. *
*******************************************************************************/
define('IN_INDEX', TRUE);
include('../config/db_settings.php');
include('../includes/functions.inc.php');
$default_settings['forum_name'] = 'my little forum';
$default_settings['forum_address'] = ((isProtocolHTTPS() === true) ? 'https' : 'http') .'://'. $_SERVER['HTTP_HOST'] . substr(rtrim(dirname($_SERVER['SCRIPT_NAME']), '/\\'), 0, strrpos(rtrim(dirname($_SERVER['SCRIPT_NAME']), '/\\'), '/')) . '/';
$default_settings['table_prefix'] = 'mlf2_';
function table_exists($table) {
global $connid;
$result = @mysqli_query($connid, "SHOW TABLES");
while ($row = mysqli_fetch_array($result)) {
if ($table == $row[0]) return true;
}
return false;
}
// check version:
if(!file_exists('../config/VERSION')) {
die('Error in line '.__LINE__.': Missing the file config/VERSION.');
} else {
$newVersion = file_get_contents('../config/VERSION');
if (empty($newVersion) die('Error in line '.__LINE__.': No value for the script version in the file config/VERSION.');
else $newVersion = trim($newVersion);
}
if (isset($_POST['language_file'])) $language_file = $_POST['language_file'];
// try to connect to the database …
if (!empty($db_settings['database']) && $connid = @mysqli_connect($db_settings['host'], $db_settings['user'], $db_settings['password'], $db_settings['database'])) {
@mysqli_query($connid, 'SET NAMES utf8');
if (table_exists($db_settings['forum_table'])) {
// the forum seems to be installed
header('Location: ../');
exit;
}
}
// language already selected?
if(empty($language_file)) {
// get available languages:
$handle = opendir('../lang/');
while ($file = readdir($handle)) {
if (strrchr($file, ".") == ".lang") {
$file_array[] = $file;
}
}
closedir($handle);
natcasesort($file_array);
$i = 0;
foreach ($file_array as $file) {
$language_files[$i]['file'] = $file;
$language_files[$i]['language'] = ucfirst(str_replace(".lang","",$file));
$language_parts = explode('.', $language_files[$i]['language']);
if (isset($language_parts[1]))
$language_files[$i]['language'] = $language_parts[0].' ('.$language_parts[1].')';
$i++;
}
if (empty($language_files)) die('No language file available.');
elseif (count($language_files) == 1) {
// there's only one language file so take this one:
$language_file = $language_files[0]['file'];
} else {
// there are several language files so let the user choose one:
$action = 'choose_language';
}
}
// set provisional language file:
if (empty($language_file)) $language_file = 'english.lang';
if (isset($language_file)) {
if(!file_exists('../lang/'.$language_file) && isset($language_files[0]['file'])) $language_file = $language_files[0]['file'];
if(!file_exists('../lang/'.$language_file)) die('Language file not available.');
// quick & dirty method to get the config vars without smarty (prevents
// creation of a compiled template which would only be used once for the
// installation - doesn't get multi-line-strings properly!):
$config_file = file('../lang/'.$language_file);
foreach ($config_file as $line) {
$line = trim($line);
if ($line != '' && $line[0] != '[') {
$line_parts = explode('=', $line,2);
if (isset($line_parts[1])) {
$key = trim($line_parts[0]);
if (isset($lang[$key])) {
if(is_array($lang[$key])) {
$lang[$key][] = trim($line_parts[1]);
} else {
$lang[$key] = array($lang[$key]);
$lang[$key][] = trim($line_parts[1]);
}
} else {
$lang[$key] = trim($line_parts[1]);
}
}
}
}
}
if (isset($_POST['install_submit'])) {
// are all fields filled out?
foreach ($_POST as $post) {
if (trim($post) == "") {
$errors[] = $lang['error_form_uncomplete'];
break;
}
}
if (empty($errors)) {
if ($_POST['admin_pw'] != $_POST['admin_pw_conf']) $errors[] = $lang['error_conf_pw'];
}
// try to connect the database with posted access data:
if (empty($errors)) {
$connid = @mysqli_connect($_POST['host'], $_POST['user'], $_POST['password']);
if (!$connid) $errors[] = $lang['error_db_connection']." (MySQL: ".mysqli_connect_error().")";
}
if (empty($errors)) {
if (!file_exists('install.sql')) $errors[] = $lang['error_sql_file_doesnt_exist'];
}
// overwrite database settings file:
if(empty($errors) && empty($_POST['dont_overwrite_settings'])) {
// Keys of database array
$db_connection_keys = array('host', 'user', 'password', 'database');
$db_setting_keys = array(
'settings_table' => 'settings',
'forum_table' => 'entries',
'category_table' => 'categories',
'userdata_table' => 'userdata',
'smilies_table' => 'smilies',
'pages_table' => 'pages',
'banlists_table' => 'banlists',
'useronline_table' => 'useronline',
'login_control_table' => 'logincontrol',
'entry_cache_table' => 'entries_cache',
'userdata_cache_table' => 'userdata_cache',
'bookmark_table' => 'bookmarks',
'read_status_table' => 'read_entries',
'temp_infos_table' => 'temp_infos',
'tags_table' => 'tags',
'bookmark_tags_table' => 'bookmark_tags',
'entry_tags_table' => 'entry_tags',
'subscriptions_table' => 'subscriptions',
'b8_wordlist_table' => 'b8_wordlist',
'b8_rating_table' => 'b8_rating',
'akismet_rating_table' => 'akismet_rating',
'uploads_table' => 'uploads'
);
clearstatcache();
$chmod = decoct(fileperms("../config/db_settings.php"));
foreach ($db_connection_keys as $key) {
// Check POST-data and reject data that contains html or php code like $value) {
$db_settings[$key] = $_POST['table_prefix'] . $value;
fwrite($db_settings_file, "\$db_settings['".$key."'] = '".addslashes($db_settings[$key])."';\n");
}
fwrite($db_settings_file, "?".">\n");
flock($db_settings_file, 3);
fclose($db_settings_file);
}
}
if (empty($errors) && isset($_POST['create_database'])) {
// create database if desired:
@mysqli_query($connid, "CREATE DATABASE ".$db_settings['database']) or $errors[] = $lang['create_db_error']." (MySQL: ".mysqli_error($connid).")";
}
// select database:
if (empty($errors)) {
@mysqli_select_db($connid, $db_settings['database']) or $errors[] = $lang['error_db_inexistent']." (MySQL: ".mysqli_error($connid).")";
@mysqli_query($connid, 'SET NAMES utf8');
}
// run installation sql file:
if(empty($errors)) {
if (!isset($_POST['table_prefix']) || $_POST['table_prefix'] != strip_tags($_POST['table_prefix'])) {
$errors[] = $lang['error_form_uncomplete'];
} else {
$lines = file('install.sql');
$cleared_lines = array();
foreach($lines as $line) {
$line = str_replace(' mlf2_', ' '.$_POST['table_prefix'], $line);
$line = trim($line);
if (my_substr($line, -1, my_strlen($line,$lang['charset']), $lang['charset']) == ';')
$line = my_substr($line,0,-1,$lang['charset']);
if($line != '' && my_substr($line,0,1,$lang['charset']) != '#')
$cleared_lines[] = $line;
}
@mysqli_query($connid, "START TRANSACTION") or die(mysqli_error($connid));
foreach ($cleared_lines as $line) {
if (!@mysqli_query($connid, $line)) {
$errors[] = $lang['error_sql']." (MySQL: ".mysqli_error($connid).")";
}
}
if (!@mysqli_query($connid, "INSERT INTO " . $db_settings['temp_infos_table'] . " (`name`, `value`) VALUES ('version', '". mysqli_real_escape_string($connid, $newVersion) ."');")) {
$errors[] = $lang['error_sql']." (MySQL: ".mysqli_error($connid).")";
}
@mysqli_query($connid, "COMMIT");
}
}
// insert admin in userdata table:
if (empty($errors)) {
$pw_hash = generate_pw_hash($_POST['admin_pw']);
@mysqli_query($connid, "UPDATE ".$db_settings['userdata_table']." SET user_name='".mysqli_real_escape_string($connid, $_POST['admin_name'])."', user_pw = '".mysqli_real_escape_string($connid, $pw_hash)."', user_email = '".mysqli_real_escape_string($connid, $_POST['admin_email'])."' WHERE user_id=1") or $errors[] = $lang['error_create_admin']." (MySQL: ".mysqli_error($connid).")";
}
// set forum name, address and email address:
if (empty($errors)) {
@mysqli_query($connid, "UPDATE ".$db_settings['settings_table']." SET value='".mysqli_real_escape_string($connid, $_POST['forum_name'])."' WHERE name='forum_name' LIMIT 1") or $errors[] = $lang['error_update_settings']." (MySQL: ".mysqli_error($connid).")";
@mysqli_query($connid, "UPDATE ".$db_settings['settings_table']." SET value='".mysqli_real_escape_string($connid, $_POST['forum_address'])."' WHERE name='forum_address' LIMIT 1") or $errors[] = $lang['error_update_settings']." (MySQL: ".mysqli_error($connid).")";
@mysqli_query($connid, "UPDATE ".$db_settings['settings_table']." SET value='".mysqli_real_escape_string($connid, $_POST['forum_email'])."' WHERE name='forum_email' LIMIT 1") or $errors[] = $lang['error_update_settings']." (MySQL: ".mysqli_error($connid).")";
@mysqli_query($connid, "UPDATE ".$db_settings['settings_table']." SET value='".mysqli_real_escape_string($connid, $_POST['language_file'])."' WHERE name='language_file' LIMIT 1") or $errors[] = $lang['error_update_settings']." (MySQL: ".mysqli_error($connid).")";
}
if (empty($errors)) {
header('Location: ../');
exit;
}
}
if (empty($action)) $action = 'install';
header('Content-Type: text/html; charset='.$lang['charset']);
?>
my little forum - <?php echo $lang['installation_title']; ?>
my little forum - Installation