B %e', '%A, %e. %B %Y');
151	$time_formats = array('%H:%M', '%I:%M', '%l:%M', '%Hh%M', '%Ih%M', '%lh%M');
152	if (strtoupper(substr(PHP_OS, 0, 3)) == 'WIN') {
153	$formatDate = preg_replace('#(?<!%)((?:%%)*)%e#', '\1%#d', $formatDate);
154	$date_formats = array_map(
155	function ($f) {
156	return str_replace('%e', '%#d', $f);
157	},
158	$date_formats);
159	}
160	$blog_settings->system->put('date_format', $formatDate);
161	$blog_settings->system->put('date_formats', $date_formats, 'array', 'Date formats examples', true, true);
162	$blog_settings->system->put('time_formats', $time_formats, 'array', 'Time formats examples', true, true);
163
164	# Add repository URL for themes and plugins
165	$blog_settings->system->put('store_plugin_url', 'http://update.dotaddict.org/dc2/plugins.xml', 'string', 'Plugins XML feed location', true, true);
166	$blog_settings->system->put('store_theme_url', 'http://update.dotaddict.org/dc2/themes.xml', 'string', 'Themes XML feed location', true, true);
167
168	# CSP directive (admin part)
169
170	/* SQlite Clearbricks driver does not allow using single quote at beginning or end of a field value
171	so we have to use neutral values (localhost and 127.0.0.1) for some CSP directives
172	*/
173	$csp_prefix = $core->con->driver() == 'sqlite' ? 'localhost ' : ''; // Hack for SQlite Clearbricks driver
174	$csp_suffix = $core->con->driver() == 'sqlite' ? ' 127.0.0.1' : ''; // Hack for SQlite Clearbricks driver
175
176	$blog_settings->system->put('csp_admin_on', true, 'boolean', 'Send CSP header (admin)', true, true);
177	$blog_settings->system->put('csp_admin_report_only', false, 'boolean', 'CSP Report only violations (admin)', true, true);
178	$blog_settings->system->put('csp_admin_default',
179	$csp_prefix . "'self'" . $csp_suffix, 'string', 'CSP default-src directive', true, true);
180	$blog_settings->system->put('csp_admin_script',
181	$csp_prefix . "'self' 'unsafe-inline' 'unsafe-eval'" . $csp_suffix, 'string', 'CSP script-src directive', true, true);
182	$blog_settings->system->put('csp_admin_style',
183	$csp_prefix . "'self' 'unsafe-inline'" . $csp_suffix, 'string', 'CSP style-src directive', true, true);
184	$blog_settings->system->put('csp_admin_img',
185	$csp_prefix . "'self' data: http://media.dotaddict.org blob:", 'string', 'CSP img-src directive', true, true);
186
187	# Add Dotclear version
188	$cur = $core->con->openCursor($core->prefix . 'version');
189	$cur->module = 'core';
190	$cur->version = (string) DC_VERSION;
191	$cur->insert();
192
193	# Create first post
194	$core->setBlog('default');
195
196	$cur = $core->con->openCursor($core->prefix . 'post');
197	$cur->user_id = $u_login;
198	$cur->post_format = 'xhtml';
199	$cur->post_lang = $dlang;
200	$cur->post_title = __('Welcome to Dotclear!');
201	$cur->post_content = '<p>' . __('This is your first entry. When you\'re ready ' .
202	'to blog, log in to edit or delete it.') . '</p>';
203	$cur->post_content_xhtml = $cur->post_content;
204	$cur->post_status = 1;
205	$cur->post_open_comment = 1;
206	$cur->post_open_tb = 0;
207	$post_id = $core->blog->addPost($cur);
208
209	# Add a comment to it
210	$cur = $core->con->openCursor($core->prefix . 'comment');
211	$cur->post_id = $post_id;
212	$cur->comment_tz = $default_tz;
213	$cur->comment_author = __('Dotclear Team');
214	$cur->comment_email = 'contact@dotclear.net';
215	$cur->comment_site = 'http://www.dotclear.org/';
216	$cur->comment_content = __("<p>This is a comment.</p>\n<p>To delete it, log in and " .
217	"view your blog's comments. Then you might remove or edit it.</p>");
218	$core->blog->addComment($cur);
219
220	# Plugins initialization
221	define('DC_CONTEXT_ADMIN', true);
222	$core->plugins->loadModules(DC_PLUGINS_ROOT);
223	$plugins_install = $core->plugins->installModules();
224
225	# Add dashboard module options
226	$core->auth->user_prefs->addWorkspace('dashboard');
227	$core->auth->user_prefs->dashboard->put('doclinks', true, 'boolean', '', null, true);
228	$core->auth->user_prefs->dashboard->put('dcnews', true, 'boolean', '', null, true);
229	$core->auth->user_prefs->dashboard->put('quickentry', true, 'boolean', '', null, true);
230	$core->auth->user_prefs->dashboard->put('nodcupdate', false, 'boolean', '', null, true);
231
232	# Add accessibility options
233	$core->auth->user_prefs->addWorkspace('accessibility');
234	$core->auth->user_prefs->accessibility->put('nodragdrop', false, 'boolean', '', null, true);
235
236	# Add user interface options
237	$core->auth->user_prefs->addWorkspace('interface');
238	$core->auth->user_prefs->interface->put('enhanceduploader', true, 'boolean', '', null, true);
239
240	# Add default favorites
241	$core->favs = new dcFavorites($core);
242	$init_favs = array('posts', 'new_post', 'newpage', 'comments', 'categories', 'media', 'blog_theme', 'widgets', 'simpleMenu', 'prefs', 'help');
243	$core->favs->setFavoriteIDs($init_favs, true);
244
245	$step = 1;
246	} catch (Exception $e) {
247	$err = $e->getMessage();
248	}
249	}
250
251	if (!isset($step)) {
252	$step = 0;
253	}
254	header('Content-Type: text/html; charset=UTF-8');
255
256	// Prevents Clickjacking as far as possible
257	header('X-Frame-Options: SAMEORIGIN'); // FF 3.6.9+ Chrome 4.1+ IE 8+ Safari 4+ Opera 10.5+
258
259	?>
260	<!DOCTYPE html>
261	<html lang="en">
262	<head>
263	<meta charset="UTF-8" />
264	<meta http-equiv="Content-Script-Type" content="text/javascript" />
265	<meta http-equiv="Content-Style-Type" content="text/css" />
266	<meta http-equiv="Content-Language" content="en" />
267	<meta name="ROBOTS" content="NOARCHIVE,NOINDEX,NOFOLLOW" />
268	<meta name="GOOGLEBOT" content="NOSNIPPET" />
269	<title><?php echo __('Dotclear Install'); ?></title>
270
271	<link rel="stylesheet" href="../style/install.css" type="text/css" media="screen" />
272
273	<script type="text/javascript" src="../js/jquery/jquery.js"></script>
274	<?php echo dcPage::jsLoad('../js/jquery/jquery.pwstrength.js'); ?>
275	<script type="text/javascript">
276	$(function() {
277	var login_re = new RegExp('[^A-Za-z0-9@._-]+','g');
278	$('#u_firstname').keyup(function() {
279	var login = this.value.toLowerCase().replace(login_re,'').substring(0,32);
280	$('#u_login').val(login);
281	});
282	$('#u_login').keyup(function() {
283	$(this).val(this.value.replace(login_re,''));
284	});
285
286	<?php echo "\$('#u_pwd').pwstrength({texts: ['" .
287	sprintf(__('Password strength: %s'), __('very weak')) . "', '" .
288	sprintf(__('Password strength: %s'), __('weak')) . "', '" .
289	sprintf(__('Password strength: %s'), __('mediocre')) . "', '" .
290	sprintf(__('Password strength: %s'), __('strong')) . "', '" .
291	sprintf(__('Password strength: %s'), __('very strong')) . "']});\n"; ?>
292
293	$('#u_login').parent().after($('<input type="hidden" name="u_date" value="' + Date().toLocaleString() + '" />'));
294
295	var password_link = $('<a href="#" id="obfus"><?php echo (__('show')); ?></a>').click(function() {
296	$('#password').show();
297	$(this).remove();
298	return false;
299	});
300	$('#password').hide().before(password_link);
301	});
302	</script>
303	</head>
304
305	<body id="dotclear-admin" class="install">
306	<div id="content">
307	<?php
308	echo
309	'<h1>' . __('Dotclear installation') . '</h1>' .
310	'<div id="main">';
311
312	if (!is_writable(DC_TPL_CACHE)) {
313	echo '<div class="error" role="alert"><p>' . sprintf(__('Cache directory %s is not writable.'), DC_TPL_CACHE) . '</p></div>';
314	}
315
316	if ($can_install && !empty($err)) {
317	echo '<div class="error" role="alert"><p><strong>' . __('Errors:') . '</strong></p>' . $err . '</div>';
318	}
319
320	if (!empty($_GET['wiz'])) {
321	echo '<p class="success" role="alert">' . __('Configuration file has been successfully created.') . '</p>';
322	}
323
324	if ($can_install && $step == 0) {
325	echo
326	'<h2>' . __('User information') . '</h2>' .
327
328	'<p>' . __('Please provide the following information needed to create the first user.') . '</p>' .
329
330	'<form action="index.php" method="post">' .
331	'<fieldset><legend>' . __('User information') . '</legend>' .
332	'<p><label for="u_firstname">' . __('First Name:') . '</label> ' .
333	form::field('u_firstname', 30, 255, array(
334	'default' => html::escapeHTML($u_firstname),
335	'autocomplete' => 'given-name'
336	)) .
337	'</p>' .
338	'<p><label for="u_name">' . __('Last Name:') . '</label> ' .
339	form::field('u_name', 30, 255, array(
340	'default' => html::escapeHTML($u_name),
341	'autocomplete' => 'family-name'
342	)) .
343	'</p>' .
344	'<p><label for="u_email">' . __('Email:') . '</label> ' .
345	form::email('u_email', array(
346	'size' => 30,
347	'default' => html::escapeHTML($u_email),
348	'autocomplete' => 'email'
349	)) .
350	'</p>' .
351	'</fieldset>' .
352
353	'<fieldset><legend>' . __('Username and password') . '</legend>' .
354	'<p><label for="u_login" class="required"><abbr title="' . __('Required field') . '">*</abbr> ' . __('Username:') . ' ' .
355	form::field('u_login', 30, 32, array(
356	'default' => html::escapeHTML($u_login),
357	'extra_html' => 'required placeholder="' . __('Username') . '"',
358	'autocomplete' => 'username'
359	)) .
360	'</label></p>' .
361	'<div class="pw-table">' .
362	'<p class="pw-cell">' .
363	'<label for="u_pwd" class="required"><abbr title="' . __('Required field') . '">*</abbr> ' . __('New password:') . '</label>' .
364	form::password('u_pwd', 30, 255, array(
365	'extra_html' => 'data-indicator="pwindicator" required placeholder="' . __('Password') . '"',
366	'autocomplete' => 'new-password'
367	)) .
368	'</p>' .
369	'<div id="pwindicator">' .
370	' <div class="bar"></div>' .
371	' <p class="label no-margin"></p>' .
372	'</div>' .
373	'</div>' .
374	'<p><label for="u_pwd2" class="required"><abbr title="' . __('Required field') . '">*</abbr> ' . __('Confirm password:') . ' ' .
375	form::password('u_pwd2', 30, 255, array(
376	'extra_html' => 'required placeholder="' . __('Password') . '"',
377	'autocomplete' => 'new-password'
378	)) .
379	'</label></p>' .
380	'</fieldset>' .
381
382	'<p><input type="submit" value="' . __('Save') . '" /></p>' .
383	'</form>';
384	} elseif ($can_install && $step == 1) {
385	# Plugins install messages
386	$plugins_install_result = '';
387	if (!empty($plugins_install['success'])) {
388	$plugins_install_result .= '<div class="static-msg">' . __('Following plugins have been installed:') . '<ul>';
389	foreach ($plugins_install['success'] as $k => $v) {
390	$plugins_install_result .= '<li>' . $k . '</li>';
391	}
392	$plugins_install_result .= '</ul></div>';
393	}
394	if (!empty($plugins_install['failure'])) {
395	$plugins_install_result .= '<div class="error">' . __('Following plugins have not been installed:') . '<ul>';
396	foreach ($plugins_install['failure'] as $k => $v) {
397	$plugins_install_result .= '<li>' . $k . ' (' . $v . ')</li>';
398	}
399	$plugins_install_result .= '</ul></div>';
400	}
401
402	echo
403	'<h2>' . __('All done!') . '</h2>' .
404
405	$plugins_install_result .
406
407	'<p class="success" role="alert">' . __('Dotclear has been successfully installed. Here is some useful information you should keep.') . '</p>' .
408
409	'<h3>' . __('Your account') . '</h3>' .
410	'<ul>' .
411	'<li>' . __('Username:') . ' <strong>' . html::escapeHTML($u_login) . '</strong></li>' .
412	'<li>' . __('Password:') . ' <strong id="password">' . html::escapeHTML($u_pwd) . '</strong></li>' .
413	'</ul>' .
414
415	'<h3>' . __('Your blog') . '</h3>' .
416	'<ul>' .
417	'<li>' . __('Blog address:') . ' <strong>' . html::escapeHTML(http::getHost() . $root_url) . '/index.php?</strong></li>' .
418	'<li>' . __('Administration interface:') . ' <strong>' . html::escapeHTML(http::getHost() . $admin_url) . '</strong></li>' .
419	'</ul>' .
420
421	'<form action="../auth.php" method="post">' .
422	'<p><input type="submit" value="' . __('Manage your blog now') . '" />' .
423	form::hidden(array('user_id'), html::escapeHTML($u_login)) .
424	form::hidden(array('user_pwd'), html::escapeHTML($u_pwd)) .
425	'</p>' .
426	'</form>';
427	} elseif (!$can_install) {
428	echo '<h2>' . __('Installation can not be completed') . '</h2>' .
429	'<div class="error" role="alert"><p><strong>' . __('Errors:') . '</strong></p>' . $err . '</div>' .
430	'<p>' . __('For the said reasons, Dotclear can not be installed. ' .
431	'Please refer to <a href="http://dotclear.org/documentation/2.0/admin/install">' .
432	'the documentation</a> to learn how to correct the problem.') . '</p>';
433	}
434	?>
435	</div>
436	</div>
437	</body>
438	</html>

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: admin/install/index.php @ 3731:3770620079d4

Download in other formats:

Sites map