install.php 14 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399
  1. <?php
  2. // This file is part of GNU social - https://www.gnu.org/software/social
  3. //
  4. // GNU social is free software: you can redistribute it and/or modify
  5. // it under the terms of the GNU Affero General Public License as published by
  6. // the Free Software Foundation, either version 3 of the License, or
  7. // (at your option) any later version.
  8. //
  9. // GNU social is distributed in the hope that it will be useful,
  10. // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11. // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  12. // GNU Affero General Public License for more details.
  13. //
  14. // You should have received a copy of the GNU Affero General Public License
  15. // along with GNU social. If not, see <http://www.gnu.org/licenses/>.
  16. /**
  17. * Web Installer
  18. *
  19. * @package Installation
  20. * @author Adrian Lang <mail@adrianlang.de>
  21. * @author Brenda Wallace <shiny@cpan.org>
  22. * @author Brett Taylor <brett@webfroot.co.nz>
  23. * @author Brion Vibber <brion@pobox.com>
  24. * @author CiaranG <ciaran@ciarang.com>
  25. * @author Craig Andrews <candrews@integralblue.com>
  26. * @author Eric Helgeson <helfire@Erics-MBP.local>
  27. * @author Evan Prodromou <evan@status.net>
  28. * @author Mikael Nordfeldth <mmn@hethane.se>
  29. * @author Robin Millette <millette@controlyourself.ca>
  30. * @author Sarven Capadisli <csarven@status.net>
  31. * @author Tom Adams <tom@holizz.com>
  32. * @author Zach Copley <zach@status.net>
  33. * @author Diogo Cordeiro <diogo@fc.up.pt>
  34. * @copyright 2019 Free Software Foundation, Inc http://www.fsf.org
  35. * @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
  36. */
  37. define('INSTALLDIR', dirname(__DIR__));
  38. define('PUBLICDIR', INSTALLDIR . DIRECTORY_SEPARATOR . 'public');
  39. require INSTALLDIR . '/lib/util/installer.php';
  40. /**
  41. * Helper class for building form
  42. */
  43. class Posted
  44. {
  45. /**
  46. * HTML-friendly escaped string for the POST param of given name, or empty.
  47. * @param string $name
  48. * @return string
  49. */
  50. public function value(string $name): string
  51. {
  52. return htmlspecialchars($this->string($name));
  53. }
  54. /**
  55. * The given POST parameter value, forced to a string.
  56. * Missing value will give ''.
  57. *
  58. * @param string $name
  59. * @return string
  60. */
  61. public function string(string $name): string
  62. {
  63. return strval($this->raw($name));
  64. }
  65. /**
  66. * The given POST parameter value, in its original form.
  67. * Missing value will give null.
  68. *
  69. * @param string $name
  70. * @return mixed
  71. */
  72. public function raw(string $name)
  73. {
  74. return filter_input(INPUT_POST, $name);
  75. }
  76. }
  77. /**
  78. * Web-based installer: provides a form and such.
  79. */
  80. class WebInstaller extends Installer
  81. {
  82. /**
  83. * the actual installation.
  84. * If call libraries are present, then install
  85. *
  86. * @return void
  87. */
  88. public function main()
  89. {
  90. if (!$this->checkPrereqs()) {
  91. $this->warning(_('Please fix the above stated problems and refresh this page to continue installing.'));
  92. return;
  93. }
  94. if ($_SERVER['REQUEST_METHOD'] == 'POST') {
  95. $this->handlePost();
  96. } else {
  97. $this->showForm();
  98. }
  99. }
  100. /**
  101. * Web implementation of warning output
  102. * @param string $message
  103. * @param string $submessage
  104. */
  105. public function warning(string $message, string $submessage = '')
  106. {
  107. print "<p class=\"error\">$message</p>\n";
  108. if ($submessage != '') {
  109. print "<p>$submessage</p>\n";
  110. }
  111. }
  112. /**
  113. * Web implementation of status output
  114. * @param string $status
  115. * @param bool $error
  116. */
  117. public function updateStatus(string $status, bool $error = false)
  118. {
  119. echo '<li' . ($error ? ' class="error"' : '') . ">$status</li>";
  120. }
  121. /**
  122. * Show the web form!
  123. */
  124. public function showForm()
  125. {
  126. global $dbModules;
  127. $post = new Posted();
  128. $dbRadios = '';
  129. $dbtype = $post->raw('dbtype');
  130. foreach (self::$dbModules as $type => $info) {
  131. if (extension_loaded($info['check_module'])) {
  132. if ($dbtype == null || $dbtype == $type) {
  133. $checked = 'checked="checked" ';
  134. $dbtype = $type; // if we didn't have one checked, hit the first
  135. } else {
  136. $checked = '';
  137. }
  138. $dbRadios .= sprintf(
  139. '<input type="radio" name="dbtype" id="dbtype-%1$s" value="%1$s" %2$s/>%3$s<br>',
  140. htmlspecialchars($type),
  141. $checked,
  142. htmlspecialchars($info['name'])
  143. );
  144. }
  145. }
  146. $ssl = ['always' => null, 'never' => null];
  147. if (!empty($_SERVER['HTTPS'])) {
  148. $ssl['always'] = 'checked="checked"';
  149. } else {
  150. $ssl['never'] = 'checked="checked"';
  151. }
  152. echo <<<E_O_T
  153. <form method="post" action="install.php" class="form_settings" id="form_install">
  154. <fieldset>
  155. <fieldset id="settings_site">
  156. <legend>Site settings</legend>
  157. <ul class="form_data">
  158. <li>
  159. <label for="sitename">Site name</label>
  160. <input type="text" id="sitename" name="sitename" value="{$post->value('sitename')}">
  161. <p class="form_guide">The name of your site</p>
  162. </li>
  163. <li>
  164. <label for="fancy-enable">Fancy URLs</label>
  165. <input type="radio" name="fancy" id="fancy-enable" value="enable" checked='checked'> enable<br>
  166. <input type="radio" name="fancy" id="fancy-disable" value=""> disable<br>
  167. <p class="form_guide" id='fancy-form_guide'>Enable fancy (pretty) URLs. Auto-detection failed, it depends on Javascript.</p>
  168. </li>
  169. <li>
  170. <label for="ssl">Server SSL</label>
  171. <input type="radio" name="ssl" id="ssl-always" value="always" {$ssl['always']}> enable<br>
  172. <input type="radio" name="ssl" id="ssl-never" value="never" {$ssl['never']}> disable<br>
  173. <input type="radio" name="ssl" id="ssl-proxy" value="proxy"> proxied<br>
  174. <p class="form_guide" id="ssl-form_guide">Enabling SSL (https://) requires extra webserver configuration and certificate generation not offered by this installation.</p>
  175. </li>
  176. </ul>
  177. </fieldset>
  178. <fieldset id="settings_db">
  179. <legend>Database settings</legend>
  180. <ul class="form_data">
  181. <li>
  182. <label for="host">Hostname</label>
  183. <input type="text" id="host" name="host" value="{$post->value('host')}">
  184. <p class="form_guide">Database hostname</p>
  185. </li>
  186. <li>
  187. <label for="dbtype">Type</label>
  188. {$dbRadios}
  189. <p class="form_guide">Database type</p>
  190. </li>
  191. <li>
  192. <label for="database">Name</label>
  193. <input type="text" id="database" name="database" value="{$post->value('database')}">
  194. <p class="form_guide">Database name</p>
  195. </li>
  196. <li>
  197. <label for="dbusername">DB username</label>
  198. <input type="text" id="dbusername" name="dbusername" value="{$post->value('dbusername')}">
  199. <p class="form_guide">Database username</p>
  200. </li>
  201. <li>
  202. <label for="dbpassword">DB password</label>
  203. <input type="password" id="dbpassword" name="dbpassword" value="{$post->value('dbpassword')}">
  204. <p class="form_guide">Database password (optional)</p>
  205. </li>
  206. </ul>
  207. </fieldset>
  208. <fieldset id="settings_admin">
  209. <legend>Administrator settings</legend>
  210. <ul class="form_data">
  211. <li>
  212. <label for="admin_nickname">Administrator nickname</label>
  213. <input type="text" id="admin_nickname" name="admin_nickname" value="{$post->value('admin_nickname')}">
  214. <p class="form_guide">Nickname for the initial user (administrator)</p>
  215. </li>
  216. <li>
  217. <label for="admin_password">Administrator password</label>
  218. <input type="password" id="admin_password" name="admin_password" value="{$post->value('admin_password')}">
  219. <p class="form_guide">Password for the initial user (administrator)</p>
  220. </li>
  221. <li>
  222. <label for="admin_password2">Confirm password</label>
  223. <input type="password" id="admin_password2" name="admin_password2" value="{$post->value('admin_password2')}">
  224. </li>
  225. <li>
  226. <label for="admin_email">Administrator e-mail</label>
  227. <input id="admin_email" name="admin_email" value="{$post->value('admin_email')}">
  228. <p class="form_guide">Optional email address for the initial user (administrator)</p>
  229. </li>
  230. </ul>
  231. </fieldset>
  232. <fieldset id="settings_profile">
  233. <legend>Site profile</legend>
  234. <ul class="form_data">
  235. <li>
  236. <label for="site_profile">Type of site</label>
  237. <select id="site_profile" name="site_profile">
  238. <option value="community">Community</option>
  239. <option value="public">Public (open registration)</option>
  240. <option value="singleuser">Single User</option>
  241. <option value="private">Private (no federation)</option>
  242. </select>
  243. <p class="form_guide">Initial access settings for your site</p>
  244. </li>
  245. </ul>
  246. </fieldset>
  247. <input type="submit" name="submit" class="submit" value="Submit">
  248. </fieldset>
  249. </form>
  250. E_O_T;
  251. }
  252. /**
  253. * Handle a POST submission... if we have valid input, start the install!
  254. * Otherwise shows the form along with any error messages.
  255. */
  256. public function handlePost()
  257. {
  258. echo <<<STR
  259. <dl class="system_notice">
  260. <dt>Page notice</dt>
  261. <dd>
  262. <ul>
  263. STR;
  264. $this->validated = $this->prepare();
  265. if ($this->validated) {
  266. $this->doInstall();
  267. }
  268. echo <<<STR
  269. </ul>
  270. </dd>
  271. </dl>
  272. STR;
  273. if (!$this->validated) {
  274. $this->showForm();
  275. }
  276. }
  277. /**
  278. * Read and validate input data.
  279. * May output side effects.
  280. *
  281. * @return bool success
  282. */
  283. public function prepare(): bool
  284. {
  285. $post = new Posted();
  286. $this->host = $post->string('host');
  287. $this->dbtype = $post->string('dbtype');
  288. $this->database = $post->string('database');
  289. $this->username = $post->string('dbusername');
  290. $this->password = $post->string('dbpassword');
  291. $this->sitename = $post->string('sitename');
  292. $this->fancy = (bool)$post->string('fancy');
  293. $this->adminNick = strtolower($post->string('admin_nickname'));
  294. $this->adminPass = $post->string('admin_password');
  295. $adminPass2 = $post->string('admin_password2');
  296. $this->adminEmail = $post->string('admin_email');
  297. $this->siteProfile = $post->string('site_profile');
  298. $this->ssl = $post->string('ssl');
  299. $this->server = $_SERVER['HTTP_HOST'];
  300. $this->path = substr(dirname($_SERVER['PHP_SELF']), 1);
  301. $fail = false;
  302. if (!$this->validateDb()) {
  303. $fail = true;
  304. }
  305. if (!$this->validateAdmin()) {
  306. $fail = true;
  307. }
  308. if ($this->adminPass != $adminPass2) {
  309. $this->updateStatus("Administrator passwords do not match. Did you mistype?", true);
  310. $fail = true;
  311. }
  312. if (!in_array($this->ssl, ['never', 'always', 'proxy'])) {
  313. $this->updateStatus("Bad value for server SSL enabling.");
  314. $fail = true;
  315. }
  316. if (!$this->validateSiteProfile()) {
  317. $fail = true;
  318. }
  319. return !$fail;
  320. }
  321. }
  322. ?>
  323. <!DOCTYPE html>
  324. <html lang="en">
  325. <head>
  326. <title>Install GNU social</title>
  327. <link rel="shortcut icon" href="favicon.ico">
  328. <link rel="stylesheet" type="text/css" href="theme/base/css/display.css" media="screen, projection, tv">
  329. <link rel="stylesheet" type="text/css" href="theme/neo/css/display.css" media="screen, projection, tv">
  330. <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
  331. <script src="js/extlib/jquery.js"></script>
  332. <script src="js/install.js"></script>
  333. </head>
  334. <body id="install">
  335. <div id="wrap">
  336. <div id="header">
  337. <address id="site_contact" class="h-card">
  338. <a class="u-url p-name home bookmark org" href=".">
  339. <img class="logo u-photo" src="theme/neo/logo.png" alt="GNU social"/>
  340. GNU social
  341. </a>
  342. </address>
  343. <div id="site_nav_global_primary"></div>
  344. </div>
  345. <div id="core">
  346. <div id="aside_primary_wrapper">
  347. <div id="content_wrapper">
  348. <div id="site_nav_local_views_wrapper">
  349. <div id="site_nav_local_views"></div>
  350. <div id="content">
  351. <div id="content_inner">
  352. <h1>Install GNU social</h1>
  353. <?php
  354. $installer = new WebInstaller();
  355. $installer->main();
  356. ?>
  357. </div>
  358. </div>
  359. <div id="aside_primary" class="aside"></div>
  360. </div>
  361. </div>
  362. </div>
  363. </div>
  364. <div id="footer"></div>
  365. </div>
  366. </body>
  367. </html>