install.php 15 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421
  1. <?php
  2. // This file is part of GNU social - https://www.gnu.org/software/social
  3. //
  4. // GNU social is free software: you can redistribute it and/or modify
  5. // it under the terms of the GNU Affero General Public License as published by
  6. // the Free Software Foundation, either version 3 of the License, or
  7. // (at your option) any later version.
  8. //
  9. // GNU social is distributed in the hope that it will be useful,
  10. // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11. // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  12. // GNU Affero General Public License for more details.
  13. //
  14. // You should have received a copy of the GNU Affero General Public License
  15. // along with GNU social. If not, see <http://www.gnu.org/licenses/>.
  16. /**
  17. * Web Installer
  18. *
  19. * @package Installation
  20. * @author Adrian Lang <mail@adrianlang.de>
  21. * @author Brenda Wallace <shiny@cpan.org>
  22. * @author Brett Taylor <brett@webfroot.co.nz>
  23. * @author Brion Vibber <brion@pobox.com>
  24. * @author CiaranG <ciaran@ciarang.com>
  25. * @author Craig Andrews <candrews@integralblue.com>
  26. * @author Eric Helgeson <helfire@Erics-MBP.local>
  27. * @author Evan Prodromou <evan@status.net>
  28. * @author Mikael Nordfeldth <mmn@hethane.se>
  29. * @author Robin Millette <millette@controlyourself.ca>
  30. * @author Sarven Capadisli <csarven@status.net>
  31. * @author Tom Adams <tom@holizz.com>
  32. * @author Zach Copley <zach@status.net>
  33. * @author Diogo Cordeiro <diogo@fc.up.pt>
  34. * @copyright 2019 Free Software Foundation, Inc http://www.fsf.org
  35. * @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
  36. */
  37. define('INSTALLDIR', dirname(__DIR__));
  38. define('PUBLICDIR', INSTALLDIR . DIRECTORY_SEPARATOR . 'public');
  39. require INSTALLDIR . '/lib/installer.php';
  40. /**
  41. * Helper class for building form
  42. */
  43. class Posted
  44. {
  45. /**
  46. * HTML-friendly escaped string for the POST param of given name, or empty.
  47. * @param string $name
  48. * @return string
  49. */
  50. public function value(string $name): string
  51. {
  52. return htmlspecialchars($this->string($name));
  53. }
  54. /**
  55. * The given POST parameter value, forced to a string.
  56. * Missing value will give ''.
  57. *
  58. * @param string $name
  59. * @return string
  60. */
  61. public function string(string $name): string
  62. {
  63. return strval($this->raw($name));
  64. }
  65. /**
  66. * The given POST parameter value, in its original form.
  67. * Magic quotes are stripped, if provided.
  68. * Missing value will give null.
  69. *
  70. * @param string $name
  71. * @return mixed
  72. */
  73. public function raw(string $name)
  74. {
  75. if (isset($_POST[$name])) {
  76. return $this->dequote($_POST[$name]);
  77. } else {
  78. return null;
  79. }
  80. }
  81. /**
  82. * If necessary, strip magic quotes from the given value.
  83. *
  84. * @param mixed $val
  85. * @return mixed
  86. */
  87. public function dequote($val)
  88. {
  89. if (get_magic_quotes_gpc()) {
  90. if (is_string($val)) {
  91. return stripslashes($val);
  92. } elseif (is_array($val)) {
  93. return array_map([$this, 'dequote'], $val);
  94. }
  95. }
  96. return $val;
  97. }
  98. }
  99. /**
  100. * Web-based installer: provides a form and such.
  101. */
  102. class WebInstaller extends Installer
  103. {
  104. /**
  105. * the actual installation.
  106. * If call libraries are present, then install
  107. *
  108. * @return void
  109. */
  110. public function main()
  111. {
  112. if (!$this->checkPrereqs()) {
  113. $this->warning(_('Please fix the above stated problems and refresh this page to continue installing.'));
  114. return;
  115. }
  116. if ($_SERVER['REQUEST_METHOD'] == 'POST') {
  117. $this->handlePost();
  118. } else {
  119. $this->showForm();
  120. }
  121. }
  122. /**
  123. * Web implementation of warning output
  124. * @param string $message
  125. * @param string $submessage
  126. */
  127. public function warning(string $message, string $submessage = '')
  128. {
  129. print "<p class=\"error\">$message</p>\n";
  130. if ($submessage != '') {
  131. print "<p>$submessage</p>\n";
  132. }
  133. }
  134. /**
  135. * Web implementation of status output
  136. * @param string $status
  137. * @param bool $error
  138. */
  139. public function updateStatus(string $status, bool $error = false)
  140. {
  141. echo '<li' . ($error ? ' class="error"' : '') . ">$status</li>";
  142. }
  143. /**
  144. * Show the web form!
  145. */
  146. public function showForm()
  147. {
  148. global $dbModules;
  149. $post = new Posted();
  150. $dbRadios = '';
  151. $dbtype = $post->raw('dbtype');
  152. foreach (self::$dbModules as $type => $info) {
  153. if (extension_loaded($info['check_module'])) {
  154. if ($dbtype == null || $dbtype == $type) {
  155. $checked = 'checked="checked" ';
  156. $dbtype = $type; // if we didn't have one checked, hit the first
  157. } else {
  158. $checked = '';
  159. }
  160. $dbRadios .= sprintf(
  161. '<input type="radio" name="dbtype" id="dbtype-%1$s" value="%1$s" %2$s/>%3$s<br>',
  162. htmlspecialchars($type),
  163. $checked,
  164. htmlspecialchars($info['name'])
  165. );
  166. }
  167. }
  168. $ssl = ['always' => null, 'never' => null];
  169. if (!empty($_SERVER['HTTPS'])) {
  170. $ssl['always'] = 'checked="checked"';
  171. } else {
  172. $ssl['never'] = 'checked="checked"';
  173. }
  174. echo <<<E_O_T
  175. <form method="post" action="install.php" class="form_settings" id="form_install">
  176. <fieldset>
  177. <fieldset id="settings_site">
  178. <legend>Site settings</legend>
  179. <ul class="form_data">
  180. <li>
  181. <label for="sitename">Site name</label>
  182. <input type="text" id="sitename" name="sitename" value="{$post->value('sitename')}">
  183. <p class="form_guide">The name of your site</p>
  184. </li>
  185. <li>
  186. <label for="fancy-enable">Fancy URLs</label>
  187. <input type="radio" name="fancy" id="fancy-enable" value="enable" checked='checked'> enable<br>
  188. <input type="radio" name="fancy" id="fancy-disable" value=""> disable<br>
  189. <p class="form_guide" id='fancy-form_guide'>Enable fancy (pretty) URLs. Auto-detection failed, it depends on Javascript.</p>
  190. </li>
  191. <li>
  192. <label for="ssl">Server SSL</label>
  193. <input type="radio" name="ssl" id="ssl-always" value="always" {$ssl['always']}> enable<br>
  194. <input type="radio" name="ssl" id="ssl-never" value="never" {$ssl['never']}> disable<br>
  195. <p class="form_guide" id="ssl-form_guide">Enabling SSL (https://) requires extra webserver configuration and certificate generation not offered by this installation.</p>
  196. </li>
  197. </ul>
  198. </fieldset>
  199. <fieldset id="settings_db">
  200. <legend>Database settings</legend>
  201. <ul class="form_data">
  202. <li>
  203. <label for="host">Hostname</label>
  204. <input type="text" id="host" name="host" value="{$post->value('host')}">
  205. <p class="form_guide">Database hostname</p>
  206. </li>
  207. <li>
  208. <label for="dbtype">Type</label>
  209. {$dbRadios}
  210. <p class="form_guide">Database type</p>
  211. </li>
  212. <li>
  213. <label for="database">Name</label>
  214. <input type="text" id="database" name="database" value="{$post->value('database')}">
  215. <p class="form_guide">Database name</p>
  216. </li>
  217. <li>
  218. <label for="dbusername">DB username</label>
  219. <input type="text" id="dbusername" name="dbusername" value="{$post->value('dbusername')}">
  220. <p class="form_guide">Database username</p>
  221. </li>
  222. <li>
  223. <label for="dbpassword">DB password</label>
  224. <input type="password" id="dbpassword" name="dbpassword" value="{$post->value('dbpassword')}">
  225. <p class="form_guide">Database password (optional)</p>
  226. </li>
  227. </ul>
  228. </fieldset>
  229. <fieldset id="settings_admin">
  230. <legend>Administrator settings</legend>
  231. <ul class="form_data">
  232. <li>
  233. <label for="admin_nickname">Administrator nickname</label>
  234. <input type="text" id="admin_nickname" name="admin_nickname" value="{$post->value('admin_nickname')}">
  235. <p class="form_guide">Nickname for the initial user (administrator)</p>
  236. </li>
  237. <li>
  238. <label for="admin_password">Administrator password</label>
  239. <input type="password" id="admin_password" name="admin_password" value="{$post->value('admin_password')}">
  240. <p class="form_guide">Password for the initial user (administrator)</p>
  241. </li>
  242. <li>
  243. <label for="admin_password2">Confirm password</label>
  244. <input type="password" id="admin_password2" name="admin_password2" value="{$post->value('admin_password2')}">
  245. </li>
  246. <li>
  247. <label for="admin_email">Administrator e-mail</label>
  248. <input id="admin_email" name="admin_email" value="{$post->value('admin_email')}">
  249. <p class="form_guide">Optional email address for the initial user (administrator)</p>
  250. </li>
  251. </ul>
  252. </fieldset>
  253. <fieldset id="settings_profile">
  254. <legend>Site profile</legend>
  255. <ul class="form_data">
  256. <li>
  257. <label for="site_profile">Type of site</label>
  258. <select id="site_profile" name="site_profile">
  259. <option value="community">Community</option>
  260. <option value="public">Public (open registration)</option>
  261. <option value="singleuser">Single User</option>
  262. <option value="private">Private (no federation)</option>
  263. </select>
  264. <p class="form_guide">Initial access settings for your site</p>
  265. </li>
  266. </ul>
  267. </fieldset>
  268. <input type="submit" name="submit" class="submit" value="Submit">
  269. </fieldset>
  270. </form>
  271. E_O_T;
  272. }
  273. /**
  274. * Handle a POST submission... if we have valid input, start the install!
  275. * Otherwise shows the form along with any error messages.
  276. */
  277. public function handlePost()
  278. {
  279. echo <<<STR
  280. <dl class="system_notice">
  281. <dt>Page notice</dt>
  282. <dd>
  283. <ul>
  284. STR;
  285. $this->validated = $this->prepare();
  286. if ($this->validated) {
  287. $this->doInstall();
  288. }
  289. echo <<<STR
  290. </ul>
  291. </dd>
  292. </dl>
  293. STR;
  294. if (!$this->validated) {
  295. $this->showForm();
  296. }
  297. }
  298. /**
  299. * Read and validate input data.
  300. * May output side effects.
  301. *
  302. * @return bool success
  303. */
  304. public function prepare(): bool
  305. {
  306. $post = new Posted();
  307. $this->host = $post->string('host');
  308. $this->dbtype = $post->string('dbtype');
  309. $this->database = $post->string('database');
  310. $this->username = $post->string('dbusername');
  311. $this->password = $post->string('dbpassword');
  312. $this->sitename = $post->string('sitename');
  313. $this->fancy = (bool)$post->string('fancy');
  314. $this->adminNick = strtolower($post->string('admin_nickname'));
  315. $this->adminPass = $post->string('admin_password');
  316. $adminPass2 = $post->string('admin_password2');
  317. $this->adminEmail = $post->string('admin_email');
  318. $this->siteProfile = $post->string('site_profile');
  319. $this->ssl = $post->string('ssl');
  320. $this->server = $_SERVER['HTTP_HOST'];
  321. $this->path = substr(dirname($_SERVER['PHP_SELF']), 1);
  322. $fail = false;
  323. if (!$this->validateDb()) {
  324. $fail = true;
  325. }
  326. if (!$this->validateAdmin()) {
  327. $fail = true;
  328. }
  329. if ($this->adminPass != $adminPass2) {
  330. $this->updateStatus("Administrator passwords do not match. Did you mistype?", true);
  331. $fail = true;
  332. }
  333. if (!in_array($this->ssl, ['never', 'always'])) {
  334. $this->updateStatus("Bad value for server SSL enabling.");
  335. $fail = true;
  336. }
  337. if (!$this->validateSiteProfile()) {
  338. $fail = true;
  339. }
  340. return !$fail;
  341. }
  342. }
  343. ?>
  344. <!DOCTYPE html>
  345. <html lang="en">
  346. <head>
  347. <title>Install GNU social</title>
  348. <link rel="shortcut icon" href="favicon.ico">
  349. <link rel="stylesheet" type="text/css" href="theme/base/css/display.css" media="screen, projection, tv">
  350. <link rel="stylesheet" type="text/css" href="theme/neo/css/display.css" media="screen, projection, tv">
  351. <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
  352. <script src="js/extlib/jquery.js"></script>
  353. <script src="js/install.js"></script>
  354. </head>
  355. <body id="install">
  356. <div id="wrap">
  357. <div id="header">
  358. <address id="site_contact" class="h-card">
  359. <a class="u-url p-name home bookmark org" href=".">
  360. <img class="logo u-photo" src="theme/neo/logo.png" alt="GNU social"/>
  361. GNU social
  362. </a>
  363. </address>
  364. <div id="site_nav_global_primary"></div>
  365. </div>
  366. <div id="core">
  367. <div id="aside_primary_wrapper">
  368. <div id="content_wrapper">
  369. <div id="site_nav_local_views_wrapper">
  370. <div id="site_nav_local_views"></div>
  371. <div id="content">
  372. <div id="content_inner">
  373. <h1>Install GNU social</h1>
  374. <?php
  375. $installer = new WebInstaller();
  376. $installer->main();
  377. ?>
  378. </div>
  379. </div>
  380. <div id="aside_primary" class="aside"></div>
  381. </div>
  382. </div>
  383. </div>
  384. </div>
  385. <div id="footer"></div>
  386. </div>
  387. </body>
  388. </html>