View file setup/index.php

File size: 10.26Kb
<?php
/**********************************
*	@package: PerfCMS			  *
*	@year: 2012					  *
*	@author: Artas				  *
*	@link: http://perfcms.ru	  *
**********************************/
session_name('PSID');
session_start();
// error_reporting(0);
define('SYS', realpath(dirname(__FILE__)).'/system');
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="uk" lang="uk">
<head>
<title>Installing PerfCMS 1.5.1</title>
<link href="/template/themes/wap/default/style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div class="main">
<div class="panel">Installing PerfCMS 1.5.1</div>
<?
if(file_exists('../system/ini/db.ini') && !file_exists('../system/ini/install.txt')) {
	echo '<div class="post">
			PerfCMS already installed!
		</div>
		<div class="block">
			<a href="/">Home Page</a>
		</div>';
	} else {
if(!isset($_GET['lang'])) {
echo '<div class="post">
	Choose Installing language:<br/>
	<a href="/setup/?lang=uk">Українська</a><br/>
	<a href="/setup/?lang=ru">Русский</a><br/>
	<a href="/setup/?lang=en">English</a><br/>
	</div>';
	} 
else
	{
	if(file_exists('lang/'. trim($_GET['lang']).'.ini')) {
		$lang = parse_ini_file('lang/'. trim($_GET['lang']).'.ini');
		$lng = trim($_GET['lang']);
	} else {
		$lang = parse_ini_file('lang/en.ini');
		$lng = 'en';
	}
if(isset($_GET['lang']) && !isset($_GET['act'])) {
echo '<div class="post">'. $lang['welcome'] .'<br/>
		[ <a href="/setup/?act=start&amp;lang='. $lng .'">'. $lang['agree'] .'</a> | <a href="/setup/">'. $lang['nagree'] .'</a> ]</div>';
	} 
elseif(isset($_GET['lang']) && $_GET['act'] == 'start')
	{
		$chmods =  array('../files/', '../files/share/', '../files/avatars/', '../files/forum/', '../system/ini/', '../system/lang/', '../system/lang/uk/', '../system/lang/en/', '../system/lang/ru/', '../tmp/');
		echo '<div class="post">
		<table>
		<tr>
		<td><b>'. $lang['fdir'] .'</b></td>
		<td><b>'. $lang['chmods'] .'</b></td>
		</tr>
		<tr>';
		 foreach ($chmods as $chmod) {
        echo '<tr>
        <td>'. str_replace('../', '', $chmod) .'</td>';
        
        if (is_writable(trim($chmod))) {
          echo '<td><span style="color: green"><b>OK (777)</b></span></td>';
		  $err = false;
        } else {
          echo '<td><span style="color: red">'.$lang['must_chmods'].' 777</span></td>';
                    
          $err = TRUE;
        }
        echo '</tr>';
      }
      echo '</tr>
      </table>
      '. ($err == TRUE?'<a href="?act=start&amp;lang='. $lng .'">'.$lang['refresh'].'</a>':'<a href="?act=db&amp;lang='. $lng .'">'.$lang['next'].'</a>') .'    
      </div>
      <div class="block">
      <a href="?lang='. $lng .'">'.$lang['back'].'</a>
      </div>';
	} 
elseif(isset($_GET['lang']) && $_GET['act'] == 'db')
	{
	if (isset($_POST['go'])) {
        $host = htmlspecialchars(trim($_POST['host']));
        $user = htmlspecialchars(trim($_POST['user']));
        $pass = htmlspecialchars(trim($_POST['pass']));
        $base = htmlspecialchars(trim($_POST['base']));
        
        if (empty($host)) $err .= $lang['empty_host'].'<br />';
        if (empty($user)) $err .= $lang['empty_user'].'<br />';
        if (empty($base)) $err .= $lang['empty_base'].'<br />';
        if(!isset($err)) {
        try {
				$db = new PDO('mysql:dbname='.$_POST['base'].';host='. $_POST['host'], $_POST['user'], $_POST['pass']);
			} catch (PDOException $e) {
					echo 'Connection failed: ' . $e->getMessage();
			}
        }
        if (!isset($err)) {
          $db->query("SET NAMES utf8");
          $cini =    "host = \"$host\";\n"	
					."user = \"$user\";\n"
					."pass = \"$pass\";\n"
					."base = \"$base\";\n";
			file_put_contents('../system/ini/db.ini', $cini);
			$dump = file_get_contents('./setup.sql');
			$queryes = explode('-- --------------------------------------------------------', $dump);
			foreach($queryes as $query) {
                	$db->query(trim($query));
               	}
          
          echo '<div class="title">'.$lang['c_create'].'</div>
          <div class="menu">
          '.$lang['after_t'].'<br />
          <a href="?act=admin&amp;lang='. $lng .'">'.$lang['next'].'</a>
          </div>
          
          <div class="block">
          <a href="?act=db&amp;lang='. $lng .'">'.$lang['back'].'</a>
          </div>
          <div class="footer">PerfCMS 1.5.1, 2012</div>
</div>
</body>
</html>';
    
          exit();
        }
      }
      
      if (isset($err)) echo '<div class="error">'. $err .'</div>';
    
      echo '<form method="post" action="?act=db&amp;lang='. $lng .'">
      <div class="title">'.$lang['connection'].'</div>
      <div class="menu">
      '.$lang['host'].':<br />
      <input type="text" name="host" value="localhost" /><br />
      '.$lang['user'].':<br />
      <input type="text" name="user" /><br />
      '.$lang['pass'].':<br />
      <input type="password" name="pass" /><br />
      '.$lang['base'].':<br />
      <input type="text" name="base" /><br />
      <input type="submit" name="go" value="'.$lang['send'].'" />
      </div>
      </form>
      
      <div class="block">
      <a href="?act=start&amp;lang='. $lng .'">'.$lang['back'].'</a>
      </div>';
	}
elseif(isset($_GET['lang']) && $_GET['act'] == 'admin')
	{
	if (isset($_POST['reg_admin'])) {
        $nick = htmlspecialchars(trim($_POST['nick']));
        $name = htmlspecialchars(trim($_POST['name']));
        $email = htmlspecialchars(trim($_POST['email']));
        $password = htmlspecialchars(trim($_POST['password']));
        $password2 = htmlspecialchars(trim($_POST['password2']));
        
        if (empty($nick)) $err .= $lang['no_nick'].'<br />';
        if (empty($name)) $err .= $lang['no_name'].'<br />';
        if (empty($email)) $err .= $lang['no_email'].'<br />';
        if (empty($password)) $err .= $lang['no_pass'].'<br />';
        if (empty($password2)) $err .= $lang['no_pass2'].'<br />';
        
        if (!empty($nick) && (mb_strlen($nick, 'UTF-8') < 3 || mb_strlen($nick, 'UTF-8') > 32)) $err .= $lang['e_nick'].'<br />';        
        if (!empty($nick) && !preg_match("#^([A-zА-я0-9\-\_\ ])+$#ui", $nick)) $err .= $lang['b_nick'].'<br />';        
        if (!empty($name) && (mb_strlen($name, 'UTF-8') > 32)) $err .= $lang['e_name'].'<br />';        
        if (!empty($email) && (mb_strlen($email, 'UTF-8') < 3 || mb_strlen($email, 'UTF-8') > 72)) $err .= $lang['b_mail'].'<br />';
        if (!empty($email) && !preg_match('|^([a-z0-9_\.\-]{1,20})@([a-z0-9\.\-]{1,20})\.([a-z]{2,4})$|ius', $email)) $err .= $lang['e_email'].'<br />';        
        if (!empty($password) && (mb_strlen($password, 'UTF-8') < 5 || mb_strlen($password, 'UTF-8') > 64)) $err .= $lang['e_pass'].'<br />';        
        if (!empty($password) && !empty($password2) && $password != $password2) $err .= $lang['e_pass2'].'<br />';        
        if (!isset($err)) {

          function crypto($var) {
            return md5(base64_encode($var) .'_PerfCMS_');
          }
        
          # Кодуємо пароль
          $password = crypto($password);
          
          $mysql = parse_ini_file('../system/ini/db.ini');
			try {
				$db = new PDO('mysql:dbname='.$mysql['base'].';host='. $mysql['host'], $mysql['user'], $mysql['pass']);
			} catch (PDOException $e) {
					echo 'Connection failed: ' . $e->getMessage();
			}
          $db->query("SET NAMES utf8");
        
		function escape($inp)
	{ 
     if(is_array($inp)) 
         return array_map(__METHOD__, $inp); 

     if(!empty($inp) && is_string($inp)) { 
         return str_replace(array('\\', "\0", "\n", "\r", "'", '"', "\x1a"), array('\\', '\0', '\n', '\r', "\'", '\"', '\Z'), $inp); 
     } 

     return $inp; 
	}
		
          # Запит на реєстрацію
          $db->query("INSERT INTO `users` SET `name` = '". escape(trim($name)) ."', `nick` = '". escape(trim($nick)) ."', `password` = '". escape(trim($password)) ."', `reg_time` = '". time() ."', `time` = '". time() ."', `email` = '". escape(trim($email)) ."', `level` = '7', `gender`='0'");
		  $language = $lng;
		  $db->query("INSERT INTO `settings` SET `user_id` = '". $db->lastInsertId() ."', `lang` = '". $language ."', `ames` = '10', `theme` = 'default', `web_theme` = 'default', `fast_mess` = 'no', `view_profile` = 'all', `show_email` = 'no', `timezone` = 'Europe/Kiev'");
		  $db->query("UPDATE `system` SET `lang` = '$language'");
		  // print_r($db->errorInfo());
          unlink('../system/ini/install.txt');
          session_destroy();
          
          echo '<div class="title">'.$lang['end_i'].'</div>
          <div class="menu">
          '.$lang['end_i_t'].' <b>/setup/</b>.<br />
          <a href="/sign_in/?nick='. $nick .'&amp;password='. $password2 .'">'.$lang['go_site'].'</a>
          </div>
          
          <div class="block">
          <a href="?act=admin&amp;lang='. $lng .'">'.$lang['back'].'</a>
          </div>          
          </div>
		  <div class="footer">PerfCMS 1.5.1, 2012</div>
</div>
</body>
</html>';
    
          exit();
        }         
      }
    
      if (isset($err)) echo '<div class="err">'. $err .'</div>';
      
      echo '<form method="post" action="?act=admin&amp;lang='. $lng .'">
      <div class="title">Administration Registration</div>
      <div class="menu">
      '.$lang['nick'].':<br />
      <input type="text" name="nick" value="'. htmlspecialchars($_POST['nick']) .'" /><br />
      '.$lang['name'].':<br />
      <input type="text" name="name" value="'. htmlspecialchars($_POST['name']) .'" /><br />
      E-Mail:<br />
      <input type="text" name="email" value="'. htmlspecialchars($_POST['email']) .'" /><br />
      '.$lang['password'].':<br />
      <input type="password" name="password" /><br />
      '.$lang['password2'].':<br />
      <input type="password" name="password2" /><br />
      <input type="submit" name="reg_admin" value="'.$lang['sign_up'].'" />
      </div>
      </form>
      
      <div class="block">
      <a href="?act=db&amp;lang='. $lng .'">'.$lang['back'].'</a>
      </div>';

  }
}
}
?>
<div class="footer">PerfCMS 1.5.1, 2012</div>
</div>
</body>
</html>