aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs/Module/Setup.php
diff options
context:
space:
mode:
Diffstat (limited to 'Zotlabs/Module/Setup.php')
-rw-r--r--Zotlabs/Module/Setup.php251
1 files changed, 131 insertions, 120 deletions
diff --git a/Zotlabs/Module/Setup.php b/Zotlabs/Module/Setup.php
index 99535b31b..18a20885b 100644
--- a/Zotlabs/Module/Setup.php
+++ b/Zotlabs/Module/Setup.php
@@ -1,9 +1,9 @@
<?php
namespace Zotlabs\Module;
/**
- * @file mod/setup.php
+ * @file Zotlabs/Module/Setup.php
*
- * Controller for the initial setup/installation.
+ * @brief Controller for the initial setup/installation.
*
* @todo This setup module could need some love and improvements.
*/
@@ -13,51 +13,50 @@ namespace Zotlabs\Module;
* @brief Initialisation for the setup module.
*
*/
-
class Setup extends \Zotlabs\Web\Controller {
private static $install_wizard_pass = 1;
-
+ /**
+ * {@inheritDoc}
+ * @see \\Zotlabs\\Web\\Controller::init()
+ */
function init() {
-
// Ensure that if somebody hasn't read the install documentation and doesn't have all
// the required modules or has a totally borked shared hosting provider and they can't
// figure out what the hell is going on - that we at least spit out an error message which
// we can inquire about when they write to tell us that our software doesn't work.
-
+
// The worst thing we can do at this point is throw a white screen of death and rely on
// them knowing about servers and php modules and logfiles enough so that we can guess
// at the source of the problem. As ugly as it may be, we need to throw a technically worded
// PHP error message in their face. Once installation is complete application errors will
// throw a white screen because these error messages divulge information which can
// potentially be useful to hackers.
-
+
error_reporting(E_ERROR | E_WARNING | E_PARSE );
ini_set('log_errors', '0');
ini_set('display_errors', '1');
-
+
// $baseurl/setup/testrwrite to test if rewite in .htaccess is working
if (argc() == 2 && argv(1) == "testrewrite") {
echo 'ok';
killme();
}
-
+
if (x($_POST, 'pass')) {
$this->install_wizard_pass = intval($_POST['pass']);
- }
- else {
+ } else {
$this->install_wizard_pass = 1;
}
}
-
+
/**
* @brief Handle the actions of the different setup steps.
*
*/
-
function post() {
-
+
switch($this->install_wizard_pass) {
case 1:
case 2:
@@ -77,15 +76,15 @@ class Setup extends \Zotlabs\Web\Controller {
$server_role = trim($_POST['server_role']);
if(! $server_role)
$server_role = 'standard';
-
+
// $siteurl should not have a trailing slash
-
+
$siteurl = rtrim($siteurl,'/');
-
+
require_once('include/dba/dba_driver.php');
$db = \DBA::dba_factory($dbhost, $dbport, $dbuser, $dbpass, $dbdata, $dbtype, true);
-
+
if(! \DBA::$dba->connected) {
echo 'Database Connect failed: ' . \DBA::$dba->error;
killme();
@@ -107,7 +106,7 @@ class Setup extends \Zotlabs\Web\Controller {
$server_role = trim($_POST['server_role']);
if(! $server_role)
$server_role = 'standard';
-
+
if($siteurl != z_root()) {
$test = z_fetch_url($siteurl."/setup/testrewrite");
if((! $test['success']) || ($test['body'] != 'ok')) {
@@ -116,7 +115,7 @@ class Setup extends \Zotlabs\Web\Controller {
return;
}
}
-
+
if(! \DBA::$dba->connected) {
// connect to db
$db = \DBA::dba_factory($dbhost, $dbport, $dbuser, $dbpass, $dbdata, $dbtype, true);
@@ -126,7 +125,7 @@ class Setup extends \Zotlabs\Web\Controller {
echo 'CRITICAL: DB not connected.';
killme();
}
-
+
$tpl = get_intltext_template('htconfig.tpl');
$txt = replace_macros($tpl,array(
'$dbhost' => $dbhost,
@@ -142,33 +141,33 @@ class Setup extends \Zotlabs\Web\Controller {
'$phpath' => $phpath,
'$adminmail' => $adminmail
));
-
+
$result = file_put_contents('.htconfig.php', $txt);
if(! $result) {
\App::$data['txt'] = $txt;
}
-
+
$errors = $this->load_database($db);
-
+
if($errors)
\App::$data['db_failed'] = $errors;
else
\App::$data['db_installed'] = true;
-
+
return;
// implied break;
default:
break;
}
}
-
+
function get_db_errno() {
if(class_exists('mysqli'))
return mysqli_connect_errno();
else
return mysql_errno();
}
-
+
/**
* @brief Get output for the setup page.
*
@@ -176,13 +175,12 @@ class Setup extends \Zotlabs\Web\Controller {
*
* @return string parsed HTML output
*/
-
function get() {
-
+
$o = '';
$wizard_status = '';
$install_title = t('$Projectname Server - Setup');
-
+
if(x(\App::$data, 'db_conn_failed')) {
$this->install_wizard_pass = 2;
$wizard_status = t('Could not connect to database.');
@@ -193,7 +191,7 @@ class Setup extends \Zotlabs\Web\Controller {
if(\App::$data['url_error'])
$wizard_status .= ' ' . \App::$data['url_error'];
}
-
+
if(x(\App::$data, 'db_create_failed')) {
$this->install_wizard_pass = 2;
$wizard_status = t('Could not create table.');
@@ -222,11 +220,11 @@ class Setup extends \Zotlabs\Web\Controller {
));
}
}
-
+
if(x(\App::$data, 'txt') && strlen(\App::$data['txt'])) {
$db_return_text .= $this->manual_config($a);
}
-
+
if ($db_return_text != "") {
$tpl = get_markup_template('install.tpl');
return replace_macros($tpl, array(
@@ -235,33 +233,33 @@ class Setup extends \Zotlabs\Web\Controller {
'$text' => $db_return_text . $this->what_next(),
));
}
-
+
switch ($this->install_wizard_pass){
case 1: { // System check
-
+
$checks = array();
-
+
$this->check_funcs($checks);
-
+
$this->check_htconfig($checks);
-
+
$this->check_store($checks);
-
+
$this->check_smarty3($checks);
-
+
$this->check_keys($checks);
-
+
if (x($_POST, 'phpath'))
$phpath = notags(trim($_POST['phpath']));
-
+
$this->check_php($phpath, $checks);
-
+
$this->check_phpconfig($checks);
-
+
$this->check_htaccess($checks);
-
+
$checkspassed = array_reduce($checks, "self::check_passed", true);
-
+
$tpl = get_markup_template('install_checks.tpl');
$o .= replace_macros($tpl, array(
'$title' => $install_title,
@@ -276,9 +274,9 @@ class Setup extends \Zotlabs\Web\Controller {
));
return $o;
}; break;
-
+
case 2: { // Database config
-
+
$dbhost = ((x($_POST,'dbhost')) ? trim($_POST['dbhost']) : '127.0.0.1');
$dbuser = trim($_POST['dbuser']);
$dbport = intval(trim($_POST['dbport']));
@@ -288,7 +286,7 @@ class Setup extends \Zotlabs\Web\Controller {
$phpath = trim($_POST['phpath']);
$adminmail = trim($_POST['adminmail']);
$siteurl = trim($_POST['siteurl']);
-
+
$tpl = get_markup_template('install_db.tpl');
$o .= replace_macros($tpl, array(
'$title' => $install_title,
@@ -296,24 +294,24 @@ class Setup extends \Zotlabs\Web\Controller {
'$info_01' => t('In order to install $Projectname we need to know how to connect to your database.'),
'$info_02' => t('Please contact your hosting provider or site administrator if you have questions about these settings.'),
'$info_03' => t('The database you specify below should already exist. If it does not, please create it before continuing.'),
-
+
'$status' => $wizard_status,
-
+
'$dbhost' => array('dbhost', t('Database Server Name'), $dbhost, t('Default is 127.0.0.1')),
'$dbport' => array('dbport', t('Database Port'), $dbport, t('Communication port number - use 0 for default')),
'$dbuser' => array('dbuser', t('Database Login Name'), $dbuser, ''),
'$dbpass' => array('dbpass', t('Database Login Password'), $dbpass, ''),
'$dbdata' => array('dbdata', t('Database Name'), $dbdata, ''),
'$dbtype' => array('dbtype', t('Database Type'), $dbtype, '', array( 0=>'MySQL', 1=>'PostgreSQL' )),
-
+
'$adminmail' => array('adminmail', t('Site administrator email address'), $adminmail, t('Your account email address must match this in order to use the web admin panel.')),
'$siteurl' => array('siteurl', t('Website URL'), z_root(), t('Please use SSL (https) URL if available.')),
'$lbl_10' => t('Please select a default timezone for your website'),
-
+
'$baseurl' => z_root(),
-
+
'$phpath' => $phpath,
-
+
'$submit' => t('Submit'),
));
return $o;
@@ -327,11 +325,11 @@ class Setup extends \Zotlabs\Web\Controller {
$dbdata = trim($_POST['dbdata']);
$dbtype = intval(trim($_POST['dbtype']));
$phpath = trim($_POST['phpath']);
-
+
$adminmail = trim($_POST['adminmail']);
$siteurl = trim($_POST['siteurl']);
$timezone = ((x($_POST,'timezone')) ? ($_POST['timezone']) : 'America/Los_Angeles');
-
+
$server_roles = [
'basic' => t('Basic/Minimal Social Networking'),
'standard' => t('Standard Configuration (default)'),
@@ -343,7 +341,7 @@ class Setup extends \Zotlabs\Web\Controller {
'$title' => $install_title,
'$pass' => t('Site settings'),
'$status' => $wizard_status,
-
+
'$dbhost' => $dbhost,
'$dbport' => $dbport,
'$dbuser' => $dbuser,
@@ -351,24 +349,24 @@ class Setup extends \Zotlabs\Web\Controller {
'$dbdata' => $dbdata,
'$phpath' => $phpath,
'$dbtype' => $dbtype,
-
+
'$adminmail' => array('adminmail', t('Site administrator email address'), $adminmail, t('Your account email address must match this in order to use the web admin panel.')),
-
+
'$siteurl' => array('siteurl', t('Website URL'), z_root(), t('Please use SSL (https) URL if available.')),
- '$server_role' => array('server_role', t("Server Configuration/Role"), 'standard','',$server_roles),
-
+ '$server_role' => array('server_role', t("Server Configuration/Role"), 'standard','',$server_roles),
+
'$timezone' => array('timezone', t('Please select a default timezone for your website'), $timezone, '', get_timezones()),
-
+
'$baseurl' => z_root(),
-
+
'$submit' => t('Submit'),
));
return $o;
}; break;
}
}
-
+
/**
* @brief Add a check result to the array for output.
*
@@ -376,7 +374,7 @@ class Setup extends \Zotlabs\Web\Controller {
* @param string $title a title for the check
* @param boolean $status
* @param boolean $required
- * @param[optional] string $help optional help string
+ * @param string $help optional help string
*/
function check_add(&$checks, $title, $status, $required, $help = '') {
$checks[] = array(
@@ -386,7 +384,7 @@ class Setup extends \Zotlabs\Web\Controller {
'help' => $help
);
}
-
+
/**
* @brief Checks the PHP environment.
*
@@ -395,7 +393,7 @@ class Setup extends \Zotlabs\Web\Controller {
*/
function check_php(&$phpath, &$checks) {
$help = '';
-
+
if(version_compare(PHP_VERSION, '5.5') < 0) {
$help .= t('PHP version 5.5 or greater is required.');
$this->check_add($checks, t('PHP version'), false, false, $help);
@@ -408,10 +406,10 @@ class Setup extends \Zotlabs\Web\Controller {
$phpath = trim(shell_exec('where php'));
else
$phpath = trim(shell_exec('which php'));
-
+
$passed = strlen($phpath);
}
-
+
if(!$passed) {
$help .= t('Could not find a command line version of PHP in the web server PATH.'). EOL;
$help .= t('If you don\'t have a command line version of PHP installed on server, you will not be able to run background polling via cron.') . EOL;
@@ -422,9 +420,9 @@ class Setup extends \Zotlabs\Web\Controller {
));
$phpath = '';
}
-
+
$this->check_add($checks, t('Command line PHP').($passed?" (<tt>$phpath</tt>)":""), $passed, false, $help);
-
+
if($passed) {
$str = autoname(8);
$cmd = "$phpath install/testargs.php $str";
@@ -435,11 +433,11 @@ class Setup extends \Zotlabs\Web\Controller {
$help .= t('The command line version of PHP on your system does not have "register_argc_argv" enabled.'). EOL;
$help .= t('This is required for message delivery to work.');
}
-
+
$this->check_add($checks, t('PHP register_argc_argv'), $passed, true, $help);
}
}
-
+
/**
* @brief Some PHP configuration checks.
*
@@ -450,9 +448,9 @@ class Setup extends \Zotlabs\Web\Controller {
*/
function check_phpconfig(&$checks) {
require_once 'include/environment.php';
-
+
$help = '';
-
+
$result = getPhpiniUploadLimits();
$help = sprintf(t('Your max allowed total upload size is set to %s. Maximum size of one file to upload is set to %s. You are allowed to upload up to %d files at once.'),
userReadableSize($result['post_max_size']),
@@ -460,10 +458,10 @@ class Setup extends \Zotlabs\Web\Controller {
$result['max_file_uploads']
);
$help .= '<br>' . t('You can adjust these settings in the servers php.ini.');
-
+
$this->check_add($checks, t('PHP upload limits'), true, false, $help);
}
-
+
/**
* @brief Check if the openssl implementation can generate keys.
*
@@ -472,7 +470,7 @@ class Setup extends \Zotlabs\Web\Controller {
function check_keys(&$checks) {
$help = '';
$res = false;
-
+
if (function_exists('openssl_pkey_new')) {
$res = openssl_pkey_new(array(
'digest_alg' => 'sha1',
@@ -480,17 +478,17 @@ class Setup extends \Zotlabs\Web\Controller {
'encrypt_key' => false)
);
}
-
+
// Get private key
-
+
if (! $res) {
$help .= t('Error: the "openssl_pkey_new" function on this system is not able to generate encryption keys'). EOL;
$help .= t('If running under Windows, please see "http://www.php.net/manual/en/openssl.installation.php".');
}
-
+
$this->check_add($checks, t('Generate encryption keys'), $res, true, $help);
}
-
+
/**
* @brief Check for some PHP functions and modules.
*
@@ -498,7 +496,7 @@ class Setup extends \Zotlabs\Web\Controller {
*/
function check_funcs(&$checks) {
$ck_funcs = array();
-
+
// add check metadata, the real check is done bit later and return values set
$this->check_add($ck_funcs, t('libCurl PHP module'), true, true);
$this->check_add($ck_funcs, t('GD graphics PHP module'), true, true);
@@ -506,7 +504,7 @@ class Setup extends \Zotlabs\Web\Controller {
$this->check_add($ck_funcs, t('mysqli or postgres PHP module'), true, true);
$this->check_add($ck_funcs, t('mb_string PHP module'), true, true);
$this->check_add($ck_funcs, t('xml PHP module'), true, true);
-
+
if(function_exists('apache_get_modules')){
if (! in_array('mod_rewrite', apache_get_modules())) {
$this->check_add($ck_funcs, t('Apache mod_rewrite module'), false, true, t('Error: Apache webserver mod-rewrite module is required but not installed.'));
@@ -520,7 +518,7 @@ class Setup extends \Zotlabs\Web\Controller {
else {
$this->check_add($ck_funcs, t('proc_open'), true, true);
}
-
+
if(! function_exists('curl_init')) {
$ck_funcs[0]['status'] = false;
$ck_funcs[0]['help'] = t('Error: libCURL PHP module required but not installed.');
@@ -545,10 +543,10 @@ class Setup extends \Zotlabs\Web\Controller {
$ck_funcs[6]['status'] = false;
$ck_funcs[6]['help'] = t('Error: xml PHP module required for DAV but not installed.');
}
-
+
$checks = array_merge($checks, $ck_funcs);
}
-
+
/**
* @brief Check for .htconfig requirements.
*
@@ -557,7 +555,7 @@ class Setup extends \Zotlabs\Web\Controller {
function check_htconfig(&$checks) {
$status = true;
$help = '';
-
+
if( (file_exists('.htconfig.php') && !is_writable('.htconfig.php')) ||
(!file_exists('.htconfig.php') && !is_writable('.')) ) {
$status = false;
@@ -566,10 +564,10 @@ class Setup extends \Zotlabs\Web\Controller {
$help .= t('At the end of this procedure, we will give you a text to save in a file named .htconfig.php in your Red top folder.').EOL;
$help .= t('You can alternatively skip this procedure and perform a manual installation. Please see the file "install/INSTALL.txt" for instructions.').EOL;
}
-
+
$this->check_add($checks, t('.htconfig.php is writable'), $status, false, $help);
}
-
+
/**
* @brief Checks for our templating engine Smarty3 requirements.
*
@@ -578,7 +576,7 @@ class Setup extends \Zotlabs\Web\Controller {
function check_smarty3(&$checks) {
$status = true;
$help = '';
-
+
if(! is_writable(TEMPLATE_BUILD_PATH) ) {
$status = false;
$help = t('Red uses the Smarty3 template engine to render its web views. Smarty3 compiles templates to PHP to speed up rendering.') .EOL;
@@ -586,10 +584,10 @@ class Setup extends \Zotlabs\Web\Controller {
$help .= t('Please ensure that the user that your web server runs as (e.g. www-data) has write access to this folder.').EOL;
$help .= sprintf( t('Note: as a security measure, you should give the web server write access to %s only--not the template files (.tpl) that it contains.'), TEMPLATE_BUILD_PATH) . EOL;
}
-
+
$this->check_add($checks, sprintf( t('%s is writable'), TEMPLATE_BUILD_PATH), $status, true, $help);
}
-
+
/**
* @brief Check for store directory.
*
@@ -598,18 +596,18 @@ class Setup extends \Zotlabs\Web\Controller {
function check_store(&$checks) {
$status = true;
$help = '';
-
+
@os_mkdir(TEMPLATE_BUILD_PATH, STORAGE_DEFAULT_PERMISSIONS, true);
-
+
if(! is_writable('store')) {
$status = false;
$help = t('This software uses the store directory to save uploaded files. The web server needs to have write access to the store directory under the Red top level folder') . EOL;
$help .= t('Please ensure that the user that your web server runs as (e.g. www-data) has write access to this folder.').EOL;
}
-
+
$this->check_add($checks, t('store is writable'), $status, true, $help);
}
-
+
/**
* @brief Check URL rewrite und SSL certificate.
*
@@ -620,9 +618,9 @@ class Setup extends \Zotlabs\Web\Controller {
$status = true;
$help = '';
$ssl_error = false;
-
+
$url = z_root() . '/setup/testrewrite';
-
+
if (function_exists('curl_init')){
$test = z_fetch_url($url);
if(! $test['success']) {
@@ -638,7 +636,7 @@ class Setup extends \Zotlabs\Web\Controller {
$ssl_error = true;
}
}
-
+
if($ssl_error) {
$help = t('SSL certificate cannot be validated. Fix certificate or disable https access to this site.') . EOL;
$help .= t('If you have https access to your website or allow connections to TCP port 443 (the https: port), you MUST use a browser-valid certificate. You MUST NOT use self-signed certificates!') . EOL;
@@ -649,31 +647,35 @@ class Setup extends \Zotlabs\Web\Controller {
$help .= t('If you are confident that the certificate is valid and signed by a trusted authority, check to see if you have failed to install an intermediate cert. These are not normally required by browsers, but are required for server-to-server communications.') . EOL;
-
$this->check_add($checks, t('SSL certificate validation'), false, true, $help);
}
}
-
+
if ((! $test['success']) || ($test['body'] != "ok")) {
$status = false;
$help = t('Url rewrite in .htaccess is not working. Check your server configuration.'.'Test: '.var_export($test,true));
}
-
+
$this->check_add($checks, t('Url rewrite is working'), $status, true, $help);
} else {
// cannot check modrewrite if libcurl is not installed
}
}
-
-
+
+ /**
+ * @brief
+ *
+ * @param App &$a
+ * @return string with paresed HTML
+ */
function manual_config(&$a) {
$data = htmlspecialchars(\App::$data['txt'], ENT_COMPAT, 'UTF-8');
$o = t('The database configuration file ".htconfig.php" could not be written. Please use the enclosed text to create a configuration file in your web server root.');
$o .= "<textarea rows=\"24\" cols=\"80\" >$data</textarea>";
-
+
return $o;
}
-
+
function load_database_rem($v, $i){
$l = trim($i);
if (strlen($l)>1 && ($l[0]=="-" || ($l[0]=="/" && $l[1]=="*"))){
@@ -682,11 +684,11 @@ class Setup extends \Zotlabs\Web\Controller {
return $v."\n".$i;
}
}
-
-
+
+
function load_database($db) {
$str = file_get_contents(\DBA::$dba->get_install_script());
- $arr = explode(';',$str);
+ $arr = explode(';', $str);
$errors = false;
foreach($arr as $a) {
if(strlen(trim($a))) {
@@ -696,15 +698,19 @@ class Setup extends \Zotlabs\Web\Controller {
}
}
}
-
+
return $errors;
}
-
+
+ /**
+ * @brief
+ *
+ * @return string with parsed HTML
+ */
function what_next() {
$a = get_app();
// install the standard theme
set_config('system', 'allowed_themes', 'redbasic');
-
// Set a lenient list of ciphers if using openssl. Other ssl engines
// (e.g. NSS used in RedHat) require different syntax, so hopefully
@@ -718,15 +724,15 @@ class Setup extends \Zotlabs\Web\Controller {
// weird SSL error which they can't do anything about. This does not affect
// the SSL server, but is only a client negotiation to find something workable.
// Hence it will not make your system susceptible to POODL or other nasties.
-
+
$x = curl_version();
if(stristr($x['ssl_version'],'openssl'))
set_config('system','curl_ssl_ciphers','ALL:!eNULL');
-
+
// Create a system channel
require_once ('include/channel.php');
create_sys_channel();
-
+
$baseurl = z_root();
return
t('<h1>What next</h1>')
@@ -737,13 +743,18 @@ class Setup extends \Zotlabs\Web\Controller {
."</p>";
}
-
+ /**
+ * @brief
+ *
+ * @param unknown $v
+ * @param array $c
+ * @return array
+ */
static private function check_passed($v, $c) {
if ($c['required'])
$v = $v && $c['status'];
-
+
return $v;
}
-
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-02 12:30:54 +0000