aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs/Module/Setup.php
diff options
context:
space:
mode:
Diffstat (limited to 'Zotlabs/Module/Setup.php')
-rw-r--r--Zotlabs/Module/Setup.php737
1 files changed, 737 insertions, 0 deletions
diff --git a/Zotlabs/Module/Setup.php b/Zotlabs/Module/Setup.php
new file mode 100644
index 000000000..802f0c216
--- /dev/null
+++ b/Zotlabs/Module/Setup.php
@@ -0,0 +1,737 @@
+<?php
+namespace Zotlabs\Module;
+/**
+ * @file mod/setup.php
+ *
+ * Controller for the initial setup/installation.
+ *
+ * @todo This setup module could need some love and improvements.
+ */
+
+
+/**
+ * @brief Initialisation for the setup module.
+ *
+ */
+
+class Setup extends \Zotlabs\Web\Controller {
+
+ private static $install_wizard_pass = 1;
+
+
+ function init() {
+
+ // Ensure that if somebody hasn't read the install documentation and doesn't have all
+ // the required modules or has a totally borked shared hosting provider and they can't
+ // figure out what the hell is going on - that we at least spit out an error message which
+ // we can inquire about when they write to tell us that our software doesn't work.
+
+ // The worst thing we can do at this point is throw a white screen of death and rely on
+ // them knowing about servers and php modules and logfiles enough so that we can guess
+ // at the source of the problem. As ugly as it may be, we need to throw a technically worded
+ // PHP error message in their face. Once installation is complete application errors will
+ // throw a white screen because these error messages divulge information which can
+ // potentially be useful to hackers.
+
+ error_reporting(E_ERROR | E_WARNING | E_PARSE );
+ ini_set('log_errors', '0');
+ ini_set('display_errors', '1');
+
+ // $baseurl/setup/testrwrite to test if rewite in .htaccess is working
+ if (argc() == 2 && argv(1) == "testrewrite") {
+ echo 'ok';
+ killme();
+ }
+
+ if (x($_POST, 'pass'))
+ $this->install_wizard_pass = intval($_POST['pass']);
+ else
+ $this->install_wizard_pass = 1;
+
+ }
+
+ /**
+ * @brief Handle the actions of the different setup steps.
+ *
+ */
+
+ function post() {
+
+ switch($this->install_wizard_pass) {
+ case 1:
+ case 2:
+ return;
+ // implied break;
+ case 3:
+ $urlpath = \App::get_path();
+ $dbhost = trim($_POST['dbhost']);
+ $dbport = intval(trim($_POST['dbport']));
+ $dbuser = trim($_POST['dbuser']);
+ $dbpass = trim($_POST['dbpass']);
+ $dbdata = trim($_POST['dbdata']);
+ $dbtype = intval(trim($_POST['dbtype']));
+ $phpath = trim($_POST['phpath']);
+ $adminmail = trim($_POST['adminmail']);
+ $siteurl = trim($_POST['siteurl']);
+ $advanced = ((intval($_POST['advanced'])) ? 1 : 0);
+
+ // $siteurl should not have a trailing slash
+
+ $siteurl = rtrim($siteurl,'/');
+
+ require_once('include/dba/dba_driver.php');
+
+ $db = \DBA::dba_factory($dbhost, $dbport, $dbuser, $dbpass, $dbdata, $dbtype, true);
+
+ if(! \DBA::$dba->connected) {
+ echo 'Database Connect failed: ' . DBA::$dba->error;
+ killme();
+ }
+ return;
+ // implied break;
+ case 4:
+ $urlpath = \App::get_path();
+ $dbhost = notags(trim($_POST['dbhost']));
+ $dbport = intval(notags(trim($_POST['dbport'])));
+ $dbuser = notags(trim($_POST['dbuser']));
+ $dbpass = notags(trim($_POST['dbpass']));
+ $dbdata = notags(trim($_POST['dbdata']));
+ $dbtype = intval(notags(trim($_POST['dbtype'])));
+ $phpath = notags(trim($_POST['phpath']));
+ $timezone = notags(trim($_POST['timezone']));
+ $adminmail = notags(trim($_POST['adminmail']));
+ $siteurl = notags(trim($_POST['siteurl']));
+ $advanced = ((intval($_POST['advanced'])) ? 1 : 0);
+
+ if($siteurl != z_root()) {
+ $test = z_fetch_url($siteurl."/setup/testrewrite");
+ if((! $test['success']) || ($test['body'] != 'ok')) {
+ \App::$data['url_fail'] = true;
+ \App::$data['url_error'] = $test['error'];
+ return;
+ }
+ }
+
+ if(! \DBA::$dba->connected) {
+ // connect to db
+ $db = \DBA::dba_factory($dbhost, $dbport, $dbuser, $dbpass, $dbdata, $dbtype, true);
+ }
+
+ if(! \DBA::$dba->connected) {
+ echo 'CRITICAL: DB not connected.';
+ killme();
+ }
+
+ $tpl = get_intltext_template('htconfig.tpl');
+ $txt = replace_macros($tpl,array(
+ '$dbhost' => $dbhost,
+ '$dbport' => $dbport,
+ '$dbuser' => $dbuser,
+ '$dbpass' => $dbpass,
+ '$dbdata' => $dbdata,
+ '$dbtype' => $dbtype,
+ '$uno' => 1 - $advanced,
+ '$timezone' => $timezone,
+ '$siteurl' => $siteurl,
+ '$site_id' => random_string(),
+ '$phpath' => $phpath,
+ '$adminmail' => $adminmail
+ ));
+
+ $result = file_put_contents('.htconfig.php', $txt);
+ if(! $result) {
+ \App::$data['txt'] = $txt;
+ }
+
+ $errors = $this->load_database($db);
+
+ if($errors)
+ \App::$data['db_failed'] = $errors;
+ else
+ \App::$data['db_installed'] = true;
+
+ return;
+ // implied break;
+ default:
+ break;
+ }
+ }
+
+ function get_db_errno() {
+ if(class_exists('mysqli'))
+ return mysqli_connect_errno();
+ else
+ return mysql_errno();
+ }
+
+ /**
+ * @brief Get output for the setup page.
+ *
+ * Depending on the state we are currently in it returns different content.
+ *
+ * @return string parsed HTML output
+ */
+
+ function get() {
+
+ $o = '';
+ $wizard_status = '';
+ $install_title = t('$Projectname Server - Setup');
+
+ if(x(\App::$data, 'db_conn_failed')) {
+ $this->install_wizard_pass = 2;
+ $wizard_status = t('Could not connect to database.');
+ }
+ if(x(\App::$data, 'url_fail')) {
+ $this->install_wizard_pass = 3;
+ $wizard_status = t('Could not connect to specified site URL. Possible SSL certificate or DNS issue.');
+ if(\App::$data['url_error'])
+ $wizard_status .= ' ' . \App::$data['url_error'];
+ }
+
+ if(x(\App::$data, 'db_create_failed')) {
+ $this->install_wizard_pass = 2;
+ $wizard_status = t('Could not create table.');
+ }
+ $db_return_text = '';
+ if(x(\App::$data, 'db_installed')) {
+ $txt = '<p style="font-size: 130%;">';
+ $txt .= t('Your site database has been installed.') . EOL;
+ $db_return_text .= $txt;
+ }
+ if(x(\App::$data, 'db_failed')) {
+ $txt = t('You may need to import the file "install/schema_xxx.sql" manually using a database client.') . EOL;
+ $txt .= t('Please see the file "install/INSTALL.txt".') . EOL ."<hr>" ;
+ $txt .= "<pre>".\App::$data['db_failed'] . "</pre>". EOL ;
+ $db_return_text .= $txt;
+ }
+ if(\DBA::$dba && \DBA::$dba->connected) {
+ $r = q("SELECT COUNT(*) as `total` FROM `account`");
+ if($r && count($r) && $r[0]['total']) {
+ $tpl = get_markup_template('install.tpl');
+ return replace_macros($tpl, array(
+ '$title' => $install_title,
+ '$pass' => '',
+ '$status' => t('Permission denied.'),
+ '$text' => '',
+ ));
+ }
+ }
+
+ if(x(\App::$data, 'txt') && strlen(\App::$data['txt'])) {
+ $db_return_text .= $this->manual_config($a);
+ }
+
+ if ($db_return_text != "") {
+ $tpl = get_markup_template('install.tpl');
+ return replace_macros($tpl, array(
+ '$title' => $install_title,
+ '$pass' => '',
+ '$text' => $db_return_text . $this->what_next(),
+ ));
+ }
+
+ switch ($this->install_wizard_pass){
+ case 1: { // System check
+
+ $checks = array();
+
+ $this->check_funcs($checks);
+
+ $this->check_htconfig($checks);
+
+ $this->check_store($checks);
+
+ $this->check_smarty3($checks);
+
+ $this->check_keys($checks);
+
+ if (x($_POST, 'phpath'))
+ $phpath = notags(trim($_POST['phpath']));
+
+ $this->check_php($phpath, $checks);
+
+ $this->check_phpconfig($checks);
+
+ $this->check_htaccess($checks);
+
+ $checkspassed = array_reduce($checks, "self::check_passed", true);
+
+ $tpl = get_markup_template('install_checks.tpl');
+ $o .= replace_macros($tpl, array(
+ '$title' => $install_title,
+ '$pass' => t('System check'),
+ '$checks' => $checks,
+ '$passed' => $checkspassed,
+ '$see_install' => t('Please see the file "install/INSTALL.txt".'),
+ '$next' => t('Next'),
+ '$reload' => t('Check again'),
+ '$phpath' => $phpath,
+ '$baseurl' => z_root(),
+ ));
+ return $o;
+ }; break;
+
+ case 2: { // Database config
+
+ $dbhost = ((x($_POST,'dbhost')) ? notags(trim($_POST['dbhost'])) : '127.0.0.1');
+ $dbuser = notags(trim($_POST['dbuser']));
+ $dbport = intval(notags(trim($_POST['dbport'])));
+ $dbpass = notags(trim($_POST['dbpass']));
+ $dbdata = notags(trim($_POST['dbdata']));
+ $dbtype = intval(notags(trim($_POST['dbtype'])));
+ $phpath = notags(trim($_POST['phpath']));
+ $adminmail = notags(trim($_POST['adminmail']));
+ $siteurl = notags(trim($_POST['siteurl']));
+
+ $tpl = get_markup_template('install_db.tpl');
+ $o .= replace_macros($tpl, array(
+ '$title' => $install_title,
+ '$pass' => t('Database connection'),
+ '$info_01' => t('In order to install $Projectname we need to know how to connect to your database.'),
+ '$info_02' => t('Please contact your hosting provider or site administrator if you have questions about these settings.'),
+ '$info_03' => t('The database you specify below should already exist. If it does not, please create it before continuing.'),
+
+ '$status' => $wizard_status,
+
+ '$dbhost' => array('dbhost', t('Database Server Name'), $dbhost, t('Default is 127.0.0.1')),
+ '$dbport' => array('dbport', t('Database Port'), $dbport, t('Communication port number - use 0 for default')),
+ '$dbuser' => array('dbuser', t('Database Login Name'), $dbuser, ''),
+ '$dbpass' => array('dbpass', t('Database Login Password'), $dbpass, ''),
+ '$dbdata' => array('dbdata', t('Database Name'), $dbdata, ''),
+ '$dbtype' => array('dbtype', t('Database Type'), $dbtype, '', array( 0=>'MySQL', 1=>'PostgreSQL' )),
+
+ '$adminmail' => array('adminmail', t('Site administrator email address'), $adminmail, t('Your account email address must match this in order to use the web admin panel.')),
+ '$siteurl' => array('siteurl', t('Website URL'), z_root(), t('Please use SSL (https) URL if available.')),
+ '$lbl_10' => t('Please select a default timezone for your website'),
+
+ '$baseurl' => z_root(),
+
+ '$phpath' => $phpath,
+
+ '$submit' => t('Submit'),
+ ));
+ return $o;
+ }; break;
+ case 3: { // Site settings
+ require_once('include/datetime.php');
+ $dbhost = ((x($_POST,'dbhost')) ? notags(trim($_POST['dbhost'])) : '127.0.0.1');
+ $dbport = intval(notags(trim($_POST['dbuser'])));
+ $dbuser = notags(trim($_POST['dbuser']));
+ $dbpass = notags(trim($_POST['dbpass']));
+ $dbdata = notags(trim($_POST['dbdata']));
+ $dbtype = intval(notags(trim($_POST['dbtype'])));
+ $phpath = notags(trim($_POST['phpath']));
+
+ $adminmail = notags(trim($_POST['adminmail']));
+ $siteurl = notags(trim($_POST['siteurl']));
+ $timezone = ((x($_POST,'timezone')) ? ($_POST['timezone']) : 'America/Los_Angeles');
+
+ $tpl = get_markup_template('install_settings.tpl');
+ $o .= replace_macros($tpl, array(
+ '$title' => $install_title,
+ '$pass' => t('Site settings'),
+ '$status' => $wizard_status,
+
+ '$dbhost' => $dbhost,
+ '$dbport' => $dbport,
+ '$dbuser' => $dbuser,
+ '$dbpass' => $dbpass,
+ '$dbdata' => $dbdata,
+ '$phpath' => $phpath,
+ '$dbtype' => $dbtype,
+
+ '$adminmail' => array('adminmail', t('Site administrator email address'), $adminmail, t('Your account email address must match this in order to use the web admin panel.')),
+
+ '$siteurl' => array('siteurl', t('Website URL'), z_root(), t('Please use SSL (https) URL if available.')),
+ '$advanced' => array('advanced', t('Enable $Projectname <strong>advanced</strong> features?'), 1, t('Some advanced features, while useful - may be best suited for technically proficient audiences')),
+
+ '$timezone' => array('timezone', t('Please select a default timezone for your website'), $timezone, '', get_timezones()),
+
+ '$baseurl' => z_root(),
+
+ '$submit' => t('Submit'),
+ ));
+ return $o;
+ }; break;
+ }
+ }
+
+ /**
+ * @brief Add a check result to the array for output.
+ *
+ * @param[in,out] array &$checks array passed to template
+ * @param string $title a title for the check
+ * @param boolean $status
+ * @param boolean $required
+ * @param[optional] string $help optional help string
+ */
+ function check_add(&$checks, $title, $status, $required, $help = '') {
+ $checks[] = array(
+ 'title' => $title,
+ 'status' => $status,
+ 'required' => $required,
+ 'help' => $help
+ );
+ }
+
+ /**
+ * @brief Checks the PHP environment.
+ *
+ * @param[in,out] string &$phpath
+ * @param[out] array &$checks
+ */
+ function check_php(&$phpath, &$checks) {
+ $help = '';
+
+ if(version_compare(PHP_VERSION, '5.5') < 0) {
+ $help .= t('PHP version 5.5 or greater is required.');
+ $this->check_add($checks, t('PHP version'), false, false, $help);
+ }
+
+ if (strlen($phpath)) {
+ $passed = file_exists($phpath);
+ } else {
+ if(is_windows())
+ $phpath = trim(shell_exec('where php'));
+ else
+ $phpath = trim(shell_exec('which php'));
+
+ $passed = strlen($phpath);
+ }
+
+ if(!$passed) {
+ $help .= t('Could not find a command line version of PHP in the web server PATH.'). EOL;
+ $help .= t('If you don\'t have a command line version of PHP installed on server, you will not be able to run background polling via cron.') . EOL;
+ $help .= EOL . EOL ;
+ $tpl = get_markup_template('field_input.tpl');
+ $help .= replace_macros($tpl, array(
+ '$field' => array('phpath', t('PHP executable path'), $phpath, t('Enter full path to php executable. You can leave this blank to continue the installation.')),
+ ));
+ $phpath = '';
+ }
+
+ $this->check_add($checks, t('Command line PHP').($passed?" (<tt>$phpath</tt>)":""), $passed, false, $help);
+
+ if($passed) {
+ $str = autoname(8);
+ $cmd = "$phpath install/testargs.php $str";
+ $result = trim(shell_exec($cmd));
+ $passed2 = $result == $str;
+ $help = '';
+ if(!$passed2) {
+ $help .= t('The command line version of PHP on your system does not have "register_argc_argv" enabled.'). EOL;
+ $help .= t('This is required for message delivery to work.');
+ }
+
+ $this->check_add($checks, t('PHP register_argc_argv'), $passed, true, $help);
+ }
+ }
+
+ /**
+ * @brief Some PHP configuration checks.
+ *
+ * @todo Change how we display such informational text. Add more description
+ * how to change them.
+ *
+ * @param[out] array &$checks
+ */
+ function check_phpconfig(&$checks) {
+ require_once 'include/environment.php';
+
+ $help = '';
+
+ $result = getPhpiniUploadLimits();
+ $help = sprintf(t('Your max allowed total upload size is set to %s. Maximum size of one file to upload is set to %s. You are allowed to upload up to %d files at once.'),
+ userReadableSize($result['post_max_size']),
+ userReadableSize($result['max_upload_filesize']),
+ $result['max_file_uploads']
+ );
+ $help .= '<br>' . t('You can adjust these settings in the servers php.ini.');
+
+ $this->check_add($checks, t('PHP upload limits'), true, false, $help);
+ }
+
+ /**
+ * @brief Check if the openssl implementation can generate keys.
+ *
+ * @param[out] array $checks
+ */
+ function check_keys(&$checks) {
+ $help = '';
+ $res = false;
+
+ if (function_exists('openssl_pkey_new')) {
+ $res = openssl_pkey_new(array(
+ 'digest_alg' => 'sha1',
+ 'private_key_bits' => 4096,
+ 'encrypt_key' => false)
+ );
+ }
+
+ // Get private key
+
+ if (! $res) {
+ $help .= t('Error: the "openssl_pkey_new" function on this system is not able to generate encryption keys'). EOL;
+ $help .= t('If running under Windows, please see "http://www.php.net/manual/en/openssl.installation.php".');
+ }
+
+ $this->check_add($checks, t('Generate encryption keys'), $res, true, $help);
+ }
+
+ /**
+ * @brief Check for some PHP functions and modules.
+ *
+ * @param[in,out] array &$checks
+ */
+ function check_funcs(&$checks) {
+ $ck_funcs = array();
+
+ // add check metadata, the real check is done bit later and return values set
+ $this->check_add($ck_funcs, t('libCurl PHP module'), true, true);
+ $this->check_add($ck_funcs, t('GD graphics PHP module'), true, true);
+ $this->check_add($ck_funcs, t('OpenSSL PHP module'), true, true);
+ $this->check_add($ck_funcs, t('mysqli or postgres PHP module'), true, true);
+ $this->check_add($ck_funcs, t('mb_string PHP module'), true, true);
+ $this->check_add($ck_funcs, t('xml PHP module'), true, true);
+
+ if(function_exists('apache_get_modules')){
+ if (! in_array('mod_rewrite', apache_get_modules())) {
+ $this->check_add($ck_funcs, t('Apache mod_rewrite module'), false, true, t('Error: Apache webserver mod-rewrite module is required but not installed.'));
+ } else {
+ $this->check_add($ck_funcs, t('Apache mod_rewrite module'), true, true);
+ }
+ }
+ if((! function_exists('proc_open')) || strstr(ini_get('disable_functions'),'proc_open')) {
+ $this->check_add($ck_funcs, t('proc_open'), false, true, t('Error: proc_open is required but is either not installed or has been disabled in php.ini'));
+ }
+ else {
+ $this->check_add($ck_funcs, t('proc_open'), true, true);
+ }
+
+ if(! function_exists('curl_init')) {
+ $ck_funcs[0]['status'] = false;
+ $ck_funcs[0]['help'] = t('Error: libCURL PHP module required but not installed.');
+ }
+ if(! function_exists('imagecreatefromjpeg')) {
+ $ck_funcs[1]['status'] = false;
+ $ck_funcs[1]['help'] = t('Error: GD graphics PHP module with JPEG support required but not installed.');
+ }
+ if(! function_exists('openssl_public_encrypt')) {
+ $ck_funcs[2]['status'] = false;
+ $ck_funcs[2]['help'] = t('Error: openssl PHP module required but not installed.');
+ }
+ if(! function_exists('mysqli_connect') && !function_exists('pg_connect')) {
+ $ck_funcs[3]['status'] = false;
+ $ck_funcs[3]['help'] = t('Error: mysqli or postgres PHP module required but neither are installed.');
+ }
+ if(! function_exists('mb_strlen')) {
+ $ck_funcs[4]['status'] = false;
+ $ck_funcs[4]['help'] = t('Error: mb_string PHP module required but not installed.');
+ }
+ if(! extension_loaded('xml')) {
+ $ck_funcs[6]['status'] = false;
+ $ck_funcs[6]['help'] = t('Error: xml PHP module required for DAV but not installed.');
+ }
+
+ $checks = array_merge($checks, $ck_funcs);
+ }
+
+ /**
+ * @brief Check for .htconfig requirements.
+ *
+ * @param[out] array &$checks
+ */
+ function check_htconfig(&$checks) {
+ $status = true;
+ $help = '';
+
+ if( (file_exists('.htconfig.php') && !is_writable('.htconfig.php')) ||
+ (!file_exists('.htconfig.php') && !is_writable('.')) ) {
+ $status = false;
+ $help = t('The web installer needs to be able to create a file called ".htconfig.php" in the top folder of your web server and it is unable to do so.') .EOL;
+ $help .= t('This is most often a permission setting, as the web server may not be able to write files in your folder - even if you can.').EOL;
+ $help .= t('At the end of this procedure, we will give you a text to save in a file named .htconfig.php in your Red top folder.').EOL;
+ $help .= t('You can alternatively skip this procedure and perform a manual installation. Please see the file "install/INSTALL.txt" for instructions.').EOL;
+ }
+
+ $this->check_add($checks, t('.htconfig.php is writable'), $status, false, $help);
+ }
+
+ /**
+ * @brief Checks for our templating engine Smarty3 requirements.
+ *
+ * @param[out] array &$checks
+ */
+ function check_smarty3(&$checks) {
+ $status = true;
+ $help = '';
+
+ if(! is_writable(TEMPLATE_BUILD_PATH) ) {
+ $status = false;
+ $help = t('Red uses the Smarty3 template engine to render its web views. Smarty3 compiles templates to PHP to speed up rendering.') .EOL;
+ $help .= sprintf( t('In order to store these compiled templates, the web server needs to have write access to the directory %s under the top level web folder.'), TEMPLATE_BUILD_PATH) . EOL;
+ $help .= t('Please ensure that the user that your web server runs as (e.g. www-data) has write access to this folder.').EOL;
+ $help .= sprintf( t('Note: as a security measure, you should give the web server write access to %s only--not the template files (.tpl) that it contains.'), TEMPLATE_BUILD_PATH) . EOL;
+ }
+
+ $this->check_add($checks, sprintf( t('%s is writable'), TEMPLATE_BUILD_PATH), $status, true, $help);
+ }
+
+ /**
+ * @brief Check for store directory.
+ *
+ * @param[out] array &$checks
+ */
+ function check_store(&$checks) {
+ $status = true;
+ $help = '';
+
+ @os_mkdir(TEMPLATE_BUILD_PATH, STORAGE_DEFAULT_PERMISSIONS, true);
+
+ if(! is_writable('store')) {
+ $status = false;
+ $help = t('This software uses the store directory to save uploaded files. The web server needs to have write access to the store directory under the Red top level folder') . EOL;
+ $help .= t('Please ensure that the user that your web server runs as (e.g. www-data) has write access to this folder.').EOL;
+ }
+
+ $this->check_add($checks, t('store is writable'), $status, true, $help);
+ }
+
+ /**
+ * @brief Check URL rewrite und SSL certificate.
+ *
+ * @param[out] array &$checks
+ */
+ function check_htaccess(&$checks) {
+ $a = get_app();
+ $status = true;
+ $help = '';
+ $ssl_error = false;
+
+ $url = z_root() . '/setup/testrewrite';
+
+ if (function_exists('curl_init')){
+ $test = z_fetch_url($url);
+ if(! $test['success']) {
+ if(strstr($url,'https://')) {
+ $test = z_fetch_url($url,false,0,array('novalidate' => true));
+ if($test['success']) {
+ $ssl_error = true;
+ }
+ }
+ else {
+ $test = z_fetch_url(str_replace('http://','https://',$url),false,0,array('novalidate' => true));
+ if($test['success']) {
+ $ssl_error = true;
+ }
+ }
+
+ if($ssl_error) {
+ $help = t('SSL certificate cannot be validated. Fix certificate or disable https access to this site.') . EOL;
+ $help .= t('If you have https access to your website or allow connections to TCP port 443 (the https: port), you MUST use a browser-valid certificate. You MUST NOT use self-signed certificates!') . EOL;
+ $help .= t('This restriction is incorporated because public posts from you may for example contain references to images on your own hub.') . EOL;
+ $help .= t('If your certificate is not recognized, members of other sites (who may themselves have valid certificates) will get a warning message on their own site complaining about security issues.') . EOL;
+ $help .= t('This can cause usability issues elsewhere (not just on your own site) so we must insist on this requirement.') .EOL;
+ $help .= t('Providers are available that issue free certificates which are browser-valid.'). EOL;
+
+ $help .= t('If you are confident that the certificate is valid and signed by a trusted authority, check to see if you have failed to install an intermediate cert. These are not normally required by browsers, but are required for server-to-server communications.') . EOL;
+
+
+ $this->check_add($checks, t('SSL certificate validation'), false, true, $help);
+ }
+ }
+
+ if ((! $test['success']) || ($test['body'] != "ok")) {
+ $status = false;
+ $help = t('Url rewrite in .htaccess is not working. Check your server configuration.'.'Test: '.var_export($test,true));
+ }
+
+ $this->check_add($checks, t('Url rewrite is working'), $status, true, $help);
+ } else {
+ // cannot check modrewrite if libcurl is not installed
+ }
+ }
+
+
+ function manual_config(&$a) {
+ $data = htmlspecialchars(\App::$data['txt'], ENT_COMPAT, 'UTF-8');
+ $o = t('The database configuration file ".htconfig.php" could not be written. Please use the enclosed text to create a configuration file in your web server root.');
+ $o .= "<textarea rows=\"24\" cols=\"80\" >$data</textarea>";
+
+ return $o;
+ }
+
+ function load_database_rem($v, $i){
+ $l = trim($i);
+ if (strlen($l)>1 && ($l[0]=="-" || ($l[0]=="/" && $l[1]=="*"))){
+ return $v;
+ } else {
+ return $v."\n".$i;
+ }
+ }
+
+
+ function load_database($db) {
+ $str = file_get_contents(\DBA::$dba->get_install_script());
+ $arr = explode(';',$str);
+ $errors = false;
+ foreach($arr as $a) {
+ if(strlen(trim($a))) {
+ $r = dbq(trim($a));
+ if(! $r) {
+ $errors .= t('Errors encountered creating database tables.') . $a . EOL;
+ }
+ }
+ }
+
+ return $errors;
+ }
+
+ function what_next() {
+ $a = get_app();
+ // install the standard theme
+ set_config('system', 'allowed_themes', 'redbasic');
+
+
+ // Set a lenient list of ciphers if using openssl. Other ssl engines
+ // (e.g. NSS used in RedHat) require different syntax, so hopefully
+ // the default curl cipher list will work for most sites. If not,
+ // this can set via config. Many distros are now disabling RC4,
+ // but many Red sites still use it and are unable to change it.
+ // We do not use SSL for encryption, only to protect session cookies.
+ // z_fetch_url() is also used to import shared links and other content
+ // so in theory most any cipher could show up and we should do our best
+ // to make the content available rather than tell folks that there's a
+ // weird SSL error which they can't do anything about. This does not affect
+ // the SSL server, but is only a client negotiation to find something workable.
+ // Hence it will not make your system susceptible to POODL or other nasties.
+
+ $x = curl_version();
+ if(stristr($x['ssl_version'],'openssl'))
+ set_config('system','curl_ssl_ciphers','ALL:!eNULL');
+
+ // Create a system channel
+ require_once ('include/channel.php');
+ create_sys_channel();
+
+ $baseurl = z_root();
+ return
+ t('<h1>What next</h1>')
+ ."<p>".t('IMPORTANT: You will need to [manually] setup a scheduled task for the poller.')
+ .t('Please see the file "install/INSTALL.txt".')
+ ."</p><p>"
+ .t("Go to your new hub <a href='$baseurl/register'>registration page</a> and register as new member. Remember to use the same email you have entered as administrator email. This will allow you to enter the site admin panel.")
+ ."</p>";
+ }
+
+
+ static private function check_passed($v, $c) {
+ if ($c['required'])
+ $v = $v && $c['status'];
+
+ return $v;
+ }
+
+
+}