xref: /dokuwiki/install.php (revision 74850f2906bbb3935065d28e3e22ac131766d6f2) 
1<?php
2/**
3 * Dokuwiki installation assistance
4 *
5 * @author      Chris Smith <chris@jalakai.co.uk>
6 */
7
8if(!defined('DOKU_INC')) define('DOKU_INC',dirname(__FILE__).'/');
9if(!defined('DOKU_CONF')) define('DOKU_CONF',DOKU_INC.'conf/');
10if(!defined('DOKU_LOCAL')) define('DOKU_LOCAL',DOKU_INC.'conf/');
11
12require_once(DOKU_INC.'inc/PassHash.class.php');
13
14// check for error reporting override or set error reporting to sane values
15if (!defined('DOKU_E_LEVEL')) { error_reporting(E_ALL ^ E_NOTICE); }
16else { error_reporting(DOKU_E_LEVEL); }
17
18// kill magic quotes
19if (get_magic_quotes_gpc() && !defined('MAGIC_QUOTES_STRIPPED')) {
20    if (!empty($_GET))    remove_magic_quotes($_GET);
21    if (!empty($_POST))   remove_magic_quotes($_POST);
22    if (!empty($_COOKIE)) remove_magic_quotes($_COOKIE);
23    if (!empty($_REQUEST)) remove_magic_quotes($_REQUEST);
24    @ini_set('magic_quotes_gpc', 0);
25    define('MAGIC_QUOTES_STRIPPED',1);
26}
27if (function_exists('set_magic_quotes_runtime')) @set_magic_quotes_runtime(0);
28@ini_set('magic_quotes_sybase',0);
29
30// language strings
31require_once(DOKU_INC.'inc/lang/en/lang.php');
32if(isset($_REQUEST['l']) && !is_array($_REQUEST['l'])) {
33    $LC = preg_replace('/[^a-z\-]+/','',$_REQUEST['l']);
34}
35if(empty($LC)) $LC = 'en';
36if($LC && $LC != 'en' ) {
37    require_once(DOKU_INC.'inc/lang/'.$LC.'/lang.php');
38}
39
40// initialise variables ...
41$error = array();
42
43$dokuwiki_hash = array(
44    '2005-09-22'   => 'e33223e957b0b0a130d0520db08f8fb7',
45    '2006-03-05'   => '51295727f79ab9af309a2fd9e0b61acc',
46    '2006-03-09'   => '51295727f79ab9af309a2fd9e0b61acc',
47    '2006-11-06'   => 'b3a8af76845977c2000d85d6990dd72b',
48    '2007-05-24'   => 'd80f2740c84c4a6a791fd3c7a353536f',
49    '2007-06-26'   => 'b3ca19c7a654823144119980be73cd77',
50    '2008-05-04'   => '1e5c42eac3219d9e21927c39e3240aad',
51    '2009-02-14'   => 'ec8c04210732a14fdfce0f7f6eead865',
52    '2009-12-25'   => '993c4b2b385643efe5abf8e7010e11f4',
53    '2010-11-07'   => '7921d48195f4db21b8ead6d9bea801b8',
54    '2011-05-25'   => '4241865472edb6fa14a1227721008072',
55    '2011-11-10'   => 'b46ff19a7587966ac4df61cbab1b8b31',
56    '2012-01-25'   => '72c083c73608fc43c586901fd5dabb74',
57    '2012-09-10'   => 'eb0b3fc90056fbc12bac6f49f7764df3',
58    '2013-05-10'   => '7b62b75245f57f122d3e0f8ed7989623',
59    '2013-10-28'   => '263c76af309fbf083867c18a34ff5214',
60);
61
62
63// begin output
64header('Content-Type: text/html; charset=utf-8');
65?>
66<!DOCTYPE html>
67<html lang="<?php echo $LC?>" dir="<?php echo $lang['direction']?>">
68<head>
69    <meta charset="utf-8" />
70    <title><?php echo $lang['i_installer']?></title>
71    <style type="text/css">
72        body { width: 90%; margin: 0 auto; font: 84% Verdana, Helvetica, Arial, sans-serif; }
73        img { border: none }
74        br.cl { clear:both; }
75        code { font-size: 110%; color: #800000; }
76        fieldset { border: none }
77        label { display: block; margin-top: 0.5em; }
78        select.text, input.text { width: 30em; margin: 0 0.5em; }
79        a {text-decoration: none}
80    </style>
81    <script type="text/javascript">
82        function acltoggle(){
83            var cb = document.getElementById('acl');
84            var fs = document.getElementById('acldep');
85            if(!cb || !fs) return;
86            if(cb.checked){
87                fs.style.display = '';
88            }else{
89                fs.style.display = 'none';
90            }
91        }
92        window.onload = function(){
93            acltoggle();
94            var cb = document.getElementById('acl');
95            if(cb) cb.onchange = acltoggle;
96        };
97    </script>
98</head>
99<body style="">
100    <h1 style="float:left">
101        <img src="lib/exe/fetch.php?media=wiki:dokuwiki-128.png"
102             style="vertical-align: middle;" alt="" height="64" width="64" />
103        <?php echo $lang['i_installer']?>
104    </h1>
105    <div style="float:right; margin: 1em;">
106        <?php langsel()?>
107    </div>
108    <br class="cl" />
109
110    <div style="float: right; width: 34%;">
111        <?php
112            if(@file_exists(DOKU_INC.'inc/lang/'.$LC.'/install.html')){
113                include(DOKU_INC.'inc/lang/'.$LC.'/install.html');
114            }else{
115                print "<div lang=\"en\" dir=\"ltr\">\n";
116                include(DOKU_INC.'inc/lang/en/install.html');
117                print "</div>\n";
118            }
119        ?>
120        <a style="background: transparent url(data/security.png) left top no-repeat;
121                  display: block; width:380px; height:73px; border:none; clear:both;"
122           target="_blank"
123           href="http://www.dokuwiki.org/security#web_access_security"></a>
124    </div>
125
126    <div style="float: left; width: 58%;">
127        <?php
128            if(! (check_functions() && check_permissions()) ){
129                echo '<p>'.$lang['i_problems'].'</p>';
130                print_errors();
131                print_retry();
132            }elseif(!check_configs()){
133                echo '<p>'.$lang['i_modified'].'</p>';
134                print_errors();
135            }elseif(check_data($_REQUEST['d'])){
136                // check_data has sanitized all input parameters
137                if(!store_data($_REQUEST['d'])){
138                    echo '<p>'.$lang['i_failure'].'</p>';
139                    print_errors();
140                }else{
141                    echo '<p>'.$lang['i_success'].'</p>';
142                }
143            }else{
144                print_errors();
145                print_form($_REQUEST['d']);
146            }
147        ?>
148    </div>
149
150
151<div style="clear: both">
152  <a href="http://dokuwiki.org/"><img src="lib/tpl/dokuwiki/images/button-dw.png" alt="driven by DokuWiki" /></a>
153  <a href="http://www.php.net"><img src="lib/tpl/dokuwiki/images/button-php.gif" alt="powered by PHP" /></a>
154</div>
155</body>
156</html>
157<?php
158
159/**
160 * Print the input form
161 */
162function print_form($d){
163    global $lang;
164    global $LC;
165
166    include(DOKU_CONF.'license.php');
167
168    if(!is_array($d)) $d = array();
169    $d = array_map('htmlspecialchars',$d);
170
171    if(!isset($d['acl'])) $d['acl']=1;
172    if(!isset($d['pop'])) $d['pop']=1;
173
174    ?>
175    <form action="" method="post">
176    <input type="hidden" name="l" value="<?php echo $LC ?>" />
177    <fieldset>
178        <label for="title"><?php echo $lang['i_wikiname']?>
179        <input type="text" name="d[title]" id="title" value="<?php echo $d['title'] ?>" style="width: 20em;" />
180        </label>
181
182        <fieldset style="margin-top: 1em;">
183            <label for="acl">
184            <input type="checkbox" name="d[acl]" id="acl" <?php echo(($d['acl'] ? ' checked="checked"' : ''));?> />
185            <?php echo $lang['i_enableacl']?></label>
186
187            <fieldset id="acldep">
188                <label for="superuser"><?php echo $lang['i_superuser']?></label>
189                <input class="text" type="text" name="d[superuser]" id="superuser" value="<?php echo $d['superuser'] ?>" />
190
191                <label for="fullname"><?php echo $lang['fullname']?></label>
192                <input class="text" type="text" name="d[fullname]" id="fullname" value="<?php echo $d['fullname'] ?>" />
193
194                <label for="email"><?php echo $lang['email']?></label>
195                <input class="text" type="text" name="d[email]" id="email" value="<?php echo $d['email'] ?>" />
196
197                <label for="password"><?php echo $lang['pass']?></label>
198                <input class="text" type="password" name="d[password]" id="password" />
199
200                <label for="confirm"><?php echo $lang['passchk']?></label>
201                <input class="text" type="password" name="d[confirm]" id="confirm" />
202
203                <label for="policy"><?php echo $lang['i_policy']?></label>
204                <select class="text" name="d[policy]" id="policy">
205                    <option value="0" <?php echo ($d['policy'] == 0)?'selected="selected"':'' ?>><?php echo $lang['i_pol0']?></option>
206                    <option value="1" <?php echo ($d['policy'] == 1)?'selected="selected"':'' ?>><?php echo $lang['i_pol1']?></option>
207                    <option value="2" <?php echo ($d['policy'] == 2)?'selected="selected"':'' ?>><?php echo $lang['i_pol2']?></option>
208                </select>
209
210                <label for="approve">
211                    <input type="checkbox" name="d[approve]" id="approve" <?php echo(($d['approve'] ? ' checked="checked"' : ''));?> />
212                    <?php echo $lang['i_policyapprove']?>
213                </label>
214            </fieldset>
215        </fieldset>
216
217        <fieldset>
218            <p><?php echo $lang['i_license']?></p>
219            <?php
220            array_push($license,array('name' => $lang['i_license_none'], 'url'=>''));
221            if(empty($d['license'])) $d['license'] = 'cc-by-sa';
222            foreach($license as $key => $lic){
223                echo '<label for="lic_'.$key.'">';
224                echo '<input type="radio" name="d[license]" value="'.htmlspecialchars($key).'" id="lic_'.$key.'"'.
225                     (($d['license'] === $key)?' checked="checked"':'').'>';
226                echo htmlspecialchars($lic['name']);
227                if($lic['url']) echo ' <a href="'.$lic['url'].'" target="_blank"><sup>[?]</sup></a>';
228                echo '</label>';
229            }
230            ?>
231        </fieldset>
232
233        <fieldset>
234            <p><?php echo $lang['i_pop_field']?></p>
235            <label for="pop">
236                <input type="checkbox" name="d[pop]" id="pop" <?php echo(($d['pop'] ? ' checked="checked"' : ''));?> />
237                <?php echo $lang['i_pop_label']?> <a href="http://www.dokuwiki.org/popularity" target="_blank"><sup>[?]</sup></a>
238            </label>
239        </fieldset>
240
241    </fieldset>
242    <fieldset id="process">
243        <input class="button" type="submit" name="submit" value="<?php echo $lang['btn_save']?>" />
244    </fieldset>
245    </form>
246    <?php
247}
248
249function print_retry() {
250    global $lang;
251    global $LC;
252    ?>
253    <form action="" method="get">
254      <fieldset>
255        <input type="hidden" name="l" value="<?php echo $LC ?>" />
256        <input class="button" type="submit" value="<?php echo $lang['i_retry'];?>" />
257      </fieldset>
258    </form>
259    <?php
260}
261
262/**
263 * Check validity of data
264 *
265 * @author Andreas Gohr
266 */
267function check_data(&$d){
268    static $form_default = array(
269        'title'     => '',
270        'acl'       => '1',
271        'superuser' => '',
272        'fullname'  => '',
273        'email'     => '',
274        'password'  => '',
275        'confirm'   => '',
276        'policy'    => '0',
277        'approve'   => '0',
278        'license'   => 'cc-by-sa'
279    );
280    global $lang;
281    global $error;
282
283    if(!is_array($d)) $d = array();
284    foreach($d as $k => $v) {
285        if(is_array($v))
286            unset($d[$k]);
287        else
288            $d[$k] = (string)$v;
289    }
290
291    //autolowercase the username
292    $d['superuser'] = isset($d['superuser']) ? strtolower($d['superuser']) : "";
293
294    $ok = false;
295
296    if(isset($_REQUEST['submit'])) {
297        $ok = true;
298
299        // check input
300        if(empty($d['title'])){
301            $error[] = sprintf($lang['i_badval'],$lang['i_wikiname']);
302            $ok      = false;
303        }
304        if(isset($d['acl'])){
305            if(!preg_match('/^[a-z0-9_]+$/',$d['superuser'])){
306                $error[] = sprintf($lang['i_badval'],$lang['i_superuser']);
307                $ok      = false;
308            }
309            if(empty($d['password'])){
310                $error[] = sprintf($lang['i_badval'],$lang['pass']);
311                $ok      = false;
312            }
313            elseif(!isset($d['confirm']) || $d['confirm'] != $d['password']){
314                $error[] = sprintf($lang['i_badval'],$lang['passchk']);
315                $ok      = false;
316            }
317            if(empty($d['fullname']) || strstr($d['fullname'],':')){
318                $error[] = sprintf($lang['i_badval'],$lang['fullname']);
319                $ok      = false;
320            }
321            if(empty($d['email']) || strstr($d['email'],':') || !strstr($d['email'],'@')){
322                $error[] = sprintf($lang['i_badval'],$lang['email']);
323                $ok      = false;
324            }
325        }
326    }
327    $d = array_merge($form_default, $d);
328    return $ok;
329}
330
331/**
332 * Writes the data to the config files
333 *
334 * @author  Chris Smith <chris@jalakai.co.uk>
335 */
336function store_data($d){
337    global $LC;
338    $ok = true;
339    $d['policy'] = (int) $d['policy'];
340    $usergroup = $d['approve'] ? 'member' : 'user';
341
342    // create local.php
343    $now    = gmdate('r');
344    $output = <<<EOT
345<?php
346/**
347 * Dokuwiki's Main Configuration File - Local Settings
348 * Auto-generated by install script
349 * Date: $now
350 */
351
352EOT;
353    $output .= '$conf[\'title\'] = \''.addslashes($d['title'])."';\n";
354    $output .= '$conf[\'lang\'] = \''.addslashes($LC)."';\n";
355    $output .= '$conf[\'license\'] = \''.addslashes($d['license'])."';\n";
356    if($d['acl']){
357        $output .= '$conf[\'useacl\'] = 1'.";\n";
358        $output .= "\$conf['superuser'] = '@admin';\n";
359    }
360    $ok = $ok && fileWrite(DOKU_LOCAL.'local.php',$output);
361
362    if ($d['acl']) {
363        // hash the password
364        $phash = new PassHash();
365        $pass = $phash->hash_smd5($d['password']);
366
367        // create users.auth.php
368        // --- user:SMD5password:Real Name:email:groups,comma,seperated
369        $output = join(":",array($d['superuser'], $pass, $d['fullname'], $d['email'], 'admin,'.$usergroup));
370        $output = @file_get_contents(DOKU_CONF.'users.auth.php.dist')."\n$output\n";
371        $ok = $ok && fileWrite(DOKU_LOCAL.'users.auth.php', $output);
372
373        // create acl.auth.php
374        $output = <<<EOT
375# acl.auth.php
376# <?php exit()?>
377# Don't modify the lines above
378#
379# Access Control Lists
380#
381# Auto-generated by install script
382# Date: $now
383
384EOT;
385        if($d['policy'] == 2){
386            $output .=  "*               @ALL          0\n";
387            $output .=  "*               @".$usergroup."         8\n";
388        }elseif($d['policy'] == 1){
389            $output .=  "*               @ALL          1\n";
390            $output .=  "*               @".$usergroup."         8\n";
391        }else{
392            $output .=  "*               @ALL          8\n";
393        }
394        $ok = $ok && fileWrite(DOKU_LOCAL.'acl.auth.php', $output);
395    }
396
397    // enable popularity submission
398    if($d['pop']){
399        @touch(DOKU_INC.'data/cache/autosubmit.txt');
400    }
401
402    // disable auth plugins til needed
403    $output = <<<EOT
404<?php
405/*
406 * Local plugin enable/disable settings
407 *
408 * Auto-generated by install script
409 * Date: $now
410 */
411
412\$plugins['authad']    = 0;
413\$plugins['authldap']  = 0;
414\$plugins['authmysql'] = 0;
415\$plugins['authpgsql'] = 0;
416
417EOT;
418    $ok = $ok && fileWrite(DOKU_LOCAL.'plugins.local.php', $output);
419
420    return $ok;
421}
422
423/**
424 * Write the given content to a file
425 *
426 * @author  Chris Smith <chris@jalakai.co.uk>
427 */
428function fileWrite($filename, $data) {
429    global $error;
430    global $lang;
431
432    if (($fp = @fopen($filename, 'wb')) === false) {
433        $filename = str_replace($_SERVER['DOCUMENT_ROOT'],'{DOCUMENT_ROOT}/', $filename);
434        $error[]  = sprintf($lang['i_writeerr'],$filename);
435        return false;
436    }
437
438    if (!empty($data)) { fwrite($fp, $data);  }
439    fclose($fp);
440    return true;
441}
442
443
444/**
445 * check installation dependent local config files and tests for a known
446 * unmodified main config file
447 *
448 * @author      Chris Smith <chris@jalakai.co.uk>
449 */
450function check_configs(){
451    global $error;
452    global $lang;
453    global $dokuwiki_hash;
454
455    $ok = true;
456
457    $config_files = array(
458        'local' => DOKU_LOCAL.'local.php',
459        'users' => DOKU_LOCAL.'users.auth.php',
460        'auth'  => DOKU_LOCAL.'acl.auth.php'
461    );
462
463    // main dokuwiki config file (conf/dokuwiki.php) must not have been modified
464    $installation_hash = md5(preg_replace("/(\015\012)|(\015)/","\012",
465                             @file_get_contents(DOKU_CONF.'dokuwiki.php')));
466    if (!in_array($installation_hash, $dokuwiki_hash)) {
467        $error[] = sprintf($lang['i_badhash'],$installation_hash);
468        $ok = false;
469    }
470
471    // configs shouldn't exist
472    foreach ($config_files as $file) {
473        if (@file_exists($file) && filesize($file)) {
474            $file    = str_replace($_SERVER['DOCUMENT_ROOT'],'{DOCUMENT_ROOT}/', $file);
475            $error[] = sprintf($lang['i_confexists'],$file);
476            $ok      = false;
477        }
478    }
479    return $ok;
480}
481
482
483/**
484 * Check other installation dir/file permission requirements
485 *
486 * @author      Chris Smith <chris@jalakai.co.uk>
487 */
488function check_permissions(){
489    global $error;
490    global $lang;
491
492    $dirs = array(
493        'conf'        => DOKU_LOCAL,
494        'data'        => DOKU_INC.'data',
495        'pages'       => DOKU_INC.'data/pages',
496        'attic'       => DOKU_INC.'data/attic',
497        'media'       => DOKU_INC.'data/media',
498        'media_attic' => DOKU_INC.'data/media_attic',
499        'media_meta'  => DOKU_INC.'data/media_meta',
500        'meta'        => DOKU_INC.'data/meta',
501        'cache'       => DOKU_INC.'data/cache',
502        'locks'       => DOKU_INC.'data/locks',
503        'index'       => DOKU_INC.'data/index',
504        'tmp'         => DOKU_INC.'data/tmp'
505    );
506
507    $ok = true;
508    foreach($dirs as $dir){
509        if(!@file_exists("$dir/.") || !@is_writable($dir)){
510            $dir     = str_replace($_SERVER['DOCUMENT_ROOT'],'{DOCUMENT_ROOT}', $dir);
511            $error[] = sprintf($lang['i_permfail'],$dir);
512            $ok      = false;
513        }
514    }
515    return $ok;
516}
517
518/**
519 * Check the availability of functions used in DokuWiki and the PHP version
520 *
521 * @author Andreas Gohr <andi@splitbrain.org>
522 */
523function check_functions(){
524    global $error;
525    global $lang;
526    $ok = true;
527
528    if(version_compare(phpversion(),'5.2.0','<')){
529        $error[] = sprintf($lang['i_phpver'],phpversion(),'5.2.0');
530        $ok = false;
531    }
532
533    $funcs = explode(' ','addslashes call_user_func chmod copy fgets '.
534                         'file file_exists fseek flush filesize ftell fopen '.
535                         'glob header ignore_user_abort ini_get mail mkdir '.
536                         'ob_start opendir parse_ini_file readfile realpath '.
537                         'rename rmdir serialize session_start unlink usleep '.
538                         'preg_replace file_get_contents htmlspecialchars_decode '.
539                         'spl_autoload_register stream_select fsockopen pack');
540
541    if (!function_exists('mb_substr')) {
542        $funcs[] = 'utf8_encode';
543        $funcs[] = 'utf8_decode';
544    }
545
546    foreach($funcs as $func){
547        if(!function_exists($func)){
548            $error[] = sprintf($lang['i_funcna'],$func);
549            $ok = false;
550        }
551    }
552    return $ok;
553}
554
555/**
556 * Print language selection
557 *
558 * @author Andreas Gohr <andi@splitbrain.org>
559 */
560function langsel(){
561    global $lang;
562    global $LC;
563
564    $dir = DOKU_INC.'inc/lang';
565    $dh  = opendir($dir);
566    if(!$dh) return;
567
568    $langs = array();
569    while (($file = readdir($dh)) !== false) {
570        if(preg_match('/^[\._]/',$file)) continue;
571        if(is_dir($dir.'/'.$file) && @file_exists($dir.'/'.$file.'/lang.php')){
572            $langs[] = $file;
573        }
574    }
575    closedir($dh);
576    sort($langs);
577
578    echo '<form action="">';
579    echo $lang['i_chooselang'];
580    echo ': <select name="l" onchange="submit()">';
581    foreach($langs as $l){
582        $sel = ($l == $LC) ? 'selected="selected"' : '';
583        echo '<option value="'.$l.'" '.$sel.'>'.$l.'</option>';
584    }
585    echo '</select> ';
586    echo '<input type="submit" value="'.$lang['btn_update'].'" />';
587    echo '</form>';
588}
589
590/**
591 * Print global error array
592 *
593 * @author Andreas Gohr <andi@splitbrain.org>
594 */
595function print_errors(){
596    global $error;
597    if(!empty($error)) {
598        echo '<ul>';
599        foreach ($error as $err){
600            echo "<li>$err</li>";
601        }
602        echo '</ul>';
603    }
604}
605
606/**
607 * remove magic quotes recursivly
608 *
609 * @author Andreas Gohr <andi@splitbrain.org>
610 */
611function remove_magic_quotes(&$array) {
612    foreach (array_keys($array) as $key) {
613        if (is_array($array[$key])) {
614            remove_magic_quotes($array[$key]);
615        }else {
616            $array[$key] = stripslashes($array[$key]);
617        }
618    }
619}
620
621