xref: /dokuwiki/install.php (revision eedb5034dc515706179f8be4ddf25b49e5d067c4) 
1<?php
2/**
3 * Dokuwiki installation assistance
4 *
5 * @author      Chris Smith <chris@jalakai.co.uk>
6 */
7
8if(!defined('DOKU_INC')) define('DOKU_INC',dirname(__FILE__).'/');
9if(!defined('DOKU_CONF')) define('DOKU_CONF',DOKU_INC.'conf/');
10if(!defined('DOKU_LOCAL')) define('DOKU_LOCAL',DOKU_INC.'conf/');
11
12require_once(DOKU_INC.'inc/PassHash.class.php');
13
14// check for error reporting override or set error reporting to sane values
15if (!defined('DOKU_E_LEVEL')) { error_reporting(E_ALL ^ E_NOTICE); }
16else { error_reporting(DOKU_E_LEVEL); }
17
18// kill magic quotes
19if (get_magic_quotes_gpc() && !defined('MAGIC_QUOTES_STRIPPED')) {
20    if (!empty($_GET))    remove_magic_quotes($_GET);
21    if (!empty($_POST))   remove_magic_quotes($_POST);
22    if (!empty($_COOKIE)) remove_magic_quotes($_COOKIE);
23    if (!empty($_REQUEST)) remove_magic_quotes($_REQUEST);
24    @ini_set('magic_quotes_gpc', 0);
25    define('MAGIC_QUOTES_STRIPPED',1);
26}
27if (function_exists('set_magic_quotes_runtime')) @set_magic_quotes_runtime(0);
28@ini_set('magic_quotes_sybase',0);
29
30// language strings
31require_once(DOKU_INC.'inc/lang/en/lang.php');
32if(isset($_REQUEST['l']) && !is_array($_REQUEST['l'])) {
33    $LC = preg_replace('/[^a-z\-]+/','',$_REQUEST['l']);
34}
35if(empty($LC)) $LC = 'en';
36if($LC && $LC != 'en' ) {
37    require_once(DOKU_INC.'inc/lang/'.$LC.'/lang.php');
38}
39
40// initialise variables ...
41$error = array();
42
43$dokuwiki_hash = array(
44    '2005-09-22'   => 'e33223e957b0b0a130d0520db08f8fb7',
45    '2006-03-05'   => '51295727f79ab9af309a2fd9e0b61acc',
46    '2006-03-09'   => '51295727f79ab9af309a2fd9e0b61acc',
47    '2006-11-06'   => 'b3a8af76845977c2000d85d6990dd72b',
48    '2007-05-24'   => 'd80f2740c84c4a6a791fd3c7a353536f',
49    '2007-06-26'   => 'b3ca19c7a654823144119980be73cd77',
50    '2008-05-04'   => '1e5c42eac3219d9e21927c39e3240aad',
51    '2009-02-14'   => 'ec8c04210732a14fdfce0f7f6eead865',
52    '2009-12-25'   => '993c4b2b385643efe5abf8e7010e11f4',
53    '2010-11-07'   => '7921d48195f4db21b8ead6d9bea801b8',
54    '2011-05-25'   => '4241865472edb6fa14a1227721008072',
55    '2011-11-10'   => 'b46ff19a7587966ac4df61cbab1b8b31',
56    '2012-01-25'   => '72c083c73608fc43c586901fd5dabb74',
57    '2012-09-10'   => 'eb0b3fc90056fbc12bac6f49f7764df3',
58    '2013-05-10'   => '7b62b75245f57f122d3e0f8ed7989623',
59    '2013-12-08'   => '263c76af309fbf083867c18a34ff5214',
60    '2014-05-05'   => '263c76af309fbf083867c18a34ff5214',
61    '2015-08-10'   => '263c76af309fbf083867c18a34ff5214',
62    '2016-06-26'   => 'fd3abb6d89853dacb032907e619fbd73',
63    '2017-02-19'   => 'e4f2f5a34c9dbcd96a5ecc8f2df25bd9'
64);
65
66
67// begin output
68header('Content-Type: text/html; charset=utf-8');
69?>
70<!DOCTYPE html>
71<html lang="<?php echo $LC?>" dir="<?php echo $lang['direction']?>">
72<head>
73    <meta charset="utf-8" />
74    <title><?php echo $lang['i_installer']?></title>
75    <style type="text/css">
76        body { width: 90%; margin: 0 auto; font: 84% Verdana, Helvetica, Arial, sans-serif; }
77        img { border: none }
78        br.cl { clear:both; }
79        code { font-size: 110%; color: #800000; }
80        fieldset { border: none }
81        label { display: block; margin-top: 0.5em; }
82        select.text, input.text { width: 30em; margin: 0 0.5em; }
83        a {text-decoration: none}
84    </style>
85    <script type="text/javascript">
86        function acltoggle(){
87            var cb = document.getElementById('acl');
88            var fs = document.getElementById('acldep');
89            if(!cb || !fs) return;
90            if(cb.checked){
91                fs.style.display = '';
92            }else{
93                fs.style.display = 'none';
94            }
95        }
96        window.onload = function(){
97            acltoggle();
98            var cb = document.getElementById('acl');
99            if(cb) cb.onchange = acltoggle;
100        };
101    </script>
102</head>
103<body style="">
104    <h1 style="float:left">
105        <img src="lib/exe/fetch.php?media=wiki:dokuwiki-128.png"
106             style="vertical-align: middle;" alt="" height="64" width="64" />
107        <?php echo $lang['i_installer']?>
108    </h1>
109    <div style="float:right; margin: 1em;">
110        <?php langsel()?>
111    </div>
112    <br class="cl" />
113
114    <div style="float: right; width: 34%;">
115        <?php
116            if(file_exists(DOKU_INC.'inc/lang/'.$LC.'/install.html')){
117                include(DOKU_INC.'inc/lang/'.$LC.'/install.html');
118            }else{
119                print "<div lang=\"en\" dir=\"ltr\">\n";
120                include(DOKU_INC.'inc/lang/en/install.html');
121                print "</div>\n";
122            }
123        ?>
124        <a style="background: transparent url(data/security.png) left top no-repeat;
125                  display: block; width:380px; height:73px; border:none; clear:both;"
126           target="_blank"
127           href="http://www.dokuwiki.org/security#web_access_security"></a>
128    </div>
129
130    <div style="float: left; width: 58%;">
131        <?php
132            if(! (check_functions() && check_permissions()) ){
133                echo '<p>'.$lang['i_problems'].'</p>';
134                print_errors();
135                print_retry();
136            }elseif(!check_configs()){
137                echo '<p>'.$lang['i_modified'].'</p>';
138                print_errors();
139            }elseif(check_data($_REQUEST['d'])){
140                // check_data has sanitized all input parameters
141                if(!store_data($_REQUEST['d'])){
142                    echo '<p>'.$lang['i_failure'].'</p>';
143                    print_errors();
144                }else{
145                    echo '<p>'.$lang['i_success'].'</p>';
146                }
147            }else{
148                print_errors();
149                print_form($_REQUEST['d']);
150            }
151        ?>
152    </div>
153
154
155<div style="clear: both">
156  <a href="http://dokuwiki.org/"><img src="lib/tpl/dokuwiki/images/button-dw.png" alt="driven by DokuWiki" /></a>
157  <a href="http://php.net"><img src="lib/tpl/dokuwiki/images/button-php.gif" alt="powered by PHP" /></a>
158</div>
159</body>
160</html>
161<?php
162
163/**
164 * Print the input form
165 *
166 * @param array $d submitted entry 'd' of request data
167 */
168function print_form($d){
169    global $lang;
170    global $LC;
171
172    include(DOKU_CONF.'license.php');
173
174    if(!is_array($d)) $d = array();
175    $d = array_map('htmlspecialchars',$d);
176
177    if(!isset($d['acl'])) $d['acl']=1;
178    if(!isset($d['pop'])) $d['pop']=1;
179
180    ?>
181    <form action="" method="post">
182    <input type="hidden" name="l" value="<?php echo $LC ?>" />
183    <fieldset>
184        <label for="title"><?php echo $lang['i_wikiname']?>
185        <input type="text" name="d[title]" id="title" value="<?php echo $d['title'] ?>" style="width: 20em;" />
186        </label>
187
188        <fieldset style="margin-top: 1em;">
189            <label for="acl">
190            <input type="checkbox" name="d[acl]" id="acl" <?php echo(($d['acl'] ? ' checked="checked"' : ''));?> />
191            <?php echo $lang['i_enableacl']?></label>
192
193            <fieldset id="acldep">
194                <label for="superuser"><?php echo $lang['i_superuser']?></label>
195                <input class="text" type="text" name="d[superuser]" id="superuser" value="<?php echo $d['superuser'] ?>" />
196
197                <label for="fullname"><?php echo $lang['fullname']?></label>
198                <input class="text" type="text" name="d[fullname]" id="fullname" value="<?php echo $d['fullname'] ?>" />
199
200                <label for="email"><?php echo $lang['email']?></label>
201                <input class="text" type="text" name="d[email]" id="email" value="<?php echo $d['email'] ?>" />
202
203                <label for="password"><?php echo $lang['pass']?></label>
204                <input class="text" type="password" name="d[password]" id="password" />
205
206                <label for="confirm"><?php echo $lang['passchk']?></label>
207                <input class="text" type="password" name="d[confirm]" id="confirm" />
208
209                <label for="policy"><?php echo $lang['i_policy']?></label>
210                <select class="text" name="d[policy]" id="policy">
211                    <option value="0" <?php echo ($d['policy'] == 0)?'selected="selected"':'' ?>><?php echo $lang['i_pol0']?></option>
212                    <option value="1" <?php echo ($d['policy'] == 1)?'selected="selected"':'' ?>><?php echo $lang['i_pol1']?></option>
213                    <option value="2" <?php echo ($d['policy'] == 2)?'selected="selected"':'' ?>><?php echo $lang['i_pol2']?></option>
214                </select>
215
216                <label for="allowreg">
217                    <input type="checkbox" name="d[allowreg]" id="allowreg" <?php echo(($d['allowreg'] ? ' checked="checked"' : ''));?> />
218                    <?php echo $lang['i_allowreg']?>
219                </label>
220            </fieldset>
221        </fieldset>
222
223        <fieldset>
224            <p><?php echo $lang['i_license']?></p>
225            <?php
226            array_push($license,array('name' => $lang['i_license_none'], 'url'=>''));
227            if(empty($d['license'])) $d['license'] = 'cc-by-sa';
228            foreach($license as $key => $lic){
229                echo '<label for="lic_'.$key.'">';
230                echo '<input type="radio" name="d[license]" value="'.htmlspecialchars($key).'" id="lic_'.$key.'"'.
231                     (($d['license'] === $key)?' checked="checked"':'').'>';
232                echo htmlspecialchars($lic['name']);
233                if($lic['url']) echo ' <a href="'.$lic['url'].'" target="_blank"><sup>[?]</sup></a>';
234                echo '</label>';
235            }
236            ?>
237        </fieldset>
238
239        <fieldset>
240            <p><?php echo $lang['i_pop_field']?></p>
241            <label for="pop">
242                <input type="checkbox" name="d[pop]" id="pop" <?php echo(($d['pop'] ? ' checked="checked"' : ''));?> />
243                <?php echo $lang['i_pop_label']?> <a href="http://www.dokuwiki.org/popularity" target="_blank"><sup>[?]</sup></a>
244            </label>
245        </fieldset>
246
247    </fieldset>
248    <fieldset id="process">
249        <button type="submit" name="submit"><?php echo $lang['btn_save']?></button>
250    </fieldset>
251    </form>
252    <?php
253}
254
255function print_retry() {
256    global $lang;
257    global $LC;
258    ?>
259    <form action="" method="get">
260      <fieldset>
261        <input type="hidden" name="l" value="<?php echo $LC ?>" />
262        <button type="submit"><?php echo $lang['i_retry'];?></button>
263      </fieldset>
264    </form>
265    <?php
266}
267
268/**
269 * Check validity of data
270 *
271 * @author Andreas Gohr
272 *
273 * @param array $d
274 * @return bool ok?
275 */
276function check_data(&$d){
277    static $form_default = array(
278        'title'     => '',
279        'acl'       => '1',
280        'superuser' => '',
281        'fullname'  => '',
282        'email'     => '',
283        'password'  => '',
284        'confirm'   => '',
285        'policy'    => '0',
286        'allowreg'  => '0',
287        'license'   => 'cc-by-sa'
288    );
289    global $lang;
290    global $error;
291
292    if(!is_array($d)) $d = array();
293    foreach($d as $k => $v) {
294        if(is_array($v))
295            unset($d[$k]);
296        else
297            $d[$k] = (string)$v;
298    }
299
300    //autolowercase the username
301    $d['superuser'] = isset($d['superuser']) ? strtolower($d['superuser']) : "";
302
303    $ok = false;
304
305    if(isset($_REQUEST['submit'])) {
306        $ok = true;
307
308        // check input
309        if(empty($d['title'])){
310            $error[] = sprintf($lang['i_badval'],$lang['i_wikiname']);
311            $ok      = false;
312        }
313        if(isset($d['acl'])){
314            if(!preg_match('/^[a-z0-9_]+$/',$d['superuser'])){
315                $error[] = sprintf($lang['i_badval'],$lang['i_superuser']);
316                $ok      = false;
317            }
318            if(empty($d['password'])){
319                $error[] = sprintf($lang['i_badval'],$lang['pass']);
320                $ok      = false;
321            }
322            elseif(!isset($d['confirm']) || $d['confirm'] != $d['password']){
323                $error[] = sprintf($lang['i_badval'],$lang['passchk']);
324                $ok      = false;
325            }
326            if(empty($d['fullname']) || strstr($d['fullname'],':')){
327                $error[] = sprintf($lang['i_badval'],$lang['fullname']);
328                $ok      = false;
329            }
330            if(empty($d['email']) || strstr($d['email'],':') || !strstr($d['email'],'@')){
331                $error[] = sprintf($lang['i_badval'],$lang['email']);
332                $ok      = false;
333            }
334        }
335    }
336    $d = array_merge($form_default, $d);
337    return $ok;
338}
339
340/**
341 * Writes the data to the config files
342 *
343 * @author  Chris Smith <chris@jalakai.co.uk>
344 *
345 * @param array $d
346 * @return bool
347 */
348function store_data($d){
349    global $LC;
350    $ok = true;
351    $d['policy'] = (int) $d['policy'];
352
353    // create local.php
354    $now    = gmdate('r');
355    $output = <<<EOT
356<?php
357/**
358 * Dokuwiki's Main Configuration File - Local Settings
359 * Auto-generated by install script
360 * Date: $now
361 */
362
363EOT;
364    // add any config options set by a previous installer
365    $preset = __DIR__.'/install.conf';
366    if(file_exists($preset)){
367        $output .= "# preset config options\n";
368        $output .= file_get_contents($preset);
369        $output .= "\n\n";
370        $output .= "# options selected in installer\n";
371        @unlink($preset);
372    }
373
374    $output .= '$conf[\'title\'] = \''.addslashes($d['title'])."';\n";
375    $output .= '$conf[\'lang\'] = \''.addslashes($LC)."';\n";
376    $output .= '$conf[\'license\'] = \''.addslashes($d['license'])."';\n";
377    if($d['acl']){
378        $output .= '$conf[\'useacl\'] = 1'.";\n";
379        $output .= "\$conf['superuser'] = '@admin';\n";
380    }
381    if(!$d['allowreg']){
382        $output .= '$conf[\'disableactions\'] = \'register\''.";\n";
383    }
384    $ok = $ok && fileWrite(DOKU_LOCAL.'local.php',$output);
385
386    if ($d['acl']) {
387        // hash the password
388        $phash = new PassHash();
389        $pass = $phash->hash_smd5($d['password']);
390
391        // create users.auth.php
392        // --- user:SMD5password:Real Name:email:groups,comma,seperated
393        $output = join(":",array($d['superuser'], $pass, $d['fullname'], $d['email'], 'admin,user'));
394        $output = @file_get_contents(DOKU_CONF.'users.auth.php.dist')."\n$output\n";
395        $ok = $ok && fileWrite(DOKU_LOCAL.'users.auth.php', $output);
396
397        // create acl.auth.php
398        $output = <<<EOT
399# acl.auth.php
400# <?php exit()?>
401# Don't modify the lines above
402#
403# Access Control Lists
404#
405# Auto-generated by install script
406# Date: $now
407
408EOT;
409        if($d['policy'] == 2){
410            $output .=  "*               @ALL          0\n";
411            $output .=  "*               @user         8\n";
412        }elseif($d['policy'] == 1){
413            $output .=  "*               @ALL          1\n";
414            $output .=  "*               @user         8\n";
415        }else{
416            $output .=  "*               @ALL          8\n";
417        }
418        $ok = $ok && fileWrite(DOKU_LOCAL.'acl.auth.php', $output);
419    }
420
421    // enable popularity submission
422    if($d['pop']){
423        @touch(DOKU_INC.'data/cache/autosubmit.txt');
424    }
425
426    // disable auth plugins til needed
427    $output = <<<EOT
428<?php
429/*
430 * Local plugin enable/disable settings
431 *
432 * Auto-generated by install script
433 * Date: $now
434 */
435
436\$plugins['authad']    = 0;
437\$plugins['authldap']  = 0;
438\$plugins['authmysql'] = 0;
439\$plugins['authpgsql'] = 0;
440
441EOT;
442    $ok = $ok && fileWrite(DOKU_LOCAL.'plugins.local.php', $output);
443
444    return $ok;
445}
446
447/**
448 * Write the given content to a file
449 *
450 * @author  Chris Smith <chris@jalakai.co.uk>
451 *
452 * @param string $filename
453 * @param string $data
454 * @return bool
455 */
456function fileWrite($filename, $data) {
457    global $error;
458    global $lang;
459
460    if (($fp = @fopen($filename, 'wb')) === false) {
461        $filename = str_replace($_SERVER['DOCUMENT_ROOT'],'{DOCUMENT_ROOT}/', $filename);
462        $error[]  = sprintf($lang['i_writeerr'],$filename);
463        return false;
464    }
465
466    if (!empty($data)) { fwrite($fp, $data);  }
467    fclose($fp);
468    return true;
469}
470
471
472/**
473 * check installation dependent local config files and tests for a known
474 * unmodified main config file
475 *
476 * @author      Chris Smith <chris@jalakai.co.uk>
477 *
478 * @return bool
479 */
480function check_configs(){
481    global $error;
482    global $lang;
483    global $dokuwiki_hash;
484
485    $ok = true;
486
487    $config_files = array(
488        'local' => DOKU_LOCAL.'local.php',
489        'users' => DOKU_LOCAL.'users.auth.php',
490        'auth'  => DOKU_LOCAL.'acl.auth.php'
491    );
492
493    // main dokuwiki config file (conf/dokuwiki.php) must not have been modified
494    $installation_hash = md5(preg_replace("/(\015\012)|(\015)/","\012",
495                             @file_get_contents(DOKU_CONF.'dokuwiki.php')));
496    if (!in_array($installation_hash, $dokuwiki_hash)) {
497        $error[] = sprintf($lang['i_badhash'],$installation_hash);
498        $ok = false;
499    }
500
501    // configs shouldn't exist
502    foreach ($config_files as $file) {
503        if (file_exists($file) && filesize($file)) {
504            $file    = str_replace($_SERVER['DOCUMENT_ROOT'],'{DOCUMENT_ROOT}/', $file);
505            $error[] = sprintf($lang['i_confexists'],$file);
506            $ok      = false;
507        }
508    }
509    return $ok;
510}
511
512
513/**
514 * Check other installation dir/file permission requirements
515 *
516 * @author      Chris Smith <chris@jalakai.co.uk>
517 *
518 * @return bool
519 */
520function check_permissions(){
521    global $error;
522    global $lang;
523
524    $dirs = array(
525        'conf'        => DOKU_LOCAL,
526        'data'        => DOKU_INC.'data',
527        'pages'       => DOKU_INC.'data/pages',
528        'attic'       => DOKU_INC.'data/attic',
529        'media'       => DOKU_INC.'data/media',
530        'media_attic' => DOKU_INC.'data/media_attic',
531        'media_meta'  => DOKU_INC.'data/media_meta',
532        'meta'        => DOKU_INC.'data/meta',
533        'cache'       => DOKU_INC.'data/cache',
534        'locks'       => DOKU_INC.'data/locks',
535        'index'       => DOKU_INC.'data/index',
536        'tmp'         => DOKU_INC.'data/tmp'
537    );
538
539    $ok = true;
540    foreach($dirs as $dir){
541        if(!file_exists("$dir/.") || !is_writable($dir)){
542            $dir     = str_replace($_SERVER['DOCUMENT_ROOT'],'{DOCUMENT_ROOT}', $dir);
543            $error[] = sprintf($lang['i_permfail'],$dir);
544            $ok      = false;
545        }
546    }
547    return $ok;
548}
549
550/**
551 * Check the availability of functions used in DokuWiki and the PHP version
552 *
553 * @author Andreas Gohr <andi@splitbrain.org>
554 *
555 * @return bool
556 */
557function check_functions(){
558    global $error;
559    global $lang;
560    $ok = true;
561
562    if(version_compare(phpversion(),'5.3.3','<')){
563        $error[] = sprintf($lang['i_phpver'],phpversion(),'5.3.3');
564        $ok = false;
565    }
566
567    if(ini_get('mbstring.func_overload') != 0){
568        $error[] = $lang['i_mbfuncoverload'];
569        $ok = false;
570    }
571
572    $funcs = explode(' ','addslashes call_user_func chmod copy fgets '.
573                         'file file_exists fseek flush filesize ftell fopen '.
574                         'glob header ignore_user_abort ini_get mail mkdir '.
575                         'ob_start opendir parse_ini_file readfile realpath '.
576                         'rename rmdir serialize session_start unlink usleep '.
577                         'preg_replace file_get_contents htmlspecialchars_decode '.
578                         'spl_autoload_register stream_select fsockopen pack');
579
580    if (!function_exists('mb_substr')) {
581        $funcs[] = 'utf8_encode';
582        $funcs[] = 'utf8_decode';
583    }
584
585    foreach($funcs as $func){
586        if(!function_exists($func)){
587            $error[] = sprintf($lang['i_funcna'],$func);
588            $ok = false;
589        }
590    }
591    return $ok;
592}
593
594/**
595 * Print language selection
596 *
597 * @author Andreas Gohr <andi@splitbrain.org>
598 */
599function langsel(){
600    global $lang;
601    global $LC;
602
603    $dir = DOKU_INC.'inc/lang';
604    $dh  = opendir($dir);
605    if(!$dh) return;
606
607    $langs = array();
608    while (($file = readdir($dh)) !== false) {
609        if(preg_match('/^[\._]/',$file)) continue;
610        if(is_dir($dir.'/'.$file) && file_exists($dir.'/'.$file.'/lang.php')){
611            $langs[] = $file;
612        }
613    }
614    closedir($dh);
615    sort($langs);
616
617    echo '<form action="">';
618    echo $lang['i_chooselang'];
619    echo ': <select name="l" onchange="submit()">';
620    foreach($langs as $l){
621        $sel = ($l == $LC) ? 'selected="selected"' : '';
622        echo '<option value="'.$l.'" '.$sel.'>'.$l.'</option>';
623    }
624    echo '</select> ';
625    echo '<button type="submit">'.$lang['btn_update'].'</button>';
626    echo '</form>';
627}
628
629/**
630 * Print global error array
631 *
632 * @author Andreas Gohr <andi@splitbrain.org>
633 */
634function print_errors(){
635    global $error;
636    if(!empty($error)) {
637        echo '<ul>';
638        foreach ($error as $err){
639            echo "<li>$err</li>";
640        }
641        echo '</ul>';
642    }
643}
644
645/**
646 * remove magic quotes recursivly
647 *
648 * @author Andreas Gohr <andi@splitbrain.org>
649 *
650 * @param array $array
651 */
652function remove_magic_quotes(&$array) {
653    foreach (array_keys($array) as $key) {
654        if (is_array($array[$key])) {
655            remove_magic_quotes($array[$key]);
656        }else {
657            $array[$key] = stripslashes($array[$key]);
658        }
659    }
660}
661
662