From b4a95460e65dbadaf074a414a9e3d9367e109f19 Mon Sep 17 00:00:00 2001 From: Zach Prezkuta Date: Sun, 6 Jan 2013 19:34:54 -0700 Subject: fix show-stopping bugs --- mod/setup.php | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) (limited to 'mod/setup.php') diff --git a/mod/setup.php b/mod/setup.php index b3649ca40..4fa5152ea 100755 --- a/mod/setup.php +++ b/mod/setup.php @@ -183,6 +183,8 @@ function setup_content(&$a) { check_htconfig($checks); + check_smarty3($checks); + check_keys($checks); if(x($_POST,'phpath')) @@ -439,6 +441,22 @@ function check_htconfig(&$checks) { } +function check_smarty3(&$checks) { + $status = true; + $help = ""; + if( !is_writable('view/tpl/smarty3') ) { + + $status=false; + $help = t('Friendica uses the Smarty3 template engine to render its web views. Smarty3 compiles templates to PHP to speed up rendering.') .EOL; + $help .= t('In order to store these compiled templates, the web server needs to have write access to the directory view/tpl/smarty3/ under the Friendica top level folder.').EOL; + $help .= t('Please ensure that the user that your web server runs as (e.g. www-data) has write access to this folder.').EOL; + $help .= t('Note: as a security measure, you should give the web server write access to view/tpl/smarty3/ only--not the template files (.tpl) that it contains.').EOL; + } + + check_add($checks, t('view/tpl/smarty3 is writable'), $status, true, $help); + +} + function check_htaccess(&$checks) { $a = get_app(); $status = true; -- cgit v1.2.3 From 5cb8db64cfdcbf06244f151b7202e6d7ab1ed7d6 Mon Sep 17 00:00:00 2001 From: friendica Date: Mon, 7 Jan 2013 20:25:38 -0800 Subject: bypass smarty for intletext templates --- mod/setup.php | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'mod/setup.php') diff --git a/mod/setup.php b/mod/setup.php index 4fa5152ea..4c1b7ec9b 100755 --- a/mod/setup.php +++ b/mod/setup.php @@ -78,6 +78,9 @@ function setup_post(&$a) { // connect to db $db = new dba($dbhost, $dbuser, $dbpass, $dbdata, true); + // disable smarty for this template + $engine = $a->get_template_engine(); + $a->set_template_engine(); $tpl = get_intltext_template('htconfig.tpl'); $txt = replace_macros($tpl,array( '$dbhost' => $dbhost, @@ -90,6 +93,7 @@ function setup_post(&$a) { '$phpath' => $phpath, '$adminmail' => $adminmail )); + $a->set_template_engine($engine); $result = file_put_contents('.htconfig.php', $txt); if(! $result) { -- cgit v1.2.3 From ddb2a8c23acbb220b8e66a2f7dad18a21d7e55f8 Mon Sep 17 00:00:00 2001 From: Zach Prezkuta Date: Thu, 10 Jan 2013 21:24:10 -0700 Subject: add Smarty templates for international templates --- mod/setup.php | 4 ---- 1 file changed, 4 deletions(-) (limited to 'mod/setup.php') diff --git a/mod/setup.php b/mod/setup.php index 4c1b7ec9b..4fa5152ea 100755 --- a/mod/setup.php +++ b/mod/setup.php @@ -78,9 +78,6 @@ function setup_post(&$a) { // connect to db $db = new dba($dbhost, $dbuser, $dbpass, $dbdata, true); - // disable smarty for this template - $engine = $a->get_template_engine(); - $a->set_template_engine(); $tpl = get_intltext_template('htconfig.tpl'); $txt = replace_macros($tpl,array( '$dbhost' => $dbhost, @@ -93,7 +90,6 @@ function setup_post(&$a) { '$phpath' => $phpath, '$adminmail' => $adminmail )); - $a->set_template_engine($engine); $result = file_put_contents('.htconfig.php', $txt); if(! $result) { -- cgit v1.2.3 From 4c5d2fe0fe4466fbcb142afa019e29a67df0b38b Mon Sep 17 00:00:00 2001 From: friendica Date: Sun, 27 Jan 2013 22:49:18 -0800 Subject: check for mcrypt during install, allow admin email account to be admin *if* it's the first account. --- mod/setup.php | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'mod/setup.php') diff --git a/mod/setup.php b/mod/setup.php index 4fa5152ea..b05b0cec3 100755 --- a/mod/setup.php +++ b/mod/setup.php @@ -387,6 +387,7 @@ function check_funcs(&$checks) { check_add($ck_funcs, t('OpenSSL PHP module'), true, true, ""); check_add($ck_funcs, t('mysqli PHP module'), true, true, ""); check_add($ck_funcs, t('mb_string PHP module'), true, true, ""); + check_add($ck_funcs, t('mcrypt PHP module'), true, true, ""); if(function_exists('apache_get_modules')){ @@ -417,6 +418,10 @@ function check_funcs(&$checks) { $ck_funcs[4]['status']= false; $ck_funcs[4]['help']= t('Error: mb_string PHP module required but not installed.'); } + if(! function_exists('mcrypt_encrypt')){ + $ck_funcs[4]['status']= false; + $ck_funcs[4]['help']= t('Error: mcrypt PHP module required but not installed.'); + } $checks = array_merge($checks, $ck_funcs); -- cgit v1.2.3 From c45a8e27638592fc89826097efe07ded31f3c50a Mon Sep 17 00:00:00 2001 From: friendica Date: Mon, 25 Feb 2013 20:06:33 -0800 Subject: make sure old fetch_url calls (and those that provided their own curl wrapper) go through z_fetch_url --- mod/setup.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'mod/setup.php') diff --git a/mod/setup.php b/mod/setup.php index b05b0cec3..37bb572f9 100755 --- a/mod/setup.php +++ b/mod/setup.php @@ -467,8 +467,8 @@ function check_htaccess(&$checks) { $status = true; $help = ""; if (function_exists('curl_init')){ - $test = fetch_url($a->get_baseurl()."/setup/testrewrite"); - if ($test!="ok") { + $test = z_fetch_url($a->get_baseurl()."/setup/testrewrite"); + if ((! $test['success']) || ($test['body'] != "ok")) { $status = false; $help = t('Url rewrite in .htaccess is not working. Check your server configuration.'); } -- cgit v1.2.3 From 70e766c2bfb4f145564912837864f27aafc82ea2 Mon Sep 17 00:00:00 2001 From: friendica Date: Tue, 26 Feb 2013 19:41:44 -0800 Subject: xss attack vector in bbcode.php - check for proc_open being disabled for security reasons in install --- mod/setup.php | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'mod/setup.php') diff --git a/mod/setup.php b/mod/setup.php index 37bb572f9..cd303205e 100755 --- a/mod/setup.php +++ b/mod/setup.php @@ -397,6 +397,12 @@ function check_funcs(&$checks) { check_add($ck_funcs, t('Apache mod_rewrite module'), true, true, ""); } } + if((! function_exists('proc_open')) || strstr(ini_get('disable_functions'),'proc_open')) { + check_add($ck_funcs, t('proc_open'), false, true, t('Error: proc_open is required but is either not installed or has been disabled in php.ini')); + } + else { + check_add($ck_funcs, t('proc_open'), true, true, ""); + } if(! function_exists('curl_init')){ $ck_funcs[0]['status']= false; -- cgit v1.2.3 From 552f03122c9ec066f5728fc4629d155937fd3620 Mon Sep 17 00:00:00 2001 From: friendica Date: Mon, 22 Apr 2013 20:02:21 -0700 Subject: db abstraction layer --- mod/setup.php | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) (limited to 'mod/setup.php') diff --git a/mod/setup.php b/mod/setup.php index cd303205e..b80435f0b 100755 --- a/mod/setup.php +++ b/mod/setup.php @@ -34,12 +34,12 @@ function setup_post(&$a) { $adminmail = notags(trim($_POST['adminmail'])); $siteurl = notags(trim($_POST['siteurl'])); - require_once("dba.php"); + require_once('include/dba/dba_driver.php'); unset($db); - $db = new dba($dbhost, $dbuser, $dbpass, $dbdata, true); + $db = dba_factory($dbhost, $dbuser, $dbpass, $dbdata, true); /*if(get_db_errno()) { unset($db); - $db = new dba($dbhost, $dbuser, $dbpass, '', true); + $db = dba_factory($dbhost, $dbuser, $dbpass, '', true); if(! get_db_errno()) { $r = q("CREATE DATABASE '%s'", @@ -76,7 +76,7 @@ function setup_post(&$a) { // connect to db - $db = new dba($dbhost, $dbuser, $dbpass, $dbdata, true); + $db = dba_factory($dbhost, $dbuser, $dbpass, $dbdata, true); $tpl = get_intltext_template('htconfig.tpl'); $txt = replace_macros($tpl,array( @@ -120,7 +120,7 @@ function setup_content(&$a) { global $install_wizard_pass, $db; $o = ''; $wizard_status = ""; - $install_title = t('Friendica Red Communications Server - Setup'); + $install_title = t('Red Identity/Communications Server - Setup'); @@ -136,7 +136,7 @@ function setup_content(&$a) { $db_return_text=""; if(x($a->data,'db_installed')) { $txt = '

'; - $txt .= t('Your Friendica site database has been installed.') . EOL; + $txt .= t('Your site database has been installed.') . EOL; $db_return_text .= $txt; } @@ -233,7 +233,7 @@ function setup_content(&$a) { $o .= replace_macros($tpl, array( '$title' => $install_title, '$pass' => t('Database connection'), - '$info_01' => t('In order to install Friendica we need to know how to connect to your database.'), + '$info_01' => t('In order to install Red we need to know how to connect to your database.'), '$info_02' => t('Please contact your hosting provider or site administrator if you have questions about these settings.'), '$info_03' => t('The database you specify below should already exist. If it does not, please create it before continuing.'), @@ -330,7 +330,7 @@ function check_php(&$phpath, &$checks) { $help = ""; if(!$passed) { $help .= t('Could not find a command line version of PHP in the web server PATH.'). EOL; - $help .= t("If you don't have a command line version of PHP installed on server, you will not be able to run background polling via cron. See 'Activating scheduled tasks'") . EOL ; + $help .= t("If you don't have a command line version of PHP installed on server, you will not be able to run background polling via cron.") . EOL; $help .= EOL . EOL ; $tpl = get_markup_template('field_input.tpl'); $help .= replace_macros($tpl, array( @@ -444,7 +444,7 @@ function check_htconfig(&$checks) { $status=false; $help = t('The web installer needs to be able to create a file called ".htconfig.php" in the top folder of your web server and it is unable to do so.') .EOL; $help .= t('This is most often a permission setting, as the web server may not be able to write files in your folder - even if you can.').EOL; - $help .= t('At the end of this procedure, we will give you a text to save in a file named .htconfig.php in your Friendica top folder.').EOL; + $help .= t('At the end of this procedure, we will give you a text to save in a file named .htconfig.php in your Red top folder.').EOL; $help .= t('You can alternatively skip this procedure and perform a manual installation. Please see the file "install/INSTALL.txt" for instructions.').EOL; } @@ -458,8 +458,8 @@ function check_smarty3(&$checks) { if( !is_writable('view/tpl/smarty3') ) { $status=false; - $help = t('Friendica uses the Smarty3 template engine to render its web views. Smarty3 compiles templates to PHP to speed up rendering.') .EOL; - $help .= t('In order to store these compiled templates, the web server needs to have write access to the directory view/tpl/smarty3/ under the Friendica top level folder.').EOL; + $help = t('Red uses the Smarty3 template engine to render its web views. Smarty3 compiles templates to PHP to speed up rendering.') .EOL; + $help .= t('In order to store these compiled templates, the web server needs to have write access to the directory view/tpl/smarty3/ under the Red top level folder.').EOL; $help .= t('Please ensure that the user that your web server runs as (e.g. www-data) has write access to this folder.').EOL; $help .= t('Note: as a security measure, you should give the web server write access to view/tpl/smarty3/ only--not the template files (.tpl) that it contains.').EOL; } @@ -527,7 +527,7 @@ function what_next() { ."

".t('IMPORTANT: You will need to [manually] setup a scheduled task for the poller.') .t('Please see the file "install/INSTALL.txt".') ."

" - .t("Go to your new Friendica node registration page and register as new user. Remember to use the same email you have entered as administrator email. This will allow you to enter the site admin panel.") + .t("Go to your new Red node registration page and register as new user. Remember to use the same email you have entered as administrator email. This will allow you to enter the site admin panel.") ."

"; } -- cgit v1.2.3 From 6f7e002922c33ef7c3a7182500415119f1c41a38 Mon Sep 17 00:00:00 2001 From: friendica Date: Fri, 10 May 2013 03:37:41 -0700 Subject: add db_port to setup and cli_startup - still need to set the port in mod/setup --- mod/setup.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'mod/setup.php') diff --git a/mod/setup.php b/mod/setup.php index b80435f0b..059b28df9 100755 --- a/mod/setup.php +++ b/mod/setup.php @@ -36,10 +36,10 @@ function setup_post(&$a) { require_once('include/dba/dba_driver.php'); unset($db); - $db = dba_factory($dbhost, $dbuser, $dbpass, $dbdata, true); + $db = dba_factory($dbhost, $dbport, $dbuser, $dbpass, $dbdata, true); /*if(get_db_errno()) { unset($db); - $db = dba_factory($dbhost, $dbuser, $dbpass, '', true); + $db = dba_factory($dbhost, $dbport, $dbuser, $dbpass, '', true); if(! get_db_errno()) { $r = q("CREATE DATABASE '%s'", @@ -76,7 +76,7 @@ function setup_post(&$a) { // connect to db - $db = dba_factory($dbhost, $dbuser, $dbpass, $dbdata, true); + $db = dba_factory($dbhost, $dbport, $dbuser, $dbpass, $dbdata, true); $tpl = get_intltext_template('htconfig.tpl'); $txt = replace_macros($tpl,array( -- cgit v1.2.3 From 5e4b9d7766ceffd19785f14443cc1b4d4f675d4e Mon Sep 17 00:00:00 2001 From: friendica Date: Tue, 14 May 2013 21:25:58 -0700 Subject: disable pcss when installing since modules don't yet work and pcss uses the view module, plus weekly doc update --- mod/setup.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'mod/setup.php') diff --git a/mod/setup.php b/mod/setup.php index 059b28df9..1c3620523 100755 --- a/mod/setup.php +++ b/mod/setup.php @@ -148,7 +148,7 @@ function setup_content(&$a) { } if($db && $db->connected) { - $r = q("SELECT COUNT(*) as `total` FROM `user`"); + $r = q("SELECT COUNT(*) as `total` FROM `account`"); if($r && count($r) && $r[0]['total']) { $tpl = get_markup_template('install.tpl'); return replace_macros($tpl, array( -- cgit v1.2.3 From 02bd65ba4b19877e7676e7ed24099c4f4d953e42 Mon Sep 17 00:00:00 2001 From: friendica Date: Wed, 15 May 2013 18:35:16 -0700 Subject: add certificate check to setup --- mod/setup.php | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'mod/setup.php') diff --git a/mod/setup.php b/mod/setup.php index 1c3620523..7831ce0b6 100755 --- a/mod/setup.php +++ b/mod/setup.php @@ -474,6 +474,15 @@ function check_htaccess(&$checks) { $help = ""; if (function_exists('curl_init')){ $test = z_fetch_url($a->get_baseurl()."/setup/testrewrite"); + if(! $test['success']) { + if(strstr($a->get_baseurl(),'https://')) { + $test = z_fetch_url($a->get_baseurl() . "/setup/testrewrite",false,0,array('novalidate' => true)); + if($test['success']) { + check_add($checks, t('SSL certificate validation'),false,true, t('SSL certificate cannot be validated. Fix certificate or disable https access to this site.')); + } + } + } + if ((! $test['success']) || ($test['body'] != "ok")) { $status = false; $help = t('Url rewrite in .htaccess is not working. Check your server configuration.'); -- cgit v1.2.3 From 264e1c0cc6ea60864700b17e62fbe425d142a38d Mon Sep 17 00:00:00 2001 From: friendica Date: Wed, 15 May 2013 20:45:35 -0700 Subject: add port settings to setup --- mod/setup.php | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) (limited to 'mod/setup.php') diff --git a/mod/setup.php b/mod/setup.php index 7831ce0b6..c6c5db96b 100755 --- a/mod/setup.php +++ b/mod/setup.php @@ -27,6 +27,7 @@ function setup_post(&$a) { case 3: $urlpath = $a->get_path(); $dbhost = notags(trim($_POST['dbhost'])); + $dbport = intval(notags(trim($_POST['dbport']))); $dbuser = notags(trim($_POST['dbuser'])); $dbpass = notags(trim($_POST['dbpass'])); $dbdata = notags(trim($_POST['dbdata'])); @@ -47,7 +48,7 @@ function setup_post(&$a) { ); if($r) { unset($db); - $db = new dba($dbhost, $dbuser, $dbpass, $dbdata, true); + $db = new dba($dbhost, $dbport, $dbuser, $dbpass, $dbdata, true); } else { $a->data['db_create_failed']=true; } @@ -65,6 +66,7 @@ function setup_post(&$a) { case 4: $urlpath = $a->get_path(); $dbhost = notags(trim($_POST['dbhost'])); + $dbport = intval(notags(trim($_POST['dbport']))); $dbuser = notags(trim($_POST['dbuser'])); $dbpass = notags(trim($_POST['dbpass'])); $dbdata = notags(trim($_POST['dbdata'])); @@ -81,6 +83,7 @@ function setup_post(&$a) { $tpl = get_intltext_template('htconfig.tpl'); $txt = replace_macros($tpl,array( '$dbhost' => $dbhost, + '$dbport' => $dbport, '$dbuser' => $dbuser, '$dbpass' => $dbpass, '$dbdata' => $dbdata, @@ -120,7 +123,7 @@ function setup_content(&$a) { global $install_wizard_pass, $db; $o = ''; $wizard_status = ""; - $install_title = t('Red Identity/Communications Server - Setup'); + $install_title = t('Red Matrix Server - Setup'); @@ -222,6 +225,7 @@ function setup_content(&$a) { $dbhost = ((x($_POST,'dbhost')) ? notags(trim($_POST['dbhost'])) : 'localhost'); $dbuser = notags(trim($_POST['dbuser'])); + $dbport = intval(notags(trim($_POST['dbport']))); $dbpass = notags(trim($_POST['dbpass'])); $dbdata = notags(trim($_POST['dbdata'])); $phpath = notags(trim($_POST['phpath'])); @@ -240,6 +244,7 @@ function setup_content(&$a) { '$status' => $wizard_status, '$dbhost' => array('dbhost', t('Database Server Name'), $dbhost, ''), + '$dbport' => array('dbport', t('Database Port'), $dbport, t('Communication port number or leave blank to use default'), '$dbuser' => array('dbuser', t('Database Login Name'), $dbuser, ''), '$dbpass' => array('dbpass', t('Database Login Password'), $dbpass, ''), '$dbdata' => array('dbdata', t('Database Name'), $dbdata, ''), @@ -262,6 +267,7 @@ function setup_content(&$a) { case 3: { // Site settings require_once('datetime.php'); $dbhost = ((x($_POST,'dbhost')) ? notags(trim($_POST['dbhost'])) : 'localhost'); + $dbport = intval(notags(trim($_POST['dbuser']))); $dbuser = notags(trim($_POST['dbuser'])); $dbpass = notags(trim($_POST['dbpass'])); $dbdata = notags(trim($_POST['dbdata'])); @@ -279,6 +285,7 @@ function setup_content(&$a) { '$status' => $wizard_status, '$dbhost' => $dbhost, + '$dbport' => $dbport, '$dbuser' => $dbuser, '$dbpass' => $dbpass, '$dbdata' => $dbdata, -- cgit v1.2.3 From f4630dd19c2b8745b0f62b541d83d7a14c45e30d Mon Sep 17 00:00:00 2001 From: friendica Date: Wed, 15 May 2013 20:47:55 -0700 Subject: typo --- mod/setup.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'mod/setup.php') diff --git a/mod/setup.php b/mod/setup.php index c6c5db96b..e69fd954f 100755 --- a/mod/setup.php +++ b/mod/setup.php @@ -244,7 +244,7 @@ function setup_content(&$a) { '$status' => $wizard_status, '$dbhost' => array('dbhost', t('Database Server Name'), $dbhost, ''), - '$dbport' => array('dbport', t('Database Port'), $dbport, t('Communication port number or leave blank to use default'), + '$dbport' => array('dbport', t('Database Port'), $dbport, t('Communication port number or leave blank to use default')), '$dbuser' => array('dbuser', t('Database Login Name'), $dbuser, ''), '$dbpass' => array('dbpass', t('Database Login Password'), $dbpass, ''), '$dbdata' => array('dbdata', t('Database Name'), $dbdata, ''), -- cgit v1.2.3 From 2869a22392fda2edd2279a2e935db2f135fda8b6 Mon Sep 17 00:00:00 2001 From: friendica Date: Wed, 15 May 2013 20:59:39 -0700 Subject: more setup work --- mod/setup.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'mod/setup.php') diff --git a/mod/setup.php b/mod/setup.php index e69fd954f..08e5cd564 100755 --- a/mod/setup.php +++ b/mod/setup.php @@ -237,14 +237,14 @@ function setup_content(&$a) { $o .= replace_macros($tpl, array( '$title' => $install_title, '$pass' => t('Database connection'), - '$info_01' => t('In order to install Red we need to know how to connect to your database.'), + '$info_01' => t('In order to install Red Matrix we need to know how to connect to your database.'), '$info_02' => t('Please contact your hosting provider or site administrator if you have questions about these settings.'), '$info_03' => t('The database you specify below should already exist. If it does not, please create it before continuing.'), '$status' => $wizard_status, - '$dbhost' => array('dbhost', t('Database Server Name'), $dbhost, ''), - '$dbport' => array('dbport', t('Database Port'), $dbport, t('Communication port number or leave blank to use default')), + '$dbhost' => array('dbhost', t('Database Server Name'), $dbhost, t('Default is localhost'), + '$dbport' => array('dbport', t('Database Port'), $dbport, t('Communication port number - use 0 for default')), '$dbuser' => array('dbuser', t('Database Login Name'), $dbuser, ''), '$dbpass' => array('dbpass', t('Database Login Password'), $dbpass, ''), '$dbdata' => array('dbdata', t('Database Name'), $dbdata, ''), -- cgit v1.2.3 From 343fb61badf0e58070314592a24397a8692d1f45 Mon Sep 17 00:00:00 2001 From: friendica Date: Wed, 15 May 2013 21:01:06 -0700 Subject: another typo --- mod/setup.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'mod/setup.php') diff --git a/mod/setup.php b/mod/setup.php index 08e5cd564..751f8bdf8 100755 --- a/mod/setup.php +++ b/mod/setup.php @@ -243,7 +243,7 @@ function setup_content(&$a) { '$status' => $wizard_status, - '$dbhost' => array('dbhost', t('Database Server Name'), $dbhost, t('Default is localhost'), + '$dbhost' => array('dbhost', t('Database Server Name'), $dbhost, t('Default is localhost')), '$dbport' => array('dbport', t('Database Port'), $dbport, t('Communication port number - use 0 for default')), '$dbuser' => array('dbuser', t('Database Login Name'), $dbuser, ''), '$dbpass' => array('dbpass', t('Database Login Password'), $dbpass, ''), -- cgit v1.2.3 From d20a0cb6abe92e05f4387a6b3ad504b422275fb1 Mon Sep 17 00:00:00 2001 From: friendica Date: Wed, 15 May 2013 22:27:35 -0700 Subject: fix intltext template driver --- mod/setup.php | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'mod/setup.php') diff --git a/mod/setup.php b/mod/setup.php index 751f8bdf8..b76fa7be1 100755 --- a/mod/setup.php +++ b/mod/setup.php @@ -38,6 +38,10 @@ function setup_post(&$a) { require_once('include/dba/dba_driver.php'); unset($db); $db = dba_factory($dbhost, $dbport, $dbuser, $dbpass, $dbdata, true); + if(! $db->connected) { + echo "Database Connect failed: " . $db->error; + killme(); + } /*if(get_db_errno()) { unset($db); $db = dba_factory($dbhost, $dbport, $dbuser, $dbpass, '', true); @@ -80,6 +84,11 @@ function setup_post(&$a) { // connect to db $db = dba_factory($dbhost, $dbport, $dbuser, $dbpass, $dbdata, true); + if(! $db->connected) { + echo 'CRITICAL: DB not connected.'; + killme(); + } + $tpl = get_intltext_template('htconfig.tpl'); $txt = replace_macros($tpl,array( '$dbhost' => $dbhost, -- cgit v1.2.3 From 383a9bab96051c9c1195ef8534f4e87270d8623a Mon Sep 17 00:00:00 2001 From: friendica Date: Thu, 16 May 2013 04:27:28 -0700 Subject: if somebody changes the site url during setup - check if we can connect to the new url e.g. it has a valid cert. --- mod/setup.php | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'mod/setup.php') diff --git a/mod/setup.php b/mod/setup.php index b76fa7be1..3c0a133b7 100755 --- a/mod/setup.php +++ b/mod/setup.php @@ -80,6 +80,13 @@ function setup_post(&$a) { $siteurl = notags(trim($_POST['siteurl'])); + if($siteurl != z_root()) { + $test = z_fetch_url($siteurl."/setup/testrewrite"); + if((! $test['success']) || ($test['body'] != 'ok')) { + $a->data['url_fail'] = true; + return; + } + } // connect to db $db = dba_factory($dbhost, $dbport, $dbuser, $dbpass, $dbdata, true); @@ -140,6 +147,11 @@ function setup_content(&$a) { $install_wizard_pass = 2; $wizard_status = t('Could not connect to database.'); } + if(x($a->data,'url_fail')) { + $install_wizard_pass = 3; + $wizard_status = t('Could not connect to specified site URL. Possible SSL certificate or DNS issue.'); + } + if(x($a->data,'db_create_failed')) { $install_wizard_pass = 2; $wizard_status = t('Could not create table.'); -- cgit v1.2.3 From ff56e95c6e907f05ecd18f40a372aa98b1b24926 Mon Sep 17 00:00:00 2001 From: dsp1986 Date: Tue, 17 Sep 2013 09:41:48 +0200 Subject: fix include paths --- mod/setup.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'mod/setup.php') diff --git a/mod/setup.php b/mod/setup.php index 3c0a133b7..97bdba34e 100755 --- a/mod/setup.php +++ b/mod/setup.php @@ -286,7 +286,7 @@ function setup_content(&$a) { return $o; }; break; case 3: { // Site settings - require_once('datetime.php'); + require_once('include/datetime.php'); $dbhost = ((x($_POST,'dbhost')) ? notags(trim($_POST['dbhost'])) : 'localhost'); $dbport = intval(notags(trim($_POST['dbuser']))); $dbuser = notags(trim($_POST['dbuser'])); -- cgit v1.2.3 From 9945c1844c9ed8dca42f448ff17dd21b047e896f Mon Sep 17 00:00:00 2001 From: Thomas Willingham Date: Mon, 14 Oct 2013 21:44:35 +0100 Subject: Issue #181 --- mod/setup.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'mod/setup.php') diff --git a/mod/setup.php b/mod/setup.php index 97bdba34e..b825b5e0d 100755 --- a/mod/setup.php +++ b/mod/setup.php @@ -453,8 +453,8 @@ function check_funcs(&$checks) { $ck_funcs[4]['help']= t('Error: mb_string PHP module required but not installed.'); } if(! function_exists('mcrypt_encrypt')){ - $ck_funcs[4]['status']= false; - $ck_funcs[4]['help']= t('Error: mcrypt PHP module required but not installed.'); + $ck_funcs[5]['status']= false; + $ck_funcs[5]['help']= t('Error: mcrypt PHP module required but not installed.'); } $checks = array_merge($checks, $ck_funcs); -- cgit v1.2.3 From 310ccfda997449dcc08c0d37d194c12b6f929c6d Mon Sep 17 00:00:00 2001 From: friendica Date: Tue, 5 Nov 2013 19:45:02 -0800 Subject: INSTALL for dummies - step 1: ensure that we throw an ugly error message in their face if there's an ugly error when we first try to install. DON'T white screen until after they've got it running. --- mod/setup.php | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) (limited to 'mod/setup.php') diff --git a/mod/setup.php b/mod/setup.php index b825b5e0d..429be43af 100755 --- a/mod/setup.php +++ b/mod/setup.php @@ -4,7 +4,25 @@ $install_wizard_pass=1; function setup_init(&$a){ + + // Ensure that if somebody hasn't read the install documentation and doesn't have all + // the required modules or has a totally borked shared hosting provider and they can't + // figure out what the hell is going on - that we at least spit out an error message which + // we can inquire about when they write to tell us that our software doesn't work. + + // The worst thing we can do at this point is throw a white screen of death and rely on + // them knowing about servers and php modules and logfiles enough so that we can guess + // at the source of the problem. As ugly as it may be, we need to throw a technically worded + // PHP error message in their face. Once installation is complete application errors will + // throw a white screen because these error messages divulge information which can + // potentially be useful to hackers. + + error_reporting(E_ERROR | E_WARNING | E_PARSE ); + ini_set('log_errors','0'); + ini_set('display_errors', '1'); + + // $baseurl/setup/testrwrite to test if rewite in .htaccess is working if (argc() ==2 && argv(1)=="testrewrite") { echo "ok"; @@ -14,6 +32,7 @@ function setup_init(&$a){ if (x($_POST,'pass')) $install_wizard_pass = intval($_POST['pass']); + } function setup_post(&$a) { -- cgit v1.2.3 From b3fe221b7fe9c6ecc151d9c00f36d3913526f6a3 Mon Sep 17 00:00:00 2001 From: friendica Date: Wed, 11 Dec 2013 23:13:36 -0800 Subject: issue #240 - we were using htmlentities instead of htmlspecialchars in several places, and this was a bit greedy in the set of characters which were converted from utf-8 to HTML entities. Also brought mail attachments up to date so they are rendered identically to item attachments. --- mod/setup.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'mod/setup.php') diff --git a/mod/setup.php b/mod/setup.php index 429be43af..0198f1f09 100755 --- a/mod/setup.php +++ b/mod/setup.php @@ -543,7 +543,7 @@ function check_htaccess(&$checks) { function manual_config(&$a) { - $data = htmlentities($a->data['txt']); + $data = htmlspecialchars($a->data['txt'],ENT_COMPAT,'UTF-8'); $o = t('The database configuration file ".htconfig.php" could not be written. Please use the enclosed text to create a configuration file in your web server root.'); $o .= ""; return $o; -- cgit v1.2.3 From a7a775a718ef92c9bd623849baab1e386071d70b Mon Sep 17 00:00:00 2001 From: friendica Date: Mon, 16 Dec 2013 00:25:08 -0800 Subject: install redbasic during setup so that at least one theme is registered. Otherwise none of the display settings seem to work very well. --- mod/setup.php | 2 ++ 1 file changed, 2 insertions(+) (limited to 'mod/setup.php') diff --git a/mod/setup.php b/mod/setup.php index 0198f1f09..245508683 100755 --- a/mod/setup.php +++ b/mod/setup.php @@ -577,6 +577,8 @@ function load_database($db) { function what_next() { $a = get_app(); + // install the standard theme + set_config('system','allowed_themes','redbasic'); $baseurl = $a->get_baseurl(); return t('

What next

') -- cgit v1.2.3 From 352e4dc21b77410ffbf01cca499b86709b4be43e Mon Sep 17 00:00:00 2001 From: friendica Date: Wed, 8 Jan 2014 18:20:47 -0800 Subject: add store directory write check to install checks --- mod/setup.php | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) (limited to 'mod/setup.php') diff --git a/mod/setup.php b/mod/setup.php index 245508683..ca5566578 100755 --- a/mod/setup.php +++ b/mod/setup.php @@ -228,6 +228,8 @@ function setup_content(&$a) { check_smarty3($checks); + check_store($checks); + check_keys($checks); if(x($_POST,'phpath')) @@ -515,6 +517,24 @@ function check_smarty3(&$checks) { } +function check_store(&$checks) { + $status = true; + $help = ""; + + @mkdir('store',STORAGE_DEFAULT_PERMISSIONS); + + if( !is_writable('store') ) { + + $status=false; + $help = t('Red uses the store directory to save uploaded files. The web server needs to have write access to the store directory under the Red top level folder') . EOL; + $help .= t('Please ensure that the user that your web server runs as (e.g. www-data) has write access to this folder.').EOL; + } + + check_add($checks, t('store is writable'), $status, true, $help); + +} + + function check_htaccess(&$checks) { $a = get_app(); $status = true; -- cgit v1.2.3 From b39c0d54c07c1a89aa1e4ecaef134b96e4ed4b8a Mon Sep 17 00:00:00 2001 From: friendica Date: Sun, 2 Feb 2014 14:06:36 -0800 Subject: some windows fixes --- mod/setup.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'mod/setup.php') diff --git a/mod/setup.php b/mod/setup.php index ca5566578..14572699e 100755 --- a/mod/setup.php +++ b/mod/setup.php @@ -373,7 +373,10 @@ function check_php(&$phpath, &$checks) { if (strlen($phpath)){ $passed = file_exists($phpath); } else { - $phpath = trim(shell_exec('which php')); + if(is_windows()) + $phpath = trim(shell_exec('where php')); + else + $phpath = trim(shell_exec('which php')); $passed = strlen($phpath); } $help = ""; -- cgit v1.2.3 From 93000ebad6520018712128833bd8f4fbab4a1f68 Mon Sep 17 00:00:00 2001 From: Thomas Willingham Date: Fri, 7 Mar 2014 17:29:36 +0000 Subject: Actually create syschan during install --- mod/setup.php | 3 +++ 1 file changed, 3 insertions(+) (limited to 'mod/setup.php') diff --git a/mod/setup.php b/mod/setup.php index 14572699e..d12627e84 100755 --- a/mod/setup.php +++ b/mod/setup.php @@ -602,6 +602,9 @@ function what_next() { $a = get_app(); // install the standard theme set_config('system','allowed_themes','redbasic'); + // Create a system channel + require_once ('include/identity.php'); + create_sys_channel(); $baseurl = $a->get_baseurl(); return t('

What next

') -- cgit v1.2.3 From ba6765a40301a549f2fcbe5ddcf0dffd53e205fc Mon Sep 17 00:00:00 2001 From: friendica Date: Sun, 23 Mar 2014 15:48:08 -0700 Subject: report curl errors during install when they are most needed --- mod/setup.php | 3 +++ 1 file changed, 3 insertions(+) (limited to 'mod/setup.php') diff --git a/mod/setup.php b/mod/setup.php index d12627e84..83317dc4c 100755 --- a/mod/setup.php +++ b/mod/setup.php @@ -103,6 +103,7 @@ function setup_post(&$a) { $test = z_fetch_url($siteurl."/setup/testrewrite"); if((! $test['success']) || ($test['body'] != 'ok')) { $a->data['url_fail'] = true; + $a->data['url_error'] = $test['error']; return; } } @@ -169,6 +170,8 @@ function setup_content(&$a) { if(x($a->data,'url_fail')) { $install_wizard_pass = 3; $wizard_status = t('Could not connect to specified site URL. Possible SSL certificate or DNS issue.'); + if($a->data['url_error']) + $wizard_status .= ' ' . $a->data['url_error']; } if(x($a->data,'db_create_failed')) { -- cgit v1.2.3 From 7375e305060df3818f01a96fbbd811921468ad89 Mon Sep 17 00:00:00 2001 From: friendica Date: Tue, 25 Mar 2014 15:19:18 -0700 Subject: This should be a slight improvement in setting ciphers - we'll punt on RedHat but open up the list just for openssl distros which seem to have all the problems at the moment. --- mod/setup.php | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) (limited to 'mod/setup.php') diff --git a/mod/setup.php b/mod/setup.php index 83317dc4c..02c2268ce 100755 --- a/mod/setup.php +++ b/mod/setup.php @@ -605,9 +605,28 @@ function what_next() { $a = get_app(); // install the standard theme set_config('system','allowed_themes','redbasic'); + + // Set a lenient list of ciphers if using openssl. Other ssl engines + // (e.g. NSS used in RedHat) require different syntax, so hopefully + // the default curl cipher list will work for most sites. If not, + // this can set via config. Many distros are now disabling RC4, + // but many Red sites still use it and are unable to change it. + // We do not use SSL for encryption, only to protect session cookies. + // z_fetch_url() is also used to import shared links and other content + // so in theory most any cipher could show up and we should do our best + // to make the content available rather than tell folks that there's a + // weird SSL error which they can't do anything about. + + $x = curl_version(); + if(stristr($x['ssl_version'],'openssl')) + set_config('system','curl_ssl_ciphers','ALL:!eNULL'); + + // Create a system channel require_once ('include/identity.php'); create_sys_channel(); + + $baseurl = $a->get_baseurl(); return t('

What next

') -- cgit v1.2.3 From f16fc1eb4f82760a516dcf5e49257036f2c01aca Mon Sep 17 00:00:00 2001 From: sasiflo Date: Thu, 10 Apr 2014 23:41:18 +0200 Subject: Added some more details about why browser-valid SSL certificates must be used when SSL is used at all. It is now in the check failure message in the installation routine, the installation readme and in the documentation pages. --- mod/setup.php | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'mod/setup.php') diff --git a/mod/setup.php b/mod/setup.php index 02c2268ce..07ad34ac5 100755 --- a/mod/setup.php +++ b/mod/setup.php @@ -551,7 +551,14 @@ function check_htaccess(&$checks) { if(strstr($a->get_baseurl(),'https://')) { $test = z_fetch_url($a->get_baseurl() . "/setup/testrewrite",false,0,array('novalidate' => true)); if($test['success']) { - check_add($checks, t('SSL certificate validation'),false,true, t('SSL certificate cannot be validated. Fix certificate or disable https access to this site.')); + $help = t('SSL certificate cannot be validated. Fix certificate or disable https access to this site.') . EOL; + $help .= t('If you use https access, you MUST use a certification instance known by all internet browsers. You MUST NOT use self-signed certificates!') . EOL; + $help .= t('This restriction is incorporated because public posts from you may for example contain references to images on your own hub. If your') . EOL; + $help .= t('certificate is not known by the internet browser of users they get a warning message complaining about some security issues. Although') . EOL; + $help .= t('these complains are not the real truth - there are no security issues with your encryption! - the users may be confused, nerved or even') .EOL; + $help .= t('worse may become scared about redmatrix having security issues. Use one of the free certification instances!') . EOL; + + check_add($checks, t('SSL certificate validation'),false,true, $help); } } } -- cgit v1.2.3 From cc68e06deee9a7fd5f62bfa0b26fc8b686ffa22c Mon Sep 17 00:00:00 2001 From: friendica Date: Tue, 6 May 2014 17:32:22 -0700 Subject: setup: check for open https port with an invalid cert, even if configured to use http. Also a bit more word-smithing on the resultant error text but it's still not perfect. --- mod/setup.php | 36 +++++++++++++++++++++++++----------- 1 file changed, 25 insertions(+), 11 deletions(-) (limited to 'mod/setup.php') diff --git a/mod/setup.php b/mod/setup.php index 07ad34ac5..9eccffe75 100755 --- a/mod/setup.php +++ b/mod/setup.php @@ -545,22 +545,36 @@ function check_htaccess(&$checks) { $a = get_app(); $status = true; $help = ""; + $ssl_error = false; + + $url = $a->get_baseurl() . '/test/rewrite'; + if (function_exists('curl_init')){ - $test = z_fetch_url($a->get_baseurl()."/setup/testrewrite"); + $test = z_fetch_url($url); if(! $test['success']) { - if(strstr($a->get_baseurl(),'https://')) { - $test = z_fetch_url($a->get_baseurl() . "/setup/testrewrite",false,0,array('novalidate' => true)); + if(strstr($url,'https://')) { + $test = z_fetch_url($url,false,0,array('novalidate' => true)); + if($test['success']) { + $ssl_error = true; + } + } + else { + $test = z_fetch_url(str_replace('http://','https://',$url),false,0,array('novalidate' => true)); if($test['success']) { - $help = t('SSL certificate cannot be validated. Fix certificate or disable https access to this site.') . EOL; - $help .= t('If you use https access, you MUST use a certification instance known by all internet browsers. You MUST NOT use self-signed certificates!') . EOL; - $help .= t('This restriction is incorporated because public posts from you may for example contain references to images on your own hub. If your') . EOL; - $help .= t('certificate is not known by the internet browser of users they get a warning message complaining about some security issues. Although') . EOL; - $help .= t('these complains are not the real truth - there are no security issues with your encryption! - the users may be confused, nerved or even') .EOL; - $help .= t('worse may become scared about redmatrix having security issues. Use one of the free certification instances!') . EOL; - - check_add($checks, t('SSL certificate validation'),false,true, $help); + $ssl_error = true; } } + + if($ssl_error) { + $help = t('SSL certificate cannot be validated. Fix certificate or disable https access to this site.') . EOL; + $help .= t('If you have https access to your website or allow connections to TCP port 443 (the https: port), you MUST use a browser-valid certificate. You MUST NOT use self-signed certificates!') . EOL; + $help .= t('This restriction is incorporated because public posts from you may for example contain references to images on your own hub.') . EOL; + $help .= t('If your certificate is not recognised, members of other sites (who may themselves have valid certificates) will get a warning message on their own site complaining about security issues.') . EOL; + $help .= t('This can cause usability issues elsewhere (not just on your own site) so we must insist on this requirement.') .EOL; + $help .= t('Providers are available that issue free certificates which are browser-valid.'). EOL; + + check_add($checks, t('SSL certificate validation'),false,true, $help); + } } if ((! $test['success']) || ($test['body'] != "ok")) { -- cgit v1.2.3 From 61ed6ea273ec7bc73017fd09b0b4f594c855d1c0 Mon Sep 17 00:00:00 2001 From: friendica Date: Sat, 31 May 2014 16:10:31 -0700 Subject: issue #476 --- mod/setup.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'mod/setup.php') diff --git a/mod/setup.php b/mod/setup.php index 9eccffe75..0832068f8 100755 --- a/mod/setup.php +++ b/mod/setup.php @@ -547,7 +547,7 @@ function check_htaccess(&$checks) { $help = ""; $ssl_error = false; - $url = $a->get_baseurl() . '/test/rewrite'; + $url = $a->get_baseurl() . '/setup/testrewrite'; if (function_exists('curl_init')){ $test = z_fetch_url($url); -- cgit v1.2.3 From 49abe9d3344c6acdc808f0459ec7ec476560cd65 Mon Sep 17 00:00:00 2001 From: friendica Date: Mon, 2 Jun 2014 19:05:24 -0700 Subject: issue #479 - tag escaping not needed here. --- mod/setup.php | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) (limited to 'mod/setup.php') diff --git a/mod/setup.php b/mod/setup.php index 0832068f8..69e026056 100755 --- a/mod/setup.php +++ b/mod/setup.php @@ -45,14 +45,14 @@ function setup_post(&$a) { break; // just in case return don't return :) case 3: $urlpath = $a->get_path(); - $dbhost = notags(trim($_POST['dbhost'])); - $dbport = intval(notags(trim($_POST['dbport']))); - $dbuser = notags(trim($_POST['dbuser'])); - $dbpass = notags(trim($_POST['dbpass'])); - $dbdata = notags(trim($_POST['dbdata'])); - $phpath = notags(trim($_POST['phpath'])); - $adminmail = notags(trim($_POST['adminmail'])); - $siteurl = notags(trim($_POST['siteurl'])); + $dbhost = trim($_POST['dbhost']); + $dbport = intval(trim($_POST['dbport'])); + $dbuser = trim($_POST['dbuser']); + $dbpass = trim($_POST['dbpass']); + $dbdata = trim($_POST['dbdata']); + $phpath = trim($_POST['phpath']); + $adminmail = trim($_POST['adminmail']); + $siteurl = trim($_POST['siteurl']); require_once('include/dba/dba_driver.php'); unset($db); -- cgit v1.2.3