. * *******************************************************************************/ define('IN_INDEX', TRUE); include('../config/db_settings.php'); include('../includes/functions.inc.php'); $default_settings['forum_name'] = 'my little forum'; $default_settings['forum_address'] = ((isProtocolHTTPS() === true) ? 'https' : 'http') .'://'. $_SERVER['HTTP_HOST'] . substr(rtrim(dirname($_SERVER['SCRIPT_NAME']), '/\\'), 0, strrpos(rtrim(dirname($_SERVER['SCRIPT_NAME']), '/\\'), '/')) . '/'; $default_settings['table_prefix'] = 'mlf2_'; // stripslashes on GPC if get_magic_quotes_gpc is enabled: if(get_magic_quotes_gpc()) { function stripslashes_deep($value) { $value = is_array($value) ? array_map('stripslashes_deep', $value) : stripslashes($value); return $value; } $_POST = array_map('stripslashes_deep', $_POST); $_GET = array_map('stripslashes_deep', $_GET); $_COOKIE = array_map('stripslashes_deep', $_COOKIE); $_REQUEST = array_map('stripslashes_deep', $_REQUEST); } function table_exists($table) { global $connid; $result = @mysqli_query($connid, "SHOW TABLES"); while($row = mysqli_fetch_array($result)) { if($table==$row[0]) return true; } return false; } // check version: if(!file_exists('../config/VERSION')) { die('Error in line '.__LINE__.': Missing the file config/VERSION.'); } $newVersion = trim(file_get_contents('../config/VERSION')); if(isset($_POST['language_file'])) $language_file = $_POST['language_file']; // try to connect to the database... if($connid = @mysqli_connect($db_settings['host'], $db_settings['user'], $db_settings['password'])) { if(@mysqli_select_db($connid, $db_settings['database'])) { @mysqli_query($connid, 'SET NAMES utf8'); if(table_exists($db_settings['forum_table'])) { // the forum seems to be installed header('Location: ../'); exit; } } } // language already selected? if(empty($language_file)) { // get available languages: $handle=opendir('../lang/'); while ($file = readdir($handle)) { if(strrchr($file, ".")==".lang") { $file_array[] = $file; } } closedir($handle); natcasesort($file_array); $i=0; foreach($file_array as $file) { $language_files[$i]['file'] = $file; $language_files[$i]['language'] = ucfirst(str_replace(".lang","",$file)); $language_parts = explode('.', $language_files[$i]['language']); if(isset($language_parts[1])) $language_files[$i]['language'] = $language_parts[0].' ('.$language_parts[1].')'; $i++; } if(empty($language_files)) die('No language file available.'); elseif(count($language_files)==1) { // there's only one language file so take this one: $language_file = $language_files[0]['file']; } else { // there are several language files so let the user choose one: $action = 'choose_language'; } } // set provisional language file: if(empty($language_file)) $language_file = 'english.lang'; if(isset($language_file)) { if(!file_exists('../lang/'.$language_file) && isset($language_files[0]['file'])) $language_file = $language_files[0]['file']; if(!file_exists('../lang/'.$language_file)) die('Language file not available.'); // quick & dirty method to get the config vars without smarty (prevents // creation of a compiled template which would only be used once for the // installation - doesn't get multi-line-strings properly!): $config_file = file('../lang/'.$language_file); foreach($config_file as $line) { $line = trim($line); if($line!='' && $line[0]!='[') { $line_parts = explode('=',$line,2); if(isset($line_parts[1])) { $key = trim($line_parts[0]); if(isset($lang[$key])) { if(is_array($lang[$key])) { $lang[$key][] = trim($line_parts[1]); } else { $lang[$key] = array($lang[$key]); $lang[$key][] = trim($line_parts[1]); } } else { $lang[$key] = trim($line_parts[1]); } } } } } if(isset($_POST['install_submit'])) { // are all fields filled out? foreach ($_POST as $post) { if(trim($post) == "") { $errors[] = $lang['error_form_uncomplete']; break; } } if(empty($errors)) { if($_POST['admin_pw'] != $_POST['admin_pw_conf']) $errors[] = $lang['error_conf_pw']; } // try to connect the database with posted access data: if(empty($errors)) { $connid = @mysqli_connect($_POST['host'], $_POST['user'], $_POST['password']); if(!$connid) $errors[] = $lang['error_db_connection']." (MySQL: ".mysqli_connect_error().")"; } if(empty($errors)) { if(!file_exists('install.sql')) $errors[] = $lang['error_sql_file_doesnt_exist']; } // overwrite database settings file: if(empty($errors) && empty($_POST['dont_overwrite_settings'])) { // Keys of database array $db_connection_keys = array('host', 'user', 'password', 'database'); $db_setting_keys = array( 'settings_table' => 'settings', 'forum_table' => 'entries', 'category_table' => 'categories', 'userdata_table' => 'userdata', 'smilies_table' => 'smilies', 'pages_table' => 'pages', 'banlists_table' => 'banlists', 'useronline_table' => 'useronline', 'login_control_table' => 'logincontrol', 'entry_cache_table' => 'entries_cache', 'userdata_cache_table' => 'userdata_cache', 'bookmark_table' => 'bookmarks', 'read_status_table' => 'read_entries', 'temp_infos_table' => 'temp_infos' ); clearstatcache(); $chmod = decoct(fileperms("../config/db_settings.php")); foreach ($db_connection_keys as $key) { // Check POST-data and reject data that contains html or php code like $value) { $db_settings[$key] = $_POST['table_prefix'] . $value; fwrite($db_settings_file, "\$db_settings['".$key."'] = '".addslashes($db_settings[$key])."';\n"); } fwrite($db_settings_file, "?".">\n"); flock($db_settings_file, 3); fclose($db_settings_file); } } if(empty($errors) && isset($_POST['create_database'])) { // create database if desired: @mysqli_query($connid, "CREATE DATABASE ".$db_settings['database']) or $errors[] = $lang['create_db_error']." (MySQL: ".mysqli_error($connid).")"; } // select database: if(empty($errors)) { @mysqli_select_db($connid, $db_settings['database']) or $errors[] = $lang['error_db_inexistent']." (MySQL: ".mysqli_error($connid).")"; @mysqli_query($connid, 'SET NAMES utf8'); } // run installation sql file: if(empty($errors)) { if (!isset($_POST['table_prefix']) || $_POST['table_prefix'] != strip_tags($_POST['table_prefix'])) { $errors[] = $lang['error_form_uncomplete']; } else { $lines = file('install.sql'); $cleared_lines = array(); foreach($lines as $line) { $line = str_replace(' mlf2_', ' '.$_POST['table_prefix'], $line); $line = trim($line); if(my_substr($line, -1, my_strlen($line,$lang['charset']), $lang['charset'])==';') $line = my_substr($line,0,-1,$lang['charset']); if($line != '' && my_substr($line,0,1,$lang['charset'])!='#') $cleared_lines[] = $line; } @mysqli_query($connid, "START TRANSACTION") or die(mysqli_error($connid)); foreach($cleared_lines as $line) { if(!@mysqli_query($connid, $line)) { $errors[] = $lang['error_sql']." (MySQL: ".mysqli_error($connid).")"; } } if(!@mysqli_query($connid, "INSERT INTO ".$db_settings['settings_table']." VALUES ('version', '". mysqli_real_escape_string($connid, $newVersion) ."');")) { $errors[] = $lang['error_sql']." (MySQL: ".mysqli_error($connid).")"; } @mysqli_query($connid, "COMMIT"); } } // insert admin in userdata table: if(empty($errors)) { $pw_hash = generate_pw_hash($_POST['admin_pw']); @mysqli_query($connid, "UPDATE ".$db_settings['userdata_table']." SET user_name='".mysqli_real_escape_string($connid, $_POST['admin_name'])."', user_pw = '".mysqli_real_escape_string($connid, $pw_hash)."', user_email = '".mysqli_real_escape_string($connid, $_POST['admin_email'])."' WHERE user_id=1") or $errors[] = $lang['error_create_admin']." (MySQL: ".mysqli_error($connid).")"; } // set forum name, address and email address: if(empty($errors)) { @mysqli_query($connid, "UPDATE ".$db_settings['settings_table']." SET value='".mysqli_real_escape_string($connid, $_POST['forum_name'])."' WHERE name='forum_name' LIMIT 1") or $errors[] = $lang['error_update_settings']." (MySQL: ".mysqli_error($connid).")"; @mysqli_query($connid, "UPDATE ".$db_settings['settings_table']." SET value='".mysqli_real_escape_string($connid, $_POST['forum_address'])."' WHERE name='forum_address' LIMIT 1") or $errors[] = $lang['error_update_settings']." (MySQL: ".mysqli_error($connid).")"; @mysqli_query($connid, "UPDATE ".$db_settings['settings_table']." SET value='".mysqli_real_escape_string($connid, $_POST['forum_email'])."' WHERE name='forum_email' LIMIT 1") or $errors[] = $lang['error_update_settings']." (MySQL: ".mysqli_error($connid).")"; @mysqli_query($connid, "UPDATE ".$db_settings['settings_table']." SET value='".mysqli_real_escape_string($connid, $_POST['language_file'])."' WHERE name='language_file' LIMIT 1") or $errors[] = $lang['error_update_settings']." (MySQL: ".mysqli_error($connid).")"; } if(empty($errors)) { header('Location: ../'); exit; } } if(empty($action)) $action = 'install'; header('Content-Type: text/html; charset='.$lang['charset']); ?> my little forum - <?php echo $lang['installation_title']; ?>

my little forum

 



" size="40" />

" size="40" />



" size="40" />








/>

/>