1<?php 2/*><div style="width:60%; margin: auto; background-color: #fcc; 3 border: 1px solid #faa; padding: 0.5em 1em;"> 4 <h1 style="font-size: 120%">No PHP Support</h1> 5 6 It seems this server has no PHP support enabled. You will need to 7 enable PHP before you can install and run DokuWiki. Contact your hosting 8 provider if you're unsure what this means. 9 10</div>*/ 11 12use dokuwiki\PassHash; 13 14if (!defined('DOKU_INC')) define('DOKU_INC', __DIR__ . '/'); 15if (!defined('DOKU_CONF')) define('DOKU_CONF', DOKU_INC . 'conf/'); 16if (!defined('DOKU_LOCAL')) define('DOKU_LOCAL', DOKU_INC . 'conf/'); 17 18// load and initialize the core system 19require_once(DOKU_INC . 'inc/init.php'); 20require_once(DOKU_INC . 'inc/pageutils.php'); 21 22// check for error reporting override or set error reporting to sane values 23if (!defined('DOKU_E_LEVEL')) { 24 error_reporting(E_ALL ^ E_NOTICE); 25} else { 26 error_reporting(DOKU_E_LEVEL); 27} 28 29// language strings 30require_once(DOKU_INC . 'inc/lang/en/lang.php'); 31if (isset($_REQUEST['l']) && !is_array($_REQUEST['l'])) { 32 $LC = preg_replace('/[^a-z\-]+/', '', $_REQUEST['l']); 33} 34if (empty($LC)) $LC = 'en'; 35if ($LC && $LC != 'en') { 36 require_once(DOKU_INC . 'inc/lang/' . $LC . '/lang.php'); 37} 38 39// initialise variables ... 40$error = []; 41 42// begin output 43header('Content-Type: text/html; charset=utf-8'); 44?> 45<!DOCTYPE html> 46<html lang="<?php echo $LC?>" dir="<?php echo $lang['direction']?>"> 47<head> 48 <meta charset="utf-8" /> 49 <title><?php echo $lang['i_installer']?></title> 50 <style> 51 body { width: 90%; margin: 0 auto; font: 84% Verdana, Helvetica, Arial, sans-serif; } 52 img { border: none } 53 br.cl { clear:both; } 54 code { font-size: 110%; color: #800000; } 55 fieldset { border: none } 56 label { display: block; margin-top: 0.5em; } 57 select.text, input.text { width: 30em; margin: 0 0.5em; } 58 a {text-decoration: none} 59 </style> 60 <script> 61 function acltoggle(){ 62 var cb = document.getElementById('acl'); 63 var fs = document.getElementById('acldep'); 64 if(!cb || !fs) return; 65 if(cb.checked){ 66 fs.style.display = ''; 67 }else{ 68 fs.style.display = 'none'; 69 } 70 } 71 window.onload = function(){ 72 acltoggle(); 73 var cb = document.getElementById('acl'); 74 if(cb) cb.onchange = acltoggle; 75 }; 76 </script> 77</head> 78<body style=""> 79 <h1 style="float:left"> 80 <img src="lib/exe/fetch.php?media=wiki:dokuwiki-128.png" 81 style="vertical-align: middle;" alt="" height="64" width="64" /> 82 <?php echo $lang['i_installer']?> 83 </h1> 84 <div style="float:right; margin: 1em;"> 85 <?php langsel()?> 86 </div> 87 <br class="cl" /> 88 89 <div style="float: right; width: 34%;"> 90 <?php 91 if (file_exists(DOKU_INC . 'inc/lang/' . $LC . '/install.html')) { 92 include(DOKU_INC . 'inc/lang/' . $LC . '/install.html'); 93 } else { 94 print "<div lang=\"en\" dir=\"ltr\">\n"; 95 include(DOKU_INC . 'inc/lang/en/install.html'); 96 print "</div>\n"; 97 } 98 ?> 99 <a style=" 100 background: transparent 101 url(data/dont-panic-if-you-see-this-in-your-logs-it-means-your-directory-permissions-are-correct.png) 102 left top no-repeat; 103 display: block; width:380px; height:73px; border:none; clear:both;" 104 target="_blank" 105 href="http://www.dokuwiki.org/security#web_access_security"></a> 106 </div> 107 108 <div style="float: left; width: 58%;"> 109 <?php 110 try { 111 if (! (check_functions() && check_permissions())) { 112 echo '<p>' . $lang['i_problems'] . '</p>'; 113 print_errors(); 114 print_retry(); 115 } elseif (!check_configs()) { 116 echo '<p>' . $lang['i_modified'] . '</p>'; 117 print_errors(); 118 } elseif (check_data($_REQUEST['d'])) { 119 // check_data has sanitized all input parameters 120 if (!store_data($_REQUEST['d'])) { 121 echo '<p>' . $lang['i_failure'] . '</p>'; 122 print_errors(); 123 } else { 124 echo '<p>' . $lang['i_success'] . '</p>'; 125 } 126 } else { 127 print_errors(); 128 print_form($_REQUEST['d']); 129 } 130 } catch (Exception $e) { 131 echo 'Caught exception: ', $e->getMessage(), "\n"; 132 } 133 ?> 134 </div> 135 136 137<div style="clear: both"> 138 <a href="http://dokuwiki.org/"><img src="lib/tpl/dokuwiki/images/button-dw.png" alt="driven by DokuWiki" /></a> 139 <a href="http://php.net"><img src="lib/tpl/dokuwiki/images/button-php.gif" alt="powered by PHP" /></a> 140</div> 141</body> 142</html> 143<?php 144 145/** 146 * Print the input form 147 * 148 * @param array $d submitted entry 'd' of request data 149 */ 150function print_form($d) 151{ 152 global $lang; 153 global $LC; 154 155 include(DOKU_CONF . 'license.php'); 156 157 if (!is_array($d)) $d = []; 158 $d = array_map('hsc', $d); 159 160 if (!isset($d['acl'])) $d['acl'] = 1; 161 if (!isset($d['pop'])) $d['pop'] = 1; 162 163 ?> 164 <form action="" method="post"> 165 <input type="hidden" name="l" value="<?php echo $LC ?>" /> 166 <fieldset> 167 <label for="title"><?php echo $lang['i_wikiname']?> 168 <input type="text" name="d[title]" id="title" value="<?php echo $d['title'] ?>" style="width: 20em;" /> 169 </label> 170 171 <fieldset style="margin-top: 1em;"> 172 <label for="acl"> 173 <input type="checkbox" name="d[acl]" id="acl" <?php echo(($d['acl'] ? ' checked="checked"' : ''));?> /> 174 <?php echo $lang['i_enableacl']?></label> 175 176 <fieldset id="acldep"> 177 <label for="superuser"><?php echo $lang['i_superuser']?></label> 178 <input class="text" type="text" name="d[superuser]" id="superuser" 179 value="<?php echo $d['superuser'] ?>" /> 180 181 <label for="fullname"><?php echo $lang['fullname']?></label> 182 <input class="text" type="text" name="d[fullname]" id="fullname" 183 value="<?php echo $d['fullname'] ?>" /> 184 185 <label for="email"><?php echo $lang['email']?></label> 186 <input class="text" type="text" name="d[email]" id="email" value="<?php echo $d['email'] ?>" /> 187 188 <label for="password"><?php echo $lang['pass']?></label> 189 <input class="text" type="password" name="d[password]" id="password" /> 190 191 <label for="confirm"><?php echo $lang['passchk']?></label> 192 <input class="text" type="password" name="d[confirm]" id="confirm" /> 193 194 <label for="policy"><?php echo $lang['i_policy']?></label> 195 <select class="text" name="d[policy]" id="policy"> 196 <option value="0" <?php echo ($d['policy'] == 0) ? 'selected="selected"' : '' ?>><?php 197 echo $lang['i_pol0']?></option> 198 <option value="1" <?php echo ($d['policy'] == 1) ? 'selected="selected"' : '' ?>><?php 199 echo $lang['i_pol1']?></option> 200 <option value="2" <?php echo ($d['policy'] == 2) ? 'selected="selected"' : '' ?>><?php 201 echo $lang['i_pol2']?></option> 202 </select> 203 204 <label for="allowreg"> 205 <input type="checkbox" name="d[allowreg]" id="allowreg" <?php 206 echo(($d['allowreg'] ? ' checked="checked"' : ''));?> /> 207 <?php echo $lang['i_allowreg']?> 208 </label> 209 </fieldset> 210 </fieldset> 211 212 <fieldset> 213 <p><?php echo $lang['i_license']?></p> 214 <?php 215 $license[] = ['name' => $lang['i_license_none'], 'url' => '']; 216 if (empty($d['license'])) $d['license'] = 'cc-by-sa'; 217 foreach ($license as $key => $lic) { 218 echo '<label for="lic_' . $key . '">'; 219 echo '<input type="radio" name="d[license]" value="' . hsc($key) . '" id="lic_' . $key . '"' . 220 (($d['license'] === $key) ? ' checked="checked"' : '') . '>'; 221 echo hsc($lic['name']); 222 if ($lic['url']) echo ' <a href="' . $lic['url'] . '" target="_blank"><sup>[?]</sup></a>'; 223 echo '</label>'; 224 } 225 ?> 226 </fieldset> 227 228 <fieldset> 229 <p><?php echo $lang['i_pop_field']?></p> 230 <label for="pop"> 231 <input type="checkbox" name="d[pop]" id="pop" <?php 232 echo(($d['pop'] ? ' checked="checked"' : ''));?> /> 233 <?php echo $lang['i_pop_label']?> 234 <a href="http://www.dokuwiki.org/popularity" target="_blank"><sup>[?]</sup></a> 235 </label> 236 </fieldset> 237 238 </fieldset> 239 <fieldset id="process"> 240 <button type="submit" name="submit"><?php echo $lang['btn_save']?></button> 241 </fieldset> 242 </form> 243 <?php 244} 245 246function print_retry() 247{ 248 global $lang; 249 global $LC; 250 ?> 251 <form action="" method="get"> 252 <fieldset> 253 <input type="hidden" name="l" value="<?php echo $LC ?>" /> 254 <button type="submit"><?php echo $lang['i_retry'];?></button> 255 </fieldset> 256 </form> 257 <?php 258} 259 260/** 261 * Check validity of data 262 * 263 * @author Andreas Gohr 264 * 265 * @param array $d 266 * @return bool ok? 267 */ 268function check_data(&$d) 269{ 270 static $form_default = [ 271 'title' => '', 272 'acl' => '1', 273 'superuser' => '', 274 'fullname' => '', 275 'email' => '', 276 'password' => '', 277 'confirm' => '', 278 'policy' => '0', 279 'allowreg' => '0', 280 'license' => 'cc-by-sa' 281 ]; 282 global $lang; 283 global $error; 284 285 if (!is_array($d)) $d = []; 286 foreach ($d as $k => $v) { 287 if (is_array($v)) 288 unset($d[$k]); 289 else $d[$k] = (string)$v; 290 } 291 292 //autolowercase the username 293 $d['superuser'] = isset($d['superuser']) ? strtolower($d['superuser']) : ""; 294 295 $ok = false; 296 297 if (isset($_REQUEST['submit'])) { 298 $ok = true; 299 300 // check input 301 if (empty($d['title'])) { 302 $error[] = sprintf($lang['i_badval'], $lang['i_wikiname']); 303 $ok = false; 304 } 305 if (isset($d['acl'])) { 306 if (empty($d['superuser']) || ($d['superuser'] !== cleanID($d['superuser']))) { 307 $error[] = sprintf($lang['i_badval'], $lang['i_superuser']); 308 $ok = false; 309 } 310 if (empty($d['password'])) { 311 $error[] = sprintf($lang['i_badval'], $lang['pass']); 312 $ok = false; 313 } elseif (!isset($d['confirm']) || $d['confirm'] != $d['password']) { 314 $error[] = sprintf($lang['i_badval'], $lang['passchk']); 315 $ok = false; 316 } 317 if (empty($d['fullname']) || strstr($d['fullname'], ':')) { 318 $error[] = sprintf($lang['i_badval'], $lang['fullname']); 319 $ok = false; 320 } 321 if (empty($d['email']) || strstr($d['email'], ':') || !strstr($d['email'], '@')) { 322 $error[] = sprintf($lang['i_badval'], $lang['email']); 323 $ok = false; 324 } 325 } else { 326 // Since default = 1, browser won't send acl=0 when user untick acl 327 $d['acl'] = '0'; 328 } 329 } 330 $d = array_merge($form_default, $d); 331 return $ok; 332} 333 334/** 335 * Writes the data to the config files 336 * 337 * @author Chris Smith <chris@jalakai.co.uk> 338 * 339 * @param array $d 340 * @return bool 341 */ 342function store_data($d) 343{ 344 global $LC; 345 $ok = true; 346 $d['policy'] = (int) $d['policy']; 347 348 // create local.php 349 $now = gmdate('r'); 350 $output = <<<EOT 351<?php 352/** 353 * Dokuwiki's Main Configuration File - Local Settings 354 * Auto-generated by install script 355 * Date: $now 356 */ 357 358EOT; 359 // add any config options set by a previous installer 360 $preset = __DIR__ . '/install.conf'; 361 if (file_exists($preset)) { 362 $output .= "# preset config options\n"; 363 $output .= file_get_contents($preset); 364 $output .= "\n\n"; 365 $output .= "# options selected in installer\n"; 366 @unlink($preset); 367 } 368 369 $output .= '$conf[\'title\'] = \'' . addslashes($d['title']) . "';\n"; 370 $output .= '$conf[\'lang\'] = \'' . addslashes($LC) . "';\n"; 371 $output .= '$conf[\'license\'] = \'' . addslashes($d['license']) . "';\n"; 372 if ($d['acl']) { 373 $output .= '$conf[\'useacl\'] = 1' . ";\n"; 374 $output .= "\$conf['superuser'] = '@admin';\n"; 375 } 376 if (!$d['allowreg']) { 377 $output .= '$conf[\'disableactions\'] = \'register\'' . ";\n"; 378 } 379 $ok = $ok && fileWrite(DOKU_LOCAL . 'local.php', $output); 380 381 if ($d['acl']) { 382 // hash the password 383 $phash = new PassHash(); 384 $pass = $phash->hash_bcrypt($d['password']); 385 386 // create users.auth.php 387 $output = <<<EOT 388# users.auth.php 389# <?php exit()?> 390# Don't modify the lines above 391# 392# Userfile 393# 394# Auto-generated by install script 395# Date: $now 396# 397# Format: 398# login:passwordhash:Real Name:email:groups,comma,separated 399 400EOT; 401 // --- user:bcryptpasswordhash:Real Name:email:groups,comma,seperated 402 $output = $output . "\n" . implode(':', [ 403 $d['superuser'], 404 $pass, 405 $d['fullname'], 406 $d['email'], 407 'admin,user', 408 ]) . "\n"; 409 $ok = $ok && fileWrite(DOKU_LOCAL . 'users.auth.php', $output); 410 411 // create acl.auth.php 412 $output = <<<EOT 413# acl.auth.php 414# <?php exit()?> 415# Don't modify the lines above 416# 417# Access Control Lists 418# 419# Auto-generated by install script 420# Date: $now 421 422EOT; 423 if ($d['policy'] == 2) { 424 $output .= "* @ALL 0\n"; 425 $output .= "* @user 8\n"; 426 } elseif ($d['policy'] == 1) { 427 $output .= "* @ALL 1\n"; 428 $output .= "* @user 8\n"; 429 } else { 430 $output .= "* @ALL 8\n"; 431 } 432 $ok = $ok && fileWrite(DOKU_LOCAL . 'acl.auth.php', $output); 433 } 434 435 // enable popularity submission 436 if (isset($d['pop']) && $d['pop']) { 437 @touch(DOKU_INC . 'data/cache/autosubmit.txt'); 438 } 439 440 // disable auth plugins til needed 441 $output = <<<EOT 442<?php 443/* 444 * Local plugin enable/disable settings 445 * 446 * Auto-generated by install script 447 * Date: $now 448 */ 449 450\$plugins['authad'] = 0; 451\$plugins['authldap'] = 0; 452\$plugins['authmysql'] = 0; 453\$plugins['authpgsql'] = 0; 454 455EOT; 456 $ok = $ok && fileWrite(DOKU_LOCAL . 'plugins.local.php', $output); 457 458 return $ok; 459} 460 461/** 462 * Write the given content to a file 463 * 464 * @author Chris Smith <chris@jalakai.co.uk> 465 * 466 * @param string $filename 467 * @param string $data 468 * @return bool 469 */ 470function fileWrite($filename, $data) 471{ 472 global $error; 473 global $lang; 474 475 if (($fp = @fopen($filename, 'wb')) === false) { 476 $filename = str_replace($_SERVER['DOCUMENT_ROOT'], '{DOCUMENT_ROOT}/', $filename); 477 $error[] = sprintf($lang['i_writeerr'], $filename); 478 return false; 479 } 480 481 if (!empty($data)) { 482 fwrite($fp, $data); 483 } 484 fclose($fp); 485 return true; 486} 487 488 489/** 490 * check installation dependent local config files and tests for a known 491 * unmodified main config file 492 * 493 * @author Chris Smith <chris@jalakai.co.uk> 494 * 495 * @return bool 496 */ 497function check_configs() 498{ 499 global $error; 500 global $lang; 501 502 $ok = true; 503 504 $config_files = [ 505 'local' => DOKU_LOCAL . 'local.php', 506 'users' => DOKU_LOCAL . 'users.auth.php', 507 'auth' => DOKU_LOCAL . 'acl.auth.php' 508 ]; 509 510 // configs shouldn't exist 511 foreach ($config_files as $file) { 512 if (file_exists($file) && filesize($file)) { 513 $file = str_replace($_SERVER['DOCUMENT_ROOT'], '{DOCUMENT_ROOT}/', $file); 514 $error[] = sprintf($lang['i_confexists'], $file); 515 $ok = false; 516 } 517 } 518 return $ok; 519} 520 521 522/** 523 * Check other installation dir/file permission requirements 524 * 525 * @author Chris Smith <chris@jalakai.co.uk> 526 * 527 * @return bool 528 */ 529function check_permissions() 530{ 531 global $error; 532 global $lang; 533 534 $dirs = [ 535 'conf' => DOKU_LOCAL, 536 'data' => DOKU_INC . 'data', 537 'pages' => DOKU_INC . 'data/pages', 538 'attic' => DOKU_INC . 'data/attic', 539 'media' => DOKU_INC . 'data/media', 540 'media_attic' => DOKU_INC . 'data/media_attic', 541 'media_meta' => DOKU_INC . 'data/media_meta', 542 'meta' => DOKU_INC . 'data/meta', 543 'cache' => DOKU_INC . 'data/cache', 544 'locks' => DOKU_INC . 'data/locks', 545 'index' => DOKU_INC . 'data/index', 546 'tmp' => DOKU_INC . 'data/tmp' 547 ]; 548 549 $ok = true; 550 foreach ($dirs as $dir) { 551 if (!file_exists("$dir/.") || !is_writable($dir)) { 552 $dir = str_replace($_SERVER['DOCUMENT_ROOT'], '{DOCUMENT_ROOT}', $dir); 553 $error[] = sprintf($lang['i_permfail'], $dir); 554 $ok = false; 555 } 556 } 557 return $ok; 558} 559 560/** 561 * Check the availability of functions used in DokuWiki and the PHP version 562 * 563 * @author Andreas Gohr <andi@splitbrain.org> 564 * 565 * @return bool 566 */ 567function check_functions() 568{ 569 global $error; 570 global $lang; 571 $ok = true; 572 573 if (version_compare(phpversion(), '7.4.0', '<')) { 574 $error[] = sprintf($lang['i_phpver'], phpversion(), '7.4.0'); 575 $ok = false; 576 } 577 578 if (ini_get('mbstring.func_overload') != 0) { 579 $error[] = $lang['i_mbfuncoverload']; 580 $ok = false; 581 } 582 583 try { 584 random_bytes(1); 585 } catch (\Exception $th) { 586 // If an appropriate source of randomness cannot be found, an Exception will be thrown by PHP 7+ 587 $error[] = $lang['i_urandom']; 588 $ok = false; 589 } 590 591 if (ini_get('mbstring.func_overload') != 0) { 592 $error[] = $lang['i_mbfuncoverload']; 593 $ok = false; 594 } 595 596 $funcs = explode(' ', 'addslashes call_user_func chmod copy fgets ' . 597 'file file_exists fseek flush filesize ftell fopen ' . 598 'glob header ignore_user_abort ini_get mkdir ' . 599 'ob_start opendir parse_ini_file readfile realpath ' . 600 'rename rmdir serialize session_start unlink usleep ' . 601 'preg_replace file_get_contents htmlspecialchars_decode ' . 602 'spl_autoload_register stream_select fsockopen pack xml_parser_create'); 603 604 if (!function_exists('mb_substr')) { 605 $funcs[] = 'utf8_encode'; 606 $funcs[] = 'utf8_decode'; 607 } 608 609 if (!function_exists('mail')) { 610 if (strpos(ini_get('disable_functions'), 'mail') !== false) { 611 $disabled = $lang['i_disabled']; 612 } else { 613 $disabled = ""; 614 } 615 $error[] = sprintf($lang['i_funcnmail'], $disabled); 616 } 617 618 foreach ($funcs as $func) { 619 if (!function_exists($func)) { 620 $error[] = sprintf($lang['i_funcna'], $func); 621 $ok = false; 622 } 623 } 624 return $ok; 625} 626 627/** 628 * Print language selection 629 * 630 * @author Andreas Gohr <andi@splitbrain.org> 631 */ 632function langsel() 633{ 634 global $lang; 635 global $LC; 636 637 $dir = DOKU_INC . 'inc/lang'; 638 $dh = opendir($dir); 639 if (!$dh) return; 640 641 $langs = []; 642 while (($file = readdir($dh)) !== false) { 643 if (preg_match('/^[\._]/', $file)) continue; 644 if (is_dir($dir . '/' . $file) && file_exists($dir . '/' . $file . '/lang.php')) { 645 $langs[] = $file; 646 } 647 } 648 closedir($dh); 649 sort($langs); 650 651 echo '<form action="">'; 652 echo $lang['i_chooselang']; 653 echo ': <select name="l" onchange="submit()">'; 654 foreach ($langs as $l) { 655 $sel = ($l == $LC) ? 'selected="selected"' : ''; 656 echo '<option value="' . $l . '" ' . $sel . '>' . $l . '</option>'; 657 } 658 echo '</select> '; 659 echo '<button type="submit">' . $lang['btn_update'] . '</button>'; 660 echo '</form>'; 661} 662 663/** 664 * Print global error array 665 * 666 * @author Andreas Gohr <andi@splitbrain.org> 667 */ 668function print_errors() 669{ 670 global $error; 671 if (!empty($error)) { 672 echo '<ul>'; 673 foreach ($error as $err) { 674 echo "<li>$err</li>"; 675 } 676 echo '</ul>'; 677 } 678} 679