setup.php 14 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559
  1. <?php
  2. /**
  3. * OpenID server configuration script.
  4. *
  5. * This script generates a config.php file needed by the server
  6. * example.
  7. *
  8. * @package OpenID.Examples
  9. * @author JanRain, Inc. <openid@janrain.com>
  10. * @copyright 2005-2008 Janrain, Inc.
  11. * @license http://www.apache.org/licenses/LICENSE-2.0 Apache
  12. */
  13. $path_extra = dirname(dirname(dirname(__FILE__)));
  14. $path = ini_get('include_path');
  15. $path = $path_extra . PATH_SEPARATOR . $path;
  16. ini_set('include_path', $path);
  17. require_once "Auth/OpenID.php";
  18. /**
  19. * Data.
  20. */
  21. $store_types = array("Filesystem" => "Auth_OpenID_FileStore",
  22. "MySQL" => "Auth_OpenID_MySQLStore",
  23. "PostgreSQL" => "Auth_OpenID_PostgreSQLStore",
  24. "SQLite" => "Auth_OpenID_SQLiteStore");
  25. /**
  26. * Main.
  27. */
  28. $messages = array();
  29. session_start();
  30. init_session();
  31. if (!check_session() ||
  32. isset($_GET['add_openid'])) {
  33. render_form();
  34. } else {
  35. print generate_config(isset($_GET['download']));
  36. }
  37. /**
  38. * Functions.
  39. */
  40. function check_url($url) {
  41. return (Auth_OpenID::normalizeUrl($url) !== null);
  42. }
  43. function build_url() {
  44. $port = (($_SERVER['SERVER_PORT'] == 80) ? null : $_SERVER['SERVER_PORT']);
  45. $parts = explode("/", $_SERVER['SERVER_PROTOCOL']);
  46. $scheme = strtolower($parts[0]);
  47. if ($port) {
  48. return sprintf("%s://%s:%s%s/server.php", $scheme, $_SERVER['SERVER_NAME'],
  49. $port, dirname($_SERVER['PHP_SELF']));
  50. } else {
  51. return sprintf("%s://%s%s/server.php", $scheme, $_SERVER['SERVER_NAME'],
  52. dirname($_SERVER['PHP_SELF']));
  53. }
  54. }
  55. function check_open_basedir($path) {
  56. if (ini_get('open_basedir')) {
  57. $parts = explode(PATH_SEPARATOR, ini_get('open_basedir'));
  58. $found = false;
  59. foreach ($parts as $p) {
  60. if (strpos($path, $p) === 0) {
  61. $found = true;
  62. break;
  63. }
  64. }
  65. return $found;
  66. } else {
  67. return true;
  68. }
  69. }
  70. function check_session() {
  71. global $messages;
  72. if ($_GET && isset($_GET['clear'])) {
  73. session_destroy();
  74. $_SESSION = array();
  75. init_session();
  76. return false;
  77. }
  78. $bad_path = false;
  79. if (isset($_GET['generate'])) {
  80. if (!$_SESSION['server_url']) {
  81. $messages[] = "Please enter a server URL.";
  82. }
  83. if (!isset($_SESSION['store_type'])) {
  84. $messages[] = "No store type chosen.";
  85. } else {
  86. switch ($_SESSION['store_type']) {
  87. case "Filesystem":
  88. if (!@$_SESSION['store_data']['fs_path']) {
  89. $messages[] = "Please specify a filesystem store path.";
  90. } else {
  91. if (!check_open_basedir($_SESSION['store_data']['fs_path'])) {
  92. $messages[] = "The filesystem store path violates PHP's <code>open_basedir</code> setting.";
  93. $bad_path = true;
  94. }
  95. }
  96. break;
  97. case "SQLite":
  98. if (!@$_SESSION['store_data']['sqlite_path']) {
  99. $messages[] = "Please specify a SQLite database path.";
  100. } else {
  101. if (!check_open_basedir($_SESSION['store_data']['sqlite_path'])) {
  102. $messages[] = "The SQLite store path violates PHP's <code>open_basedir</code> setting.";
  103. $bad_path = true;
  104. }
  105. }
  106. break;
  107. default:
  108. if (!($_SESSION['store_data']['host'] &&
  109. $_SESSION['store_data']['database'] &&
  110. $_SESSION['store_data']['username'] &&
  111. $_SESSION['store_data']['password'])) {
  112. $messages[] = "Please specify database connection details.";
  113. }
  114. }
  115. }
  116. }
  117. if ($_SESSION['store_type'] &&
  118. $_SESSION['server_url'] &&
  119. (parse_url($_SESSION['server_url']) !== false) &&
  120. ((($_SESSION['store_type'] == 'Filesystem') &&
  121. $_SESSION['store_data']['fs_path']) ||
  122. (($_SESSION['store_type'] == 'SQLite') &&
  123. $_SESSION['store_data']['sqlite_path']) ||
  124. ($_SESSION['store_data']['host'] &&
  125. $_SESSION['store_data']['username'] &&
  126. $_SESSION['store_data']['database'] &&
  127. $_SESSION['store_data']['password'])) &&
  128. !$bad_path) {
  129. return true;
  130. }
  131. return false;
  132. }
  133. function render_form() {
  134. global $store_types, $fields, $messages;
  135. $basedir_msg = "";
  136. if (ini_get('open_basedir')) {
  137. $basedir_msg = "</br><span class=\"notice\">Note: Due to the ".
  138. "<code>open_basedir</code> php.ini setting, be sure to ".
  139. "choose a path in one of the following directories:<ul><li>".
  140. implode("<li>",
  141. explode(PATH_SEPARATOR, ini_get('open_basedir'))).
  142. "</ul></span>";
  143. }
  144. $sqlite_found = false;
  145. if (extension_loaded('sqlite') ||
  146. (function_exists('dl') && @dl('sqlite.' . PHP_SHLIB_SUFFIX))) {
  147. $sqlite_found = true;
  148. }
  149. $mysql_found = false;
  150. if (extension_loaded('mysql') ||
  151. (function_exists('dl') && @dl('mysql.' . PHP_SHLIB_SUFFIX))) {
  152. $mysql_found = true;
  153. }
  154. $pgsql_found = false;
  155. if (extension_loaded('pgsql') ||
  156. (function_exists('dl') && @dl('pgsql.' . PHP_SHLIB_SUFFIX))) {
  157. $pgsql_found = true;
  158. }
  159. ?>
  160. <html>
  161. <head>
  162. <style type="text/css">
  163. span.label {
  164. float: left;
  165. width: 2in;
  166. }
  167. span.notice {
  168. color: red;
  169. font-size: 80%;
  170. }
  171. div p {
  172. border-top: 1px solid #ccc;
  173. font-style: italic;
  174. padding-top: 0.5em;
  175. }
  176. div {
  177. padding: 3px;
  178. }
  179. div.store_fields {
  180. margin-left: 2in;
  181. padding: default;
  182. }
  183. div.store_fields label.field {
  184. float: left;
  185. width: 1.75in;
  186. }
  187. div.store_fields > div {
  188. border: 1px solid gray;
  189. margin-bottom: 0.5em;
  190. background: #eee;
  191. }
  192. div.store_fields > div > div {
  193. margin-left: 0.4in;
  194. }
  195. div.errors {
  196. background: #faa;
  197. border: 1px solid red;
  198. }
  199. </style>
  200. </head>
  201. <body>
  202. <h2>OpenID Example Server Configuration</h2>
  203. <?php
  204. if ($messages) {
  205. print "<div class=\"errors\">";
  206. foreach ($messages as $m) {
  207. print "<div>$m</div>";
  208. }
  209. print "</div>";
  210. }
  211. ?>
  212. <p>
  213. Your browser has been redirected to this page so you can configure the
  214. server example. This form will auto-generate an OpenID example server
  215. configuration for use with the OpenID server example.
  216. </p>
  217. <form>
  218. <div>
  219. <p>
  220. The server URL is the URL that points to the "server.php" file. It
  221. looks like your server URL should be <code><?php print build_url(); ?></code>.
  222. </p>
  223. <span class="label"><label for="i_server_url">Server URL:</label></span>
  224. <span>
  225. <input type="text" id="i_server_url" size="35" name="server_url"
  226. value="<?php print $_SESSION['server_url'] ?>">
  227. </span>
  228. </div>
  229. <div>
  230. <p>
  231. If this package isn't installed in the PHP include path, the package's
  232. directory should be added. For example, if the package is in
  233. <code>/home/me/PHP-OpenID/</code>, you should enter that directory here.
  234. </p>
  235. <span class="label">
  236. <label for="i_include_path">Include path (optional):</label>
  237. </span>
  238. <span>
  239. <input type="text" id="i_include_path" size="35" name="include_path"
  240. value="<?php print $_SESSION['include_path'] ?>">
  241. </span>
  242. </div>
  243. <div>
  244. <p>
  245. The server needs to store OpenID information in a "store". The
  246. following store types are available on your PHP installation:
  247. </p>
  248. <span class="label">Store method:</span>
  249. <div class="store_fields">
  250. <div>
  251. <input type="radio" name="store_type" value="Filesystem"
  252. id="i_filesystem"<?php if ($_SESSION['store_type'] == 'Filesystem') { print " CHECKED"; } ?>>
  253. <label for="i_filesystem">Filesystem</label>
  254. <div>
  255. <label for="i_fs_path" class="field">Filesystem path:</label>
  256. <input type="text" name="fs_path" id="i_fs_path"
  257. value="<?php print @$_SESSION['store_data']['fs_path']; ?>">
  258. <?php print $basedir_msg; ?>
  259. </div>
  260. </div>
  261. <?php if ($sqlite_found) { ?>
  262. <div>
  263. <input type="radio" name="store_type" value="SQLite"
  264. id="i_sqlite"<?php if ($_SESSION['store_type'] == 'SQLite') { print " CHECKED"; } ?>>
  265. <label for="i_sqlite">SQLite</label>
  266. <div>
  267. <label for="i_sqlite_path" class="field">SQLite database path:</label>
  268. <input type="text" value="<?php print @$_SESSION['store_data']['sqlite_path']; ?>"
  269. name="sqlite_path" id="i_sqlite_path">
  270. <?php print $basedir_msg; ?>
  271. </div>
  272. </div>
  273. <?php } ?>
  274. <?php if ($mysql_found || $pgsql_found) { ?>
  275. <div>
  276. <?php if ($mysql_found) { ?>
  277. <input type="radio" name="store_type" value="MySQL"
  278. id="i_mysql"<?php if ($_SESSION['store_type'] == 'MySQL') { print " CHECKED"; } ?>>
  279. <label for="i_mysql">MySQL</label>
  280. <?php } ?>
  281. <?php if ($pgsql_found) { ?>
  282. <input type="radio" name="store_type" value="PostgreSQL"
  283. id="i_pgsql"<?php if ($_SESSION['store_type'] == 'PostgreSQL') { print " CHECKED"; } ?>>
  284. <label for="i_pgsql">PostgreSQL</label>
  285. <?php } ?>
  286. <div>
  287. <label for="i_m_host" class="field">Host:</label>
  288. <input type="text" value="<?php print @$_SESSION['store_data']['host']; ?>" name="host" id="i_m_host">
  289. </div>
  290. <div>
  291. <label for="i_m_database" class="field">Database:</label>
  292. <input value="<?php print @$_SESSION['store_data']['database']; ?>" type="text" name="database" id="i_m_database">
  293. </div>
  294. <div>
  295. <label for="i_m_username" class="field">Username:</label>
  296. <input type="text" name="username" id="i_m_username" value="<?php print @$_SESSION['store_data']['username']; ?>">
  297. </div>
  298. <div>
  299. <label for="i_m_password" class="field">Password:</label>
  300. <input type="password" name="password" id="i_m_password" value="<?php print @$_SESSION['store_data']['password']; ?>">
  301. </div>
  302. </div>
  303. <?php } ?>
  304. </div>
  305. </div>
  306. <input type="submit" name="generate" value="Generate Configuration">
  307. </form>
  308. </body>
  309. </html>
  310. <?php
  311. }
  312. function init_session() {
  313. global $messages;
  314. // Set a guess value for the server url.
  315. if (!array_key_exists('server_url', $_SESSION)) {
  316. $_SESSION['server_url'] = build_url();
  317. }
  318. foreach (array('server_url', 'include_path', 'store_type') as $key) {
  319. if (!isset($_SESSION[$key])) {
  320. $_SESSION[$key] = "";
  321. }
  322. }
  323. if (!isset($_SESSION['store_data'])) {
  324. $_SESSION['store_data'] = array();
  325. }
  326. foreach (array('server_url', 'include_path', 'store_type') as $field) {
  327. if (array_key_exists($field, $_GET)) {
  328. $_SESSION[$field] = $_GET[$field];
  329. }
  330. }
  331. foreach (array('username', 'password', 'database', 'host', 'fs_path', 'sqlite_path') as $field) {
  332. if (array_key_exists($field, $_GET)) {
  333. $_SESSION['store_data'][$field] = $_GET[$field];
  334. }
  335. }
  336. }
  337. function generate_config($download = false) {
  338. if ($download) {
  339. // Emit headers to force browser download.
  340. header("Content-type: text/plain");
  341. header("Content-disposition: attachment; filename=config.php");
  342. print "<?php\n";
  343. } else {
  344. ?>
  345. <html>
  346. <body>
  347. <h2>OpenID Example Server Configuration</h2>
  348. <p>
  349. Put the following text into <strong><?php print dirname(__FILE__); print DIRECTORY_SEPARATOR; ?>config.php</strong>.
  350. </p>
  351. <p>
  352. <a href="setup.php?clear=1">Back to form</a> (resets settings)
  353. </p>
  354. <p>
  355. <a href="setup.php?download=1">Download this configuration</a>
  356. </p>
  357. <pre style="border: 1px solid gray; background: #eee; padding: 5px;">
  358. <?php
  359. print "&lt;?php\n";
  360. }
  361. ?>
  362. <?php if ($_SESSION['include_path']) { ?>
  363. /**
  364. * Set any extra include paths needed to use the library
  365. */
  366. set_include_path(get_include_path() . PATH_SEPARATOR . "<?php
  367. print $_SESSION['include_path'];
  368. ?>");
  369. <?php } ?>
  370. /**
  371. * The URL for the server.
  372. *
  373. * This is the location of server.php. For example:
  374. *
  375. * $server_url = 'http://example.com/~user/server.php';
  376. *
  377. * This must be a full URL.
  378. */
  379. $server_url = "<?php
  380. print $_SESSION['server_url'];
  381. ?>";
  382. /**
  383. * Initialize an OpenID store
  384. *
  385. * @return object $store an instance of OpenID store (see the
  386. * documentation for how to create one)
  387. */
  388. function getOpenIDStore()
  389. {
  390. <?php
  391. switch ($_SESSION['store_type']) {
  392. case "Filesystem":
  393. print "require_once \"Auth/OpenID/FileStore.php\";\n ";
  394. print "return new Auth_OpenID_FileStore(\"".$_SESSION['store_data']['fs_path']."\");\n";
  395. break;
  396. case "SQLite":
  397. print "require_once \"Auth/OpenID/SQLiteStore.php\";\n ";
  398. print "\$s = new Auth_OpenID_SQLiteStore(\"".$_SESSION['store_data']['sqlite_path']."\");\n ";
  399. print "\$s->createTables();\n ";
  400. print "return \$s;\n";
  401. break;
  402. case "MySQL":
  403. ?>require_once 'Auth/OpenID/MySQLStore.php';
  404. require_once 'DB.php';
  405. $dsn = array(
  406. 'phptype' => 'mysql',
  407. 'username' => '<?php print $_SESSION['store_data']['username']; ?>',
  408. 'password' => '<?php print $_SESSION['store_data']['password']; ?>',
  409. 'hostspec' => '<?php print $_SESSION['store_data']['host']; ?>'
  410. );
  411. $db = DB::connect($dsn);
  412. if (PEAR::isError($db)) {
  413. return null;
  414. }
  415. $db->query("USE <?php print $_SESSION['store_data']['database']; ?>");
  416. $s = new Auth_OpenID_MySQLStore($db);
  417. $s->createTables();
  418. return $s;
  419. <?php
  420. break;
  421. case "PostgreSQL":
  422. ?>require_once 'Auth/OpenID/PostgreSQLStore.php';
  423. require_once 'DB.php';
  424. $dsn = array(
  425. 'phptype' => 'pgsql',
  426. 'username' => '<?php print $_SESSION['store_data']['username']; ?>',
  427. 'password' => '<?php print $_SESSION['store_data']['password']; ?>',
  428. 'hostspec' => '<?php print $_SESSION['store_data']['host']; ?>',
  429. 'database' => '<?php print $_SESSION['store_data']['database']; ?>'
  430. );
  431. $db = DB::connect($dsn);
  432. if (PEAR::isError($db)) {
  433. return null;
  434. }
  435. $s = new Auth_OpenID_PostgreSQLStore($db);
  436. $s->createTables();
  437. return $s;
  438. <?php
  439. break;
  440. }
  441. ?>
  442. }
  443. <?php
  444. print "?>";
  445. if (!$download) {
  446. ?>
  447. </pre>
  448. </body>
  449. </html>
  450. <?php
  451. }
  452. } // end function generate_config ()
  453. ?>