<?php
/**********************************
* @package: PerfCMS *
* @year: 2012 *
* @author: Artas *
* @link: http://perfcms.ru *
**********************************/
session_name('PSID');
session_start();
// error_reporting(0);
define('SYS', realpath(dirname(__FILE__)).'/system');
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="uk" lang="uk">
<head>
<title>Installing PerfCMS 1.5.1</title>
<link href="/template/themes/wap/default/style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div class="main">
<div class="panel">Installing PerfCMS 1.5.1</div>
<?
if(file_exists('../system/ini/db.ini') && !file_exists('../system/ini/install.txt')) {
echo '<div class="post">
PerfCMS already installed!
</div>
<div class="block">
<a href="/">Home Page</a>
</div>';
} else {
if(!isset($_GET['lang'])) {
echo '<div class="post">
Choose Installing language:<br/>
<a href="/setup/?lang=uk">Українська</a><br/>
<a href="/setup/?lang=ru">Русский</a><br/>
<a href="/setup/?lang=en">English</a><br/>
</div>';
}
else
{
if(file_exists('lang/'. trim($_GET['lang']).'.ini')) {
$lang = parse_ini_file('lang/'. trim($_GET['lang']).'.ini');
$lng = trim($_GET['lang']);
} else {
$lang = parse_ini_file('lang/en.ini');
$lng = 'en';
}
if(isset($_GET['lang']) && !isset($_GET['act'])) {
echo '<div class="post">'. $lang['welcome'] .'<br/>
[ <a href="/setup/?act=start&lang='. $lng .'">'. $lang['agree'] .'</a> | <a href="/setup/">'. $lang['nagree'] .'</a> ]</div>';
}
elseif(isset($_GET['lang']) && $_GET['act'] == 'start')
{
$chmods = array('../files/', '../files/share/', '../files/avatars/', '../files/forum/', '../system/ini/', '../system/lang/', '../system/lang/uk/', '../system/lang/en/', '../system/lang/ru/', '../tmp/');
echo '<div class="post">
<table>
<tr>
<td><b>'. $lang['fdir'] .'</b></td>
<td><b>'. $lang['chmods'] .'</b></td>
</tr>
<tr>';
foreach ($chmods as $chmod) {
echo '<tr>
<td>'. str_replace('../', '', $chmod) .'</td>';
if (is_writable(trim($chmod))) {
echo '<td><span style="color: green"><b>OK (777)</b></span></td>';
$err = false;
} else {
echo '<td><span style="color: red">'.$lang['must_chmods'].' 777</span></td>';
$err = TRUE;
}
echo '</tr>';
}
echo '</tr>
</table>
'. ($err == TRUE?'<a href="?act=start&lang='. $lng .'">'.$lang['refresh'].'</a>':'<a href="?act=db&lang='. $lng .'">'.$lang['next'].'</a>') .'
</div>
<div class="block">
<a href="?lang='. $lng .'">'.$lang['back'].'</a>
</div>';
}
elseif(isset($_GET['lang']) && $_GET['act'] == 'db')
{
if (isset($_POST['go'])) {
$host = htmlspecialchars(trim($_POST['host']));
$user = htmlspecialchars(trim($_POST['user']));
$pass = htmlspecialchars(trim($_POST['pass']));
$base = htmlspecialchars(trim($_POST['base']));
if (empty($host)) $err .= $lang['empty_host'].'<br />';
if (empty($user)) $err .= $lang['empty_user'].'<br />';
if (empty($base)) $err .= $lang['empty_base'].'<br />';
if(!isset($err)) {
try {
$db = new PDO('mysql:dbname='.$_POST['base'].';host='. $_POST['host'], $_POST['user'], $_POST['pass']);
} catch (PDOException $e) {
echo 'Connection failed: ' . $e->getMessage();
}
}
if (!isset($err)) {
$db->query("SET NAMES utf8");
$cini = "host = \"$host\";\n"
."user = \"$user\";\n"
."pass = \"$pass\";\n"
."base = \"$base\";\n";
file_put_contents('../system/ini/db.ini', $cini);
$dump = file_get_contents('./setup.sql');
$queryes = explode('-- --------------------------------------------------------', $dump);
foreach($queryes as $query) {
$db->query(trim($query));
}
echo '<div class="title">'.$lang['c_create'].'</div>
<div class="menu">
'.$lang['after_t'].'<br />
<a href="?act=admin&lang='. $lng .'">'.$lang['next'].'</a>
</div>
<div class="block">
<a href="?act=db&lang='. $lng .'">'.$lang['back'].'</a>
</div>
<div class="footer">PerfCMS 1.5.1, 2012</div>
</div>
</body>
</html>';
exit();
}
}
if (isset($err)) echo '<div class="error">'. $err .'</div>';
echo '<form method="post" action="?act=db&lang='. $lng .'">
<div class="title">'.$lang['connection'].'</div>
<div class="menu">
'.$lang['host'].':<br />
<input type="text" name="host" value="localhost" /><br />
'.$lang['user'].':<br />
<input type="text" name="user" /><br />
'.$lang['pass'].':<br />
<input type="password" name="pass" /><br />
'.$lang['base'].':<br />
<input type="text" name="base" /><br />
<input type="submit" name="go" value="'.$lang['send'].'" />
</div>
</form>
<div class="block">
<a href="?act=start&lang='. $lng .'">'.$lang['back'].'</a>
</div>';
}
elseif(isset($_GET['lang']) && $_GET['act'] == 'admin')
{
if (isset($_POST['reg_admin'])) {
$nick = htmlspecialchars(trim($_POST['nick']));
$name = htmlspecialchars(trim($_POST['name']));
$email = htmlspecialchars(trim($_POST['email']));
$password = htmlspecialchars(trim($_POST['password']));
$password2 = htmlspecialchars(trim($_POST['password2']));
if (empty($nick)) $err .= $lang['no_nick'].'<br />';
if (empty($name)) $err .= $lang['no_name'].'<br />';
if (empty($email)) $err .= $lang['no_email'].'<br />';
if (empty($password)) $err .= $lang['no_pass'].'<br />';
if (empty($password2)) $err .= $lang['no_pass2'].'<br />';
if (!empty($nick) && (mb_strlen($nick, 'UTF-8') < 3 || mb_strlen($nick, 'UTF-8') > 32)) $err .= $lang['e_nick'].'<br />';
if (!empty($nick) && !preg_match("#^([A-zА-я0-9\-\_\ ])+$#ui", $nick)) $err .= $lang['b_nick'].'<br />';
if (!empty($name) && (mb_strlen($name, 'UTF-8') > 32)) $err .= $lang['e_name'].'<br />';
if (!empty($email) && (mb_strlen($email, 'UTF-8') < 3 || mb_strlen($email, 'UTF-8') > 72)) $err .= $lang['b_mail'].'<br />';
if (!empty($email) && !preg_match('|^([a-z0-9_\.\-]{1,20})@([a-z0-9\.\-]{1,20})\.([a-z]{2,4})$|ius', $email)) $err .= $lang['e_email'].'<br />';
if (!empty($password) && (mb_strlen($password, 'UTF-8') < 5 || mb_strlen($password, 'UTF-8') > 64)) $err .= $lang['e_pass'].'<br />';
if (!empty($password) && !empty($password2) && $password != $password2) $err .= $lang['e_pass2'].'<br />';
if (!isset($err)) {
function crypto($var) {
return md5(base64_encode($var) .'_PerfCMS_');
}
# Кодуємо пароль
$password = crypto($password);
$mysql = parse_ini_file('../system/ini/db.ini');
try {
$db = new PDO('mysql:dbname='.$mysql['base'].';host='. $mysql['host'], $mysql['user'], $mysql['pass']);
} catch (PDOException $e) {
echo 'Connection failed: ' . $e->getMessage();
}
$db->query("SET NAMES utf8");
function escape($inp)
{
if(is_array($inp))
return array_map(__METHOD__, $inp);
if(!empty($inp) && is_string($inp)) {
return str_replace(array('\\', "\0", "\n", "\r", "'", '"', "\x1a"), array('\\', '\0', '\n', '\r', "\'", '\"', '\Z'), $inp);
}
return $inp;
}
# Запит на реєстрацію
$db->query("INSERT INTO `users` SET `name` = '". escape(trim($name)) ."', `nick` = '". escape(trim($nick)) ."', `password` = '". escape(trim($password)) ."', `reg_time` = '". time() ."', `time` = '". time() ."', `email` = '". escape(trim($email)) ."', `level` = '7', `gender`='0'");
$language = $lng;
$db->query("INSERT INTO `settings` SET `user_id` = '". $db->lastInsertId() ."', `lang` = '". $language ."', `ames` = '10', `theme` = 'default', `web_theme` = 'default', `fast_mess` = 'no', `view_profile` = 'all', `show_email` = 'no', `timezone` = 'Europe/Kiev'");
$db->query("UPDATE `system` SET `lang` = '$language'");
// print_r($db->errorInfo());
unlink('../system/ini/install.txt');
session_destroy();
echo '<div class="title">'.$lang['end_i'].'</div>
<div class="menu">
'.$lang['end_i_t'].' <b>/setup/</b>.<br />
<a href="/sign_in/?nick='. $nick .'&password='. $password2 .'">'.$lang['go_site'].'</a>
</div>
<div class="block">
<a href="?act=admin&lang='. $lng .'">'.$lang['back'].'</a>
</div>
</div>
<div class="footer">PerfCMS 1.5.1, 2012</div>
</div>
</body>
</html>';
exit();
}
}
if (isset($err)) echo '<div class="err">'. $err .'</div>';
echo '<form method="post" action="?act=admin&lang='. $lng .'">
<div class="title">Administration Registration</div>
<div class="menu">
'.$lang['nick'].':<br />
<input type="text" name="nick" value="'. htmlspecialchars($_POST['nick']) .'" /><br />
'.$lang['name'].':<br />
<input type="text" name="name" value="'. htmlspecialchars($_POST['name']) .'" /><br />
E-Mail:<br />
<input type="text" name="email" value="'. htmlspecialchars($_POST['email']) .'" /><br />
'.$lang['password'].':<br />
<input type="password" name="password" /><br />
'.$lang['password2'].':<br />
<input type="password" name="password2" /><br />
<input type="submit" name="reg_admin" value="'.$lang['sign_up'].'" />
</div>
</form>
<div class="block">
<a href="?act=db&lang='. $lng .'">'.$lang['back'].'</a>
</div>';
}
}
}
?>
<div class="footer">PerfCMS 1.5.1, 2012</div>
</div>
</body>
</html>