diff options
| -rwxr-xr-x | admin.php | 10 | ||||
| -rw-r--r-- | app/Controller/AdminController.php | 25 | ||||
| -rw-r--r-- | app/Controller/BaseController.php | 18 | ||||
| -rw-r--r-- | app/Controller/PageController.php | 1 | ||||
| -rw-r--r-- | app/Controller/SetupController.php | 423 | ||||
| -rw-r--r-- | app/View.php | 10 | ||||
| -rw-r--r-- | includes/session.php | 5 | ||||
| -rw-r--r-- | resources/views/admin/control-panel.php | 4 | ||||
| -rw-r--r-- | resources/views/admin/module-components.php | 2 | ||||
| -rw-r--r-- | resources/views/admin/modules.php | 4 | ||||
| -rw-r--r-- | resources/views/layouts/setup.php | 21 | ||||
| -rw-r--r-- | resources/views/setup/step-1-language.php | 37 | ||||
| -rw-r--r-- | resources/views/setup/step-2-server-checks.php | 71 | ||||
| -rw-r--r-- | resources/views/setup/step-3-database-connection.php | 89 | ||||
| -rw-r--r-- | resources/views/setup/step-4-database-name.php | 63 | ||||
| -rw-r--r-- | resources/views/setup/step-5-administrator.php | 83 | ||||
| -rw-r--r-- | resources/views/setup/step-6-failed.php | 13 | ||||
| -rw-r--r-- | setup.php | 484 |
18 files changed, 865 insertions, 498 deletions
@@ -27,11 +27,11 @@ $method = $request->getMethod(); $route = $request->get('route'); // Default route -$response = new RedirectResponse('index.php'); +$response = new RedirectResponse(Html::url('index.php', [])); // POST request? Check the CSRF token. if ($method === 'POST' && !Filter::checkCsrf()) { - $referer_url = $request->headers->get('referer', 'index.php'); + $referer_url = $request->headers->get('referer', Html::url('index.php', [])); return (new RedirectResponse($referer_url))->prepare($request)->send(); } @@ -93,15 +93,15 @@ if (Auth::isAdmin()) { $response = ($controller = new AdminController)->controlPanelManager(); break; - case 'POST:delete-module-settings': + case 'POST:admin-delete-module-settings': $response = ($controller = new AdminController)->deleteModuleSettings($request); break; - case 'POST:update-module-access': + case 'POST:admin-update-module-access': $response = ($controller = new AdminController)->updateModuleAccess($request); break; - case 'POST:update-module-status': + case 'POST:admin-update-module-status': $response = ($controller = new AdminController)->updateModuleStatus($request); break; } diff --git a/app/Controller/AdminController.php b/app/Controller/AdminController.php index a9a38f7d60..faaec48b56 100644 --- a/app/Controller/AdminController.php +++ b/app/Controller/AdminController.php @@ -26,7 +26,6 @@ use Fisharebest\Webtrees\I18N; use Fisharebest\Webtrees\Module; use Fisharebest\Webtrees\Tree; use Fisharebest\Webtrees\User; -use Fisharebest\Webtrees\View; use Symfony\Component\HttpFoundation\RedirectResponse; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; @@ -34,7 +33,7 @@ use Symfony\Component\HttpFoundation\Response; /** * Controller for the administration pages */ -class AdminController extends PageController { +class AdminController extends BaseController { // This is a list of old files and directories, from earlier versions of webtrees. // git diff 1.7.9..master --name-status | grep ^D const OLD_FILES = [ @@ -797,20 +796,6 @@ class AdminController extends PageController { /** * Create a response object from a view. * - * @param string $path - * @param string[] $data - * - * @return RedirectResponse - */ - protected function redirectResponse($path, $data): RedirectResponse { - $url = Html::url($path, $data); - - return new RedirectResponse($url); - } - - /** - * Create a response object from a view. - * * @param string $name * @param string[] $data * @@ -904,16 +889,16 @@ class AdminController extends PageController { $php_support_url = 'https://secure.php.net/supported-versions.php'; $php_major_version = explode('.', PHP_VERSION)[0]; $today = date('Y-m-d'); - $warings = []; + $warnings = []; if ($php_major_version === 70 && $today >= '201-12-03' || $php_major_version === 71 && $today >= '2019-12-01') { - $warings[] = I18N::translate('Your web server is using PHP version %s, which is no longer receiving security updates. You should upgrade to a later version as soon as possible.', PHP_VERSION) . + $warnings[] = I18N::translate('Your web server is using PHP version %s, which is no longer receiving security updates. You should upgrade to a later version as soon as possible.', PHP_VERSION) . ' <a href="' . $php_support_url . '">' . $php_support_url . '</a>'; } elseif ($php_major_version === 70 && $today >= '2017-12-03' || $php_major_version === 71 && $today >= '2018-12-01') { - $warings[] = I18N::translate('Your web server is using PHP version %s, which is no longer maintained. You should upgrade to a later version.', PHP_VERSION) . ' <a href="' . $php_support_url . '">' . $php_support_url . '</a>'; + $warnings[] = I18N::translate('Your web server is using PHP version %s, which is no longer maintained. You should upgrade to a later version.', PHP_VERSION) . ' <a href="' . $php_support_url . '">' . $php_support_url . '</a>'; } - return $warings; + return $warnings; } /** diff --git a/app/Controller/BaseController.php b/app/Controller/BaseController.php index 023c242bbe..3773509a9c 100644 --- a/app/Controller/BaseController.php +++ b/app/Controller/BaseController.php @@ -15,7 +15,11 @@ */ namespace Fisharebest\Webtrees\Controller; +use Fisharebest\Webtrees\Html; use Fisharebest\Webtrees\Tree; +use Fisharebest\Webtrees\View; +use Symfony\Component\HttpFoundation\RedirectResponse; +use Symfony\Component\HttpFoundation\Response; /** * Base controller for all other controllers @@ -146,4 +150,18 @@ class BaseController { public function pageFooter() { echo $this->getJavascript(); } + + /** + * Create a response object from a view. + * + * @param string $path + * @param string[] $data + * + * @return RedirectResponse + */ + protected function redirectResponse($path, $data): RedirectResponse { + $url = Html::url($path, $data); + + return new RedirectResponse($url); + } } diff --git a/app/Controller/PageController.php b/app/Controller/PageController.php index 8e6ec06d0e..16ab97c3e4 100644 --- a/app/Controller/PageController.php +++ b/app/Controller/PageController.php @@ -18,7 +18,6 @@ namespace Fisharebest\Webtrees\Controller; use Fisharebest\Webtrees\Auth; use Fisharebest\Webtrees\Database; use Fisharebest\Webtrees\Family; -use Fisharebest\Webtrees\Filter; use Fisharebest\Webtrees\Functions\Functions; use Fisharebest\Webtrees\I18N; use Fisharebest\Webtrees\Individual; diff --git a/app/Controller/SetupController.php b/app/Controller/SetupController.php new file mode 100644 index 0000000000..15d2ef0e0b --- /dev/null +++ b/app/Controller/SetupController.php @@ -0,0 +1,423 @@ +<?php +/** + * webtrees: online genealogy + * Copyright (C) 2017 webtrees development team + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +namespace Fisharebest\Webtrees\Controller; + +use Exception; +use Fisharebest\Webtrees\Database; +use Fisharebest\Webtrees\Html; +use Fisharebest\Webtrees\I18N; +use Fisharebest\Webtrees\User; +use Fisharebest\Webtrees\View; +use PDOException; +use Symfony\Component\HttpFoundation\RedirectResponse; +use Symfony\Component\HttpFoundation\Request; +use Symfony\Component\HttpFoundation\Response; + +/** + * Controller for the installation wizard + */ +class SetupController extends BaseController { + const WT_CONFIG_FILE = 'config.ini.php'; + + /** + * Installation wizard - check user input and proceed to the next step. + * + * @param Request $request + * + * @return Response + */ + public function setup(Request $request): Response { + // Config file exists? Our work is done. + if (file_exists(WT_DATA_DIR . self::WT_CONFIG_FILE)) { + return $this->redirectResponse('index.php', []); + } + + $step = (int) $request->get('step', '1'); + $errors = $this->serverErrors(); + $warnings = $this->serverWarnings(); + $data = $this->extractParameters($request); + + $db_conn_error = $this->checkDatabaseConnection($data['dbhost'], $data['dbport'], $data['dbuser'], $data['dbpass']); + + $db_name_error = $this->checkDatabaseName($data['dbhost'], $data['dbport'], $data['dbuser'], $data['dbpass'], $data['dbname'], $data['tblpfx']); + + $wt_user_error = $this->checkAdminUser($data['wtname'], $data['wtuser'], $data['wtpass'], $data['wtemail']); + + $data['cpu_limit'] = $this->maxExecutionTime(); + $data['db_conn_error'] = $db_conn_error; + $data['db_name_error'] = $db_name_error; + $data['errors'] = $errors; + $data['locales'] = I18N::installedLocales(); + $data['memory_limit'] = $this->memoryLimit(); + $data['warnings'] = $warnings; + $data['wt_user_error'] = $wt_user_error; + + if ($wt_user_error && $step > 5) { + $step = 5; + } + if ($db_name_error && $step > 4) { + $step = 4; + } + if ($db_conn_error && $step > 3) { + $step = 3; + } + if (!empty($errors) && $step > 2) { + $step = 2; + } + if ($this->checkLanguage($request) === false && $step > 1) { + $step = 1; + } + + switch ($step) { + default: + case 1: + return $this->viewResponse('setup/step-1-language', $data); + case 2: + return $this->viewResponse('setup/step-2-server-checks', $data); + case 3: + return $this->viewResponse('setup/step-3-database-connection', $data); + case 4: + return $this->viewResponse('setup/step-4-database-name', $data); + case 5: + return $this->viewResponse('setup/step-5-administrator', $data); + case 6: + $error = $this->createConfigFile($data['dbhost'], $data['dbport'], $data['dbuser'], $data['dbpass'], $data['dbname'], $data['tblpfx'], $data['wtname'], $data['wtuser'], $data['wtpass'], $data['wtemail']); + + if ($error === '') { + return (new RedirectResponse(Html::url('index.php', []))); + } else { + return $this->viewResponse('setup/step-6-failed', ['error' => $error]); + } + + } + } + + /** + * @param string $wtname + * @param string $wtuser + * @param string $wtpass + * @param string $wtemail + * + * @return string + */ + private function checkAdminUser($wtname, $wtuser, $wtpass, $wtemail): string { + if ($wtname === '' || $wtuser === '' || $wtpass === '' || $wtemail === '') { + return I18N::translate('You must enter all the administrator account fields.'); + } + + if (mb_strlen($wtpass) < 6) { + return I18N::translate('The password needs to be at least six characters long.'); + } + + return ''; + } + + + /** + * Check we can write to the data folder. + * + * @param string $dbhost + * @param string $dbport + * @param string $buser + * @param string $dbpass + * + * @return string + * + */ + private function checkDatabaseConnection($dbhost, $dbport, $buser, $dbpass): string { + try { + Database::createInstance($dbhost, $dbport, '', $buser, $dbpass); + Database::disconnect(); + } catch (PDOException $ex) { + return I18N::translate('Unable to connect using this username and password. Your server gave the following error.') . '<br><br>' . Html::escape($ex->getMessage()) . '<br><br>' . I18N::translate('Check the settings and try again.'); + } + + return ''; + } + + /** + * Check we can write to the data folder. + * + * @param string $dbhost + * @param string $dbport + * @param string $dbuser + * @param string $dbpass + * @param string $dbname + * @param string $tblpfx + * + * @return string + * + */ + private function checkDatabaseName($dbhost, $dbport, $dbuser, $dbpass, $dbname, $tblpfx): string { + // The character ` is not valid in database or table names (even if escaped). + // The form should prevent the user from entering them. + if ($dbname === '' || strpos($dbname, '`') !== false) { + return 'Invalid database name'; + } + + if (strpos($tblpfx, '`') !== false) { + return 'Invalid table prefix'; + } + + try { + define('WT_TBLPREFIX', $tblpfx); + Database::createInstance($dbhost, $dbport, '', $dbuser, $dbpass); + Database::exec("CREATE DATABASE IF NOT EXISTS `{$dbname}` COLLATE utf8_unicode_ci"); + Database::exec("USE `{$dbname}`"); + Database::disconnect(); + } catch (PDOException $ex) { + return I18N::translate('Unable to connect using this username and password. Your server gave the following error.') . '<br><br>' . Html::escape($ex->getMessage()) . '<br><br>' . I18N::translate('Check the settings and try again.'); + } + + return ''; + } + + /** + * Check we can write to the data folder. + * + * @param string $data_dir + * + * @return bool + */ + private function checkFolderIsWritable(string $data_dir): bool { + $text1 = uniqid(); + try { + file_put_contents($data_dir . 'test.txt', $text1); + $text2 = file_get_contents(WT_DATA_DIR . 'test.txt'); + unlink(WT_DATA_DIR . 'test.txt'); + } catch (Exception $ex) { + return false; + } + + return $text1 === $text2; + } + + /** + * Check the language parameters are OK. + * + * @param Request $request + * + * @return bool + */ + private function checkLanguage(Request $request): bool { + try { + I18N::init($request->get('lang')); + } catch (Exception $ex) { + return false; + } + + return true; + } + + /** + * @param string $lang + * @param string $dbhost + * @param string $dbport + * @param string $dbuser + * @param string $dbpass + * @param string $dbname + * @param string $tblpfx + * @param string $wtname + * @param string $wtuser + * @param string $wtpass + * @param string $wtemail + * + * @return string + */ + private function createConfigFile($dbhost, $dbport, $dbuser, $dbpass, $dbname, $tblpfx, $wtname, $wtuser, $wtpass, $wtemail): string { + + try { + // Create/update the database tables. + Database::createInstance($dbhost, $dbport, $dbname, $dbuser, $dbpass); + Database::updateSchema('\Fisharebest\Webtrees\Schema', 'WT_SCHEMA_VERSION', 30); + + // If we are re-installing, then this user may already exist. + $admin = User::findByIdentifier($wtemail); + if ($admin === null) { + $admin = User::findByIdentifier($wtuser); + } + // Create the user + if ($admin === null) { + $admin = User::create($wtuser, $wtname, $wtemail, $wtpass) + ->setPreference('language', WT_LOCALE) + ->setPreference('visibleonline', '1'); + } else { + $admin->setPassword($_POST['wtpass']); + } + // Make the user an administrator + $admin + ->setPreference('canadmin', '1') + ->setPreference('verified', '1') + ->setPreference('verified_by_admin', '1'); + + // Write the config file. We already checked that this would work. + $config_ini_php = + '; <' . '?php exit; ?' . '> DO NOT DELETE THIS LINE' . PHP_EOL . + 'dbhost="' . addcslashes($dbhost, '"') . '"' . PHP_EOL . + 'dbport="' . addcslashes($dbport, '"') . '"' . PHP_EOL . + 'dbuser="' . addcslashes($dbuser, '"') . '"' . PHP_EOL . + 'dbpass="' . addcslashes($dbpass, '"') . '"' . PHP_EOL . + 'dbname="' . addcslashes($dbname, '"') . '"' . PHP_EOL . + 'tblpfx="' . addcslashes($tblpfx, '"') . '"' . PHP_EOL; + + file_put_contents(WT_DATA_DIR . 'config.ini.php', $config_ini_php); + + // Done - start using webtrees! + return ''; + } catch (PDOException $ex) { + return $ex->getMessage(); + } + } + + /** + * @param Request $request + * + * @return array + */ + private function extractParameters(Request $request): array { + return [ + 'lang' => $request->get('lang', ''), + 'dbhost' => $request->get('dbhost', ''), + 'dbport' => $request->get('dbport', ''), + 'dbuser' => $request->get('dbuser', ''), + 'dbpass' => $request->get('dbpass', ''), + 'dbname' => $request->get('dbname', ''), + 'tblpfx' => $request->get('tblpfx', 'wt_'), + 'wtname' => $request->get('wtname', ''), + 'wtuser' => $request->get('wtuser', ''), + 'wtpass' => $request->get('wtpass', ''), + 'wtemail' => $request->get('wtemail', ''), + ]; + } + + /** + * The server's memory limit + * + * @return int + */ + private function maxExecutionTime(): int { + return (int) ini_get('max_execution_time'); + } + + /** + * The server's memory limit (in MB). + * + * @return int + */ + private function memoryLimit(): int { + $memory_limit = ini_get('memory_limit'); + + switch (substr($memory_limit, -1)) { + case 'k': + case 'K': + $memory_limit = substr($memory_limit, 0, -1) / 1024; + break; + case 'm': + case 'M': + $memory_limit = substr($memory_limit, 0, -1); + break; + case 'g': + case 'G': + $memory_limit = substr($memory_limit, 0, -1) * 1024; + break; + case 't': + case 'T': + $memory_limit = substr($memory_limit, 0, -1) * 1024 * 1024; + break; + default: + $memory_limit = $memory_limit / 1024 / 1024; + } + + return (int) $memory_limit; + } + + /** + * A list of major server issues. + * + * @return array + */ + private function serverErrors(): array { + $extensions = ['mbstring', 'iconv', 'pcre', 'pdo', 'pdo_mysql', 'session']; + $functions = ['parse_ini_file']; + $errors = []; + + if (!$this->checkFolderIsWritable(WT_DATA_DIR)) { + $errors[] = '<code>' . Html::escape(realpath(WT_DATA_DIR)) . '</code><br>' . I18N::translate('Oops! webtrees was unable to create files in this folder.') . '<br>' . I18N::translate('This usually means that you need to change the folder permissions to 777.') . '<br>' . I18N::translate('You must change this before you can continue.'); + } + + foreach ($extensions as $extension) { + if (!extension_loaded($extension)) { + $errors[] = I18N::translate('PHP extension “%s” is disabled. You cannot install webtrees until this is enabled. Please ask your server’s administrator to enable it.', $extension); + } + } + + $disable_functions = preg_split('/ *, */', ini_get('disable_functions')); + foreach ($functions as $function) { + if (in_array($function, $disable_functions)) { + $errors[] = /* I18N: %s is a PHP function/module/setting */ I18N::translate('%s is disabled on this server. You cannot install webtrees until it is enabled. Please ask your server’s administrator to enable it.', $function . '()'); + } + } + + return $errors; + } + + /** + * A list of minor server issues. + * + * @return array + */ + private function serverWarnings(): array { + $extensions = [ + 'gd' => /* I18N: a program feature */ I18N::translate('creating thumbnails of images'), + 'xml' => /* I18N: a program feature */ I18N::translate('reporting'), + 'simplexml' => /* I18N: a program feature */ I18N::translate('reporting'), + ]; + $settings = [ + 'file_uploads' => /* I18N: a program feature */ I18N::translate('file upload capability') + ]; + $warnings = []; + + foreach ($extensions as $extension => $features) { + if (!extension_loaded($extension)) { + $warnings[] = I18N::translate('PHP extension “%1$s” is disabled. Without it, the following features will not work: %2$s. Please ask your server’s administrator to enable it.', $extension, $features); + } + } + + foreach ($settings as $setting => $features) { + if (!ini_get($setting)) { + $warnings[] = I18N::translate('PHP setting “%1$s” is disabled. Without it, the following features will not work: %2$s. Please ask your server’s administrator to enable it.', $setting, $features); + } + } + + return $warnings; + } + + /** + * Create a response object from a view. + * + * @param string $name + * @param string[] $data + * + * @return Response + */ + protected function viewResponse($name, $data): Response { + $html = View::make('layouts/setup', [ + 'content' => View::make($name, $data), + ]); + + return new Response($html); + } +} diff --git a/app/View.php b/app/View.php index 93cdb4c08c..8bde04d9c9 100644 --- a/app/View.php +++ b/app/View.php @@ -63,13 +63,13 @@ class View { */ public static function getFilenameForView($view_name) { $view_file = $view_name . '.php'; - $theme_view = WT_THEMES_DIR . Theme::theme()->themeId() . '/resources/views/' . $view_file; + //$theme_view = WT_THEMES_DIR . Theme::theme()->themeId() . '/resources/views/' . $view_file; - if (file_exists($theme_view)) { - return $theme_view; - } else { + //if (file_exists($theme_view)) { + // return $theme_view; + //} else { return WT_ROOT . 'resources/views/' . $view_file; - } + //} } /** diff --git a/includes/session.php b/includes/session.php index 85ab65d7a9..320a2567d7 100644 --- a/includes/session.php +++ b/includes/session.php @@ -20,6 +20,7 @@ use Fisharebest\Webtrees\Theme\AdministrationTheme; use League\Flysystem\Adapter\Local; use League\Flysystem\Filesystem; use PDOException; +use Symfony\Component\HttpFoundation\RedirectResponse; use Symfony\Component\HttpFoundation\Request; use Throwable; @@ -199,7 +200,9 @@ if (file_exists(WT_ROOT . 'data/config.ini.php')) { } } else { // No config file. Set one up. - header('Location: setup.php'); + $url = Html::url('setup.php', ['route' => 'setup']); + $response = new RedirectResponse($url); + $response->send(); exit; } diff --git a/resources/views/admin/control-panel.php b/resources/views/admin/control-panel.php index 3509541877..c1c97f9ac0 100644 --- a/resources/views/admin/control-panel.php +++ b/resources/views/admin/control-panel.php @@ -280,8 +280,8 @@ <h2 class="mb-0"> <?= I18N::translate('Modules') ?> <span class="badge badge-secondary"> - <?= I18N::number(count($all_modules)) ?> - </span> + <?= I18N::number(count($all_modules)) ?> + </span> </h2> </div> <div class="card-body"> diff --git a/resources/views/admin/module-components.php b/resources/views/admin/module-components.php index fd759509b7..07ae235957 100644 --- a/resources/views/admin/module-components.php +++ b/resources/views/admin/module-components.php @@ -12,7 +12,7 @@ <h1><?= $page_title ?></h1> <form action="admin.php" method="post"> - <input type="hidden" name="route" value="update-module-access"> + <input type="hidden" name="route" value="admin-update-module-access"> <input type="hidden" name="component" value="<?= Html::escape($component) ?>"> <?= Filter::getCsrf() ?> <table class="table table-bordered" class="row"> diff --git a/resources/views/admin/modules.php b/resources/views/admin/modules.php index 3c88c81bfe..56731aa0b3 100644 --- a/resources/views/admin/modules.php +++ b/resources/views/admin/modules.php @@ -21,7 +21,7 @@ <div class="alert alert-warning" role="alert"> <form action="admin.php" class="form-inline" method="POST"> <?= Filter::getCsrf() ?> - <input type="hidden" name="route" value="delete-module-settings"> + <input type="hidden" name="route" value="admin-delete-module-settings"> <input type="hidden" name="module_name" value="<?= $module_name ?>"> <?= I18N::translate('Preferences exist for the module “%s”, but this module no longer exists.', $module_name) ?> <button type="submit" class="btn btn-secondary text-wrap"> @@ -32,7 +32,7 @@ <?php endforeach ?> <form action="admin.php" method="POST"> - <input type="hidden" name="route" value="update-module-status"> + <input type="hidden" name="route" value="admin-update-module-status"> <?= Filter::getCsrf() ?> <table class="table table-bordered table-hover table-sm table-module-administration" data-info="false" data-paging="false" data-state-save="true"> <caption class="sr-only"> diff --git a/resources/views/layouts/setup.php b/resources/views/layouts/setup.php new file mode 100644 index 0000000000..19de717569 --- /dev/null +++ b/resources/views/layouts/setup.php @@ -0,0 +1,21 @@ +<?php use Fisharebest\Webtrees\I18N; ?> +<!DOCTYPE html> +<html <?= I18N::htmlAttributes() ?>> + <head> + <meta charset="UTF-8"> + <meta name="viewport" content="width=device-width, initial-scale=1"> + + <title><?= I18N::translate('Setup wizard for webtrees') ?></title> + + <link rel="icon" href="favicon.ico" type="image/x-icon"> + <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta.2/css/bootstrap.min.css" integrity="sha384-PsH8R72JQ3SOdhVi3uxftmaW6Vc51MKb0q5P2rRUpPvrszuE4W1povHYgTpBfshb" crossorigin="anonymous"> + </head> + + <body class="container"> + <h1 class="text-info"> + <?= I18N::translate('Setup wizard for webtrees') ?> + </h1> + + <?= $content ?> + </body> +</html> diff --git a/resources/views/setup/step-1-language.php b/resources/views/setup/step-1-language.php new file mode 100644 index 0000000000..d155e7282b --- /dev/null +++ b/resources/views/setup/step-1-language.php @@ -0,0 +1,37 @@ +<?php use Fisharebest\Webtrees\Html; ?> +<?php use Fisharebest\Webtrees\I18N; ?> + +<form method="POST" autocomplete="off"> + <input name="route" type="hidden" value="setup"> + <input name="dbhost" type="hidden" value="<?= Html::escape($dbhost) ?>"> + <input name="dbport" type="hidden" value="<?= Html::escape($dbport) ?>"> + <input name="dbuser" type="hidden" value="<?= Html::escape($dbuser) ?>"> + <input name="dbpass" type="hidden" value="<?= Html::escape($dbpass) ?>"> + <input name="dbname" type="hidden" value="<?= Html::escape($dbname) ?>"> + <input name="tblpfx" type="hidden" value="<?= Html::escape($tblpfx) ?>"> + <input name="wtname" type="hidden" value="<?= Html::escape($wtname) ?>"> + <input name="wtuser" type="hidden" value="<?= Html::escape($wtuser) ?>"> + <input name="wtpass" type="hidden" value="<?= Html::escape($wtpass) ?>"> + <input name="wtemail" type="hidden" value="<?= Html::escape($wtemail) ?>"> + + <div class="row form-group"> + <label class="col-form-label col-sm-3" for="lang"> + <?= I18N::translate('Language') ?> + </label> + <div class="col-sm-9"> + <select class="form-control" id="lang" name="lang"> + <?php foreach ($locales as $locale): ?> + <option value="<?= $locale->languageTag() ?>" <?= $lang === $locale->languageTag() ? 'selected' : '' ?>> + <?= $locale->endonym() ?> + </option> + <?php endforeach ?> + </select> + </div> + </div> + + <hr> + + <button class="btn btn-primary" name="step" type="submit" value="2"> + <?= I18N::translate('next') ?> + </button> +</form> diff --git a/resources/views/setup/step-2-server-checks.php b/resources/views/setup/step-2-server-checks.php new file mode 100644 index 0000000000..12431f085f --- /dev/null +++ b/resources/views/setup/step-2-server-checks.php @@ -0,0 +1,71 @@ +<?php use Fisharebest\Webtrees\Html; ?> +<?php use Fisharebest\Webtrees\I18N; ?> + +<form method="POST" autocomplete="off"> + <input name="route" type="hidden" value="setup"> + <input name="lang" type="hidden" value="<?= Html::escape($lang) ?>"> + <input name="dbhost" type="hidden" value="<?= Html::escape($dbhost) ?>"> + <input name="dbport" type="hidden" value="<?= Html::escape($dbport) ?>"> + <input name="dbuser" type="hidden" value="<?= Html::escape($dbuser) ?>"> + <input name="dbpass" type="hidden" value="<?= Html::escape($dbpass) ?>"> + <input name="dbname" type="hidden" value="<?= Html::escape($dbname) ?>"> + <input name="tblpfx" type="hidden" value="<?= Html::escape($tblpfx) ?>"> + <input name="wtname" type="hidden" value="<?= Html::escape($wtname) ?>"> + <input name="wtuser" type="hidden" value="<?= Html::escape($wtuser) ?>"> + <input name="wtpass" type="hidden" value="<?= Html::escape($wtpass) ?>"> + <input name="wtemail" type="hidden" value="<?= Html::escape($wtemail) ?>"> + + <h2><?= I18N::translate('Checking server configuration') ?></h2> + + <?php foreach ($errors as $error): ?> + <p class="alert alert-danger"><?= $error ?></p> + <?php endforeach ?> + + <?php foreach ($warnings as $warning): ?> + <p class="alert alert-warning"><?= $warning ?></p> + <?php endforeach ?> + + <?php if (empty($errors) && empty($warnings)): ?> + <p> + <?= I18N::translate('The server configuration is OK.') ?> + </p> + <?php endif ?> + + <h2><?= I18N::translate('Checking server capacity') ?></h2> + + <p> + <?= I18N::translate('The memory and CPU time requirements depend on the number of individuals in your family tree.') ?> + </p> + <p> + <?= I18N::translate('The following list shows typical requirements.') ?> + </p> + <p> + <?= I18N::translate('Small systems (500 individuals): 16–32 MB, 10–20 seconds') ?> + <br> + <?= I18N::translate('Medium systems (5,000 individuals): 32–64 MB, 20–40 seconds') ?> + <br> + <?= I18N::translate('Large systems (50,000 individuals): 64–128 MB, 40–80 seconds') ?> + </p> + + <p class="alert alert-<?= $memory_limit < 32 || $cpu_limit > 0 && $cpu_limit < 20 ? 'danger' : 'success' ?>"> + <?= I18N::translate('This server’s memory limit is %s MB and its CPU time limit is %s seconds.', I18N::number($memory_limit), I18N::number($cpu_limit)) ?> + </p> + + <p> + <?= I18N::translate('If you try to exceed these limits, you may experience server time-outs and blank pages.') ?> + </p> + + <p> + <?= I18N::translate('If your server’s security policy permits it, you will be able to request increased memory or CPU time using the webtrees administration page. Otherwise, you will need to contact your server’s administrator.') ?> + </p> + + <hr> + + <button class="btn btn-primary" name="step" type="submit" value="3"> + <?= I18N::translate('next') ?> + </button> + + <button class="btn btn-link" name="step" type="submit" value="1"> + <?= I18N::translate('previous') ?> + </button> +</form> diff --git a/resources/views/setup/step-3-database-connection.php b/resources/views/setup/step-3-database-connection.php new file mode 100644 index 0000000000..34e2a9eba3 --- /dev/null +++ b/resources/views/setup/step-3-database-connection.php @@ -0,0 +1,89 @@ +<?php use Fisharebest\Webtrees\Html; ?> +<?php use Fisharebest\Webtrees\I18N; ?> + +<form method="POST" autocomplete="off"> + <input name="route" type="hidden" value="setup"> + <input name="lang" type="hidden" value="<?= Html::escape($lang) ?>"> + <input name="dbname" type="hidden" value="<?= Html::escape($dbname) ?>"> + <input name="tblpfx" type="hidden" value="<?= Html::escape($tblpfx) ?>"> + <input name="wtname" type="hidden" value="<?= Html::escape($wtname) ?>"> + <input name="wtuser" type="hidden" value="<?= Html::escape($wtuser) ?>"> + <input name="wtpass" type="hidden" value="<?= Html::escape($wtpass) ?>"> + <input name="wtemail" type="hidden" value="<?= Html::escape($wtemail) ?>"> + + <h2><?= I18N::translate('Connection to database server') ?></h2> + + <p> + <?= I18N::translate('webtrees needs a MySQL database, version %s or later.', '5') ?> + </p> + + <p> + <?= I18N::translate('Your server’s administrator will provide you with the connection details.') ?> + </p> + + <h3><?= I18N::translate('Database connection') ?></h3> + + <?php if ($db_conn_error): ?> + <p class="alert alert-danger"> + <?= $db_error ?> + </p> + <?php endif ?> + + <div class="row form-group"> + <label class="col-form-label col-sm-3" for="dbhost"> + <?= I18N::translate('Server name') ?> + </label> + <div class="col-sm-9"> + <input class="form-control" id="dbhost" name="dbhost" type="text" value="<?= Html::escape($dbhost) ?>" dir="ltr" required> + <p class="small text-muted"> + <?= I18N::translate('Most sites are configured to use localhost. This means that your database runs on the same computer as your web server.') ?> + </p> + </div> + </div> + + <div class="row form-group"> + <label class="col-form-label col-sm-3" for="dbport"> + <?= I18N::translate('Port number') ?> + </label> + <div class="col-sm-9"> + <input class="form-control" id="dbport" name="dbport" pattern="\d+" type="text" value="<?= Html::escape($dbport) ?>" dir="ltr" required> + <p class="small text-muted"> + <?= I18N::translate('Most sites are configured to use the default value of 3306.') ?> + </p> + </div> + </div> + + <div class="row form-group"> + <label class="col-form-label col-sm-3" for="dbuser"> + <?= I18N::translate('Database user account') ?> + </label> + <div class="col-sm-9"> + <input class="form-control" id="dbuser" name="dbuser" type="text" value="<?= Html::escape($dbuser) ?>" dir="ltr" required> + <p class="small text-muted"> + <?= I18N::translate('This is case sensitive.') ?> + </p> + </div> + </div> + + <div class="row form-group"> + <label class="col-form-label col-sm-3" for="dbpass"> + <?= I18N::translate('Database password') ?> + </label> + <div class="col-sm-9"> + <input class="form-control" id="dbpass" name="dbpass" type="password" value="<?= Html::escape($dbpass) ?>" dir="ltr"> + <p class="small text-muted"> + <?= I18N::translate('This is case sensitive.') ?> + </p> + </div> + </div> + + <hr> + + <button class="btn btn-primary" name="step" type="submit" value="4"> + <?= I18N::translate('next') ?> + </button> + + <button class="btn btn-link" name="step" type="submit" value="2"> + <?= I18N::translate('previous') ?> + </button> +</form> diff --git a/resources/views/setup/step-4-database-name.php b/resources/views/setup/step-4-database-name.php new file mode 100644 index 0000000000..64ef71e9a4 --- /dev/null +++ b/resources/views/setup/step-4-database-name.php @@ -0,0 +1,63 @@ +<?php use Fisharebest\Webtrees\Html; ?> +<?php use Fisharebest\Webtrees\I18N; ?> + +<form method="POST" autocomplete="off"> + <input name="route" type="hidden" value="setup"> + <input name="lang" type="hidden" value="<?= Html::escape($lang) ?>"> + <input name="dbhost" type="hidden" value="<?= Html::escape($dbhost) ?>"> + <input name="dbport" type="hidden" value="<?= Html::escape($dbport) ?>"> + <input name="dbuser" type="hidden" value="<?= Html::escape($dbuser) ?>"> + <input name="dbpass" type="hidden" value="<?= Html::escape($dbpass) ?>"> + <input name="wtname" type="hidden" value="<?= Html::escape($wtname) ?>"> + <input name="wtuser" type="hidden" value="<?= Html::escape($wtuser) ?>"> + <input name="wtpass" type="hidden" value="<?= Html::escape($wtpass) ?>"> + <input name="wtemail" type="hidden" value="<?= Html::escape($wtemail) ?>"> + + <h2> + <?= I18N::translate('Database and table names') ?> + </h2> + + <p> + <?= I18N::translate('A database server can store many separate databases. You need to select an existing database (created by your server’s administrator) or create a new one (if your database user account has sufficient privileges).') ?> + </p> + + <?php if ($db_conn_error): ?> + <p class="alert alert-danger"> + <?= $db_error ?> + </p> + <?php endif ?> + + <div class="row form-group"> + <label class="col-form-label col-sm-3" for="dbname"> + <?= I18N::translate('Database name') ?> + </label> + <div class="col-sm-9"> + <input class="form-control" dir="ltr" id="dbname" name="dbname" pattern="^[^`]+$" required type="text" value="<?= Html::escape($dbname) ?>"> + <p class="small text-muted"> + <?= I18N::translate('This is case sensitive. If a database with this name does not already exist webtrees will attempt to create one for you. Success will depend on permissions set for your web server, but you will be notified if this fails.') ?> + </p> + </div> + </div> + + <div class="row form-group"> + <label class="col-form-label col-sm-3" for="tblpfx"> + <?= I18N::translate('Table prefix') ?> + </label> + <div class="col-sm-9"> + <input class="form-control" dir="ltr" id="tblpfx" name="tblpfx" pattern="^[^`]*$" type="text" value="<?= Html::escape($tblpfx) ?>"> + <p class="small text-muted"> + <?= I18N::translate('The prefix is optional, but recommended. By giving the table names a unique prefix you can let several different applications share the same database. “wt_” is suggested, but can be anything you want.') ?> + </p> + </div> + </div> + + <hr> + + <button class="btn btn-primary" name="step" type="submit" value="5"> + <?= I18N::translate('next') ?> + </button> + + <button class="btn btn-link" name="step" type="submit" value="3"> + <?= I18N::translate('previous') ?> + </button> +</form> diff --git a/resources/views/setup/step-5-administrator.php b/resources/views/setup/step-5-administrator.php new file mode 100644 index 0000000000..a9dd3a8c79 --- /dev/null +++ b/resources/views/setup/step-5-administrator.php @@ -0,0 +1,83 @@ +<?php use Fisharebest\Webtrees\Html; ?> +<?php use Fisharebest\Webtrees\I18N; ?> + +<form method="POST" autocomplete="off"> + <input name="route" type="hidden" value="setup"> + <input name="lang" type="hidden" value="<?= Html::escape($lang) ?>"> + <input name="dbhost" type="hidden" value="<?= Html::escape($dbhost) ?>"> + <input name="dbport" type="hidden" value="<?= Html::escape($dbport) ?>"> + <input name="dbuser" type="hidden" value="<?= Html::escape($dbuser) ?>"> + <input name="dbpass" type="hidden" value="<?= Html::escape($dbpass) ?>"> + <input name="dbname" type="hidden" value="<?= Html::escape($dbname) ?>"> + <input name="tblpfx" type="hidden" value="<?= Html::escape($tblpfx) ?>"> + + <h2><?= I18N::translate('Administrator account') ?></h2> + + <p> + <?= I18N::translate('You need to set up an administrator account. This account can control all aspects of this webtrees installation. Please choose a strong password.') ?> + </p> + + <?php if ($wt_user_error): ?> + <p class="alert alert-danger"> + <?= $wt_user_error ?> + </p> + <?php endif ?> + + <div class="row form-group"> + <label class="col-form-label col-sm-3" for="wtname"> + <?= I18N::translate('Your name') ?> + </label> + <div class="col-sm-9"> + <input class="form-control" dir="ltr" id="wtname" name="wtname" required type="text" value="<?= Html::escape($wtname) ?>"> + <p class="small text-muted"> + <?= I18N::translate('This is your real name, as you would like it displayed on screen.') ?> + </p> + </div> + </div> + + <div class="row form-group"> + <label class="col-form-label col-sm-3" for="wtuser"> + <?= I18N::translate('Username') ?> + </label> + <div class="col-sm-9"> + <input class="form-control" dir="ltr" id="wtuser" name="wtuser" required type="text" value="<?= Html::escape($wtuser) ?>"> + <p class="small text-muted"> + <?= I18N::translate('You will use this to sign in to webtrees.') ?> + </p> + </div> + </div> + + <div class="row form-group"> + <label class="col-form-label col-sm-3" for="wtpass"> + <?= I18N::translate('Password') ?> + </label> + <div class="col-sm-9"> + <input class="form-control" dir="ltr" id="wtpass" name="wtpass" pattern=".{6,}" required type="password" value="<?= Html::escape($wtpass) ?>"> + <p class="small text-muted"> + <?= I18N::translate('This must be at least six characters long. It is case-sensitive.') ?> + </p> + </div> + </div> + + <div class="row form-group"> + <label class="col-form-label col-sm-3" for="wtemail"> + <?= I18N::translate('Email address') ?> + </label> + <div class="col-sm-9"> + <input class="form-control" dir="ltr" id="wtemail" name="wtemail" required type="email" value="<?= Html::escape($wtemail) ?>"> + <p class="small text-muted"> + <?= I18N::translate('This email address will be used to send password reminders, website notifications, and messages from other family members who are registered on the website.') ?> + </p> + </div> + </div> + + <hr> + + <button class="btn btn-primary" name="step" type="submit" value="6"> + <?= I18N::translate('next') ?> + </button> + + <button class="btn btn-link" name="step" type="submit" value="4"> + <?= I18N::translate('previous') ?> + </button> +</form> diff --git a/resources/views/setup/step-6-failed.php b/resources/views/setup/step-6-failed.php new file mode 100644 index 0000000000..3adf65c035 --- /dev/null +++ b/resources/views/setup/step-6-failed.php @@ -0,0 +1,13 @@ +<?php use Fisharebest\Webtrees\I18N; ?> + +<p> + <?= I18N::translate('An unexpected database error occurred.') ?> +</p> + +<pre> + <?= $error ?> +</pre> + +<p> + <?= I18N::translate('The webtrees developers would be very interested to learn about this error. If you contact them, they will help you resolve the problem.') ?> +</p> @@ -15,17 +15,20 @@ */ namespace Fisharebest\Webtrees; -use PDOException; +use ErrorException; +use Fisharebest\Webtrees\Controller\SetupController; +use Symfony\Component\HttpFoundation\RedirectResponse; +use Symfony\Component\HttpFoundation\Request; +// This script (uniquely) does not load session.php. +// session.php won’t run until a configuration file exists… +// This next block of code is a minimal version of session.php error_reporting(E_ALL); define('WT_CONFIG_FILE', 'config.ini.php'); require 'vendor/autoload.php'; -// This script (uniquely) does not load session.php. -// session.php won’t run until a configuration file exists… -// This next block of code is a minimal version of session.php define('WT_WEBTREES', 'webtrees'); define('WT_BASE_URL', ''); define('WT_DATA_DIR', 'data/'); @@ -40,467 +43,26 @@ date_default_timezone_set('UTC'); // Convert PHP errors into exceptions set_error_handler(function ($errno, $errstr, $errfile, $errline) { - if (error_reporting() & $errno) { - throw new \ErrorException($errstr, 0, $errno, $errfile, $errline); - } else { - return false; - } + throw new ErrorException($errstr, 0, $errno, $errfile, $errline); }); -if (file_exists(WT_DATA_DIR . WT_CONFIG_FILE)) { - header('Location: index.php'); - - return; -} - -if (version_compare(PHP_VERSION, WT_REQUIRED_PHP_VERSION) < 0) { - echo - '<h1>Sorry, the setup wizard cannot start.</h1>', - '<p>This server is running PHP version ', PHP_VERSION, '</p>', - '<p>PHP ', WT_REQUIRED_PHP_VERSION, ' (or any later version) is required</p>'; - - return; -} - -define('WT_LOCALE', I18N::init(Filter::post('lang', '[a-zA-Z-]+', Filter::get('lang', '[a-zA-Z-]+')))); - -header('Content-Type: text/html; charset=UTF-8'); - -?> -<!DOCTYPE html> -<html <?= I18N::htmlAttributes() ?>> -<head> - <meta charset="UTF-8"> - <title> - webtrees setup wizard - </title> - <style type="text/css"> - body {color: black; background-color: white; font: 14px tahoma, arial, helvetica, sans-serif; padding:10px; } - a {color: black; font-weight: normal; text-decoration: none;} - a:hover {color: #81A9CB;} - h1 {color: #81A9CB; font-weight:normal;} - legend {color:#81A9CB; font-style: italic; font-weight:bold; padding: 0 5px 5px;} - .good {color: green;} - .bad {color: red; font-weight: bold;} - .info {color: blue;} - </style> - </head> - <body> - <h1> - <?= I18N::translate('Setup wizard for webtrees') ?> - </h1> -<?php - -echo '<form name="config" method="post" onsubmit="this.btncontinue.disabled=\'disabled\';">'; -echo '<input type="hidden" name="lang" value="', WT_LOCALE, '">'; +define('WT_LOCALE', I18N::init('en-US')); -//////////////////////////////////////////////////////////////////////////////// -// Step one - choose language and confirm server configuration -//////////////////////////////////////////////////////////////////////////////// +// The HTTP request. +$request = Request::createFromGlobals(); +$method = $request->getMethod(); +$route = $request->get('route'); -if (!isset($_POST['lang'])) { - $installed_languages = []; - foreach (I18N::installedLocales() as $installed_locale) { - $installed_languages[$installed_locale->languageTag()] = $installed_locale->endonym(); - } +switch ($method . ':' . $route) { +default: + $url = Html::url('setup.php', ['route' => 'setup']); + $response = new RedirectResponse($url); + break; - echo - '<p>', I18N::translate('Language'), ' ', - Bootstrap4::select($installed_languages, WT_LOCALE, ['onchange' => 'window.location="?lang="+this.value;']), - '</p>', - '<h2>', I18N::translate('Checking server configuration'), '</h2>'; - $warnings = false; - $errors = false; - - // Mandatory functions - $disable_functions = preg_split('/ *, */', ini_get('disable_functions')); - foreach (['parse_ini_file'] as $function) { - if (in_array($function, $disable_functions)) { - echo '<p class="bad">', /* I18N: %s is a PHP function/module/setting */ I18N::translate('%s is disabled on this server. You cannot install webtrees until it is enabled. Please ask your server’s administrator to enable it.', $function . '()'), '</p>'; - $errors = true; - } - } - // Mandatory extensions - foreach (['mbstring', 'iconv', 'pcre', 'pdo', 'pdo_mysql', 'session'] as $extension) { - if (!extension_loaded($extension)) { - echo '<p class="bad">', I18N::translate('PHP extension “%s” is disabled. You cannot install webtrees until this is enabled. Please ask your server’s administrator to enable it.', $extension), '</p>'; - $errors = true; - } - } - // Recommended extensions - foreach ([ - 'gd' => /* I18N: a program feature */ I18N::translate('creating thumbnails of images'), - 'xml' => /* I18N: a program feature */ I18N::translate('reporting'), - 'simplexml' => /* I18N: a program feature */ I18N::translate('reporting'), - ] as $extension => $features) { - if (!extension_loaded($extension)) { - echo '<p class="bad">', I18N::translate('PHP extension “%1$s” is disabled. Without it, the following features will not work: %2$s. Please ask your server’s administrator to enable it.', $extension, $features), '</p>'; - $warnings = true; - } - } - // Settings - foreach ([ - 'file_uploads' => /* I18N: a program feature */ I18N::translate('file upload capability'), - ] as $setting => $features) { - if (!ini_get($setting)) { - echo '<p class="bad">', I18N::translate('PHP setting “%1$s” is disabled. Without it, the following features will not work: %2$s. Please ask your server’s administrator to enable it.', $setting, $features), '</p>'; - $warnings = true; - } - } - if (!$warnings && !$errors) { - echo '<p class="good">', I18N::translate('The server configuration is OK.'), '</p>'; - } - echo '<h2>', I18N::translate('Checking server capacity'), '</h2>'; - // Previously, we tried to determine the maximum value that we could set for these values. - // However, this is unreliable, especially on servers with custom restrictions. - // Now, we just show the default values. These can (hopefully!) be changed using the - // site settings page. - $memory_limit = ini_get('memory_limit'); - if (substr_compare($memory_limit, 'M', -1) === 0) { - $memory_limit = substr($memory_limit, 0, -1); - } elseif (substr_compare($memory_limit, 'K', -1) === 0) { - $memory_limit = substr($memory_limit, 0, -1) / 1024; - } elseif (substr_compare($memory_limit, 'G', -1) === 0) { - $memory_limit = substr($memory_limit, 0, -1) * 1024; - } - $max_execution_time = ini_get('max_execution_time'); - echo - '<p>', - I18N::translate('The memory and CPU time requirements depend on the number of individuals in your family tree.'), - '<br>', - I18N::translate('The following list shows typical requirements.'), - '</p><p>', - I18N::translate('Small systems (500 individuals): 16–32 MB, 10–20 seconds'), - '<br>', - I18N::translate('Medium systems (5,000 individuals): 32–64 MB, 20–40 seconds'), - '<br>', - I18N::translate('Large systems (50,000 individuals): 64–128 MB, 40–80 seconds'), - '</p>', - ($memory_limit < 32 || $max_execution_time > 0 && $max_execution_time < 20) ? '<p class="bad">' : '<p class="good">', - I18N::translate('This server’s memory limit is %s MB and its CPU time limit is %s seconds.', I18N::number($memory_limit), I18N::number($max_execution_time)), - '</p><p>', - I18N::translate('If you try to exceed these limits, you may experience server time-outs and blank pages.'), - '</p><p>', - I18N::translate('If your server’s security policy permits it, you will be able to request increased memory or CPU time using the webtrees administration page. Otherwise, you will need to contact your server’s administrator.'), - '</p>'; - if (!$errors) { - echo '<br><hr><input type="submit" id="btncontinue" value="', /* I18N: A button label. */ I18N::translate('continue'), '">'; - } - echo '</form></body></html>'; - - return; -} - -//////////////////////////////////////////////////////////////////////////////// -// Step two - The data folder needs to be writable -//////////////////////////////////////////////////////////////////////////////// - -$text1 = uniqid(); -$text2 = ''; -try { - file_put_contents(WT_DATA_DIR . 'test.txt', $text1); - $text2 = file_get_contents(WT_DATA_DIR . 'test.txt'); - unlink(WT_DATA_DIR . 'test.txt'); -} catch (\ErrorException $ex) { -} - -if ($text1 !== $text2) { - echo '<h2>', realpath(WT_DATA_DIR), '</h2>'; - echo '<p class="bad">', I18N::translate('Oops! webtrees was unable to create files in this folder.'), '</p>'; - echo '<p>', I18N::translate('This usually means that you need to change the folder permissions to 777.'), '</p>'; - echo '<p>', I18N::translate('You must change this before you can continue.'), '</p>'; - echo '<br><hr><input type="submit" id="btncontinue" value="', I18N::translate('continue'), '">'; - echo '</form></body></html>'; - - return; -} - -//////////////////////////////////////////////////////////////////////////////// -// Step three - Database connection. -//////////////////////////////////////////////////////////////////////////////// - -if (!isset($_POST['dbhost'])) { - $_POST['dbhost'] = 'localhost'; -} -if (!isset($_POST['dbport'])) { - $_POST['dbport'] = '3306'; -} -if (!isset($_POST['dbuser'])) { - $_POST['dbuser'] = ''; -} -if (!isset($_POST['dbpass'])) { - $_POST['dbpass'] = ''; -} -if (!isset($_POST['dbname'])) { - $_POST['dbname'] = ''; -} -if (!isset($_POST['tblpfx'])) { - $_POST['tblpfx'] = 'wt_'; +case 'GET:setup': +case 'POST:setup': + $response = (new SetupController)->setup($request); + break; } -define('WT_TBLPREFIX', $_POST['tblpfx']); -$db_version_ok = false; -try { - Database::createInstance( - $_POST['dbhost'], - $_POST['dbport'], - '', // No DBNAME - we will connect to it explicitly - $_POST['dbuser'], - $_POST['dbpass'] - ); - Database::exec("SET NAMES 'utf8'"); - $row = Database::prepare("SHOW VARIABLES LIKE 'VERSION'")->fetchOneRow(); - if (version_compare($row->value, WT_REQUIRED_MYSQL_VERSION, '<')) { - echo '<p class="bad">', I18N::translate('This database is only running MySQL version %s. You cannot install webtrees here.', $row->value), '</p>'; - } else { - $db_version_ok = true; - } -} catch (PDOException $ex) { - Database::disconnect(); - if ($_POST['dbuser']) { - // If we’ve supplied a login, then show the error - echo - '<p class="bad">', I18N::translate('Unable to connect using this username and password. Your server gave the following error.'), '</p>', - '<pre>', $ex->getMessage(), '</pre>', - '<p class="bad">', I18N::translate('Check the settings and try again.'), '</p>'; - } -} - -if (empty($_POST['dbuser']) || !Database::isConnected() || !$db_version_ok) { - echo - '<h2>', I18N::translate('Connection to database server'), '</h2>', - '<p>', I18N::translate('webtrees needs a MySQL database, version %s or later.', WT_REQUIRED_MYSQL_VERSION), '</p>', - '<p>', I18N::translate('Your server’s administrator will provide you with the connection details.'), '</p>', - '<fieldset><legend>', I18N::translate('Database connection'), '</legend>', - '<table border="0"><tr><td>', - I18N::translate('Server name'), '</td><td>', - '<input type="text" name="dbhost" value="', Html::escape($_POST['dbhost']), '" dir="ltr" required></td><td>', - I18N::translate('Most sites are configured to use localhost. This means that your database runs on the same computer as your web server.'), - '</td></tr><tr><td>', - I18N::translate('Port number'), '</td><td>', - '<input type="text" name="dbport" value="', Html::escape($_POST['dbport']), '" required></td><td>', - I18N::translate('Most sites are configured to use the default value of 3306.'), - '</td></tr><tr><td>', - I18N::translate('Database user account'), '</td><td>', - '<input type="text" name="dbuser" value="', Html::escape($_POST['dbuser']), '" autofocus required></td><td>', - I18N::translate('This is case sensitive.'), - '</td></tr><tr><td>', - I18N::translate('Database password'), '</td><td>', - '<input type="password" name="dbpass" value="', Html::escape($_POST['dbpass']), '" required></td><td>', - I18N::translate('This is case sensitive.'), - '</td></tr><tr><td>', - '</td></tr></table>', - '</fieldset>', - '<br><hr><input type="submit" id="btncontinue" value="', I18N::translate('continue'), '">', - '</form>', - '</body></html>'; - - return; -} else { - // Copy these values through to the next step - echo '<input type="hidden" name="dbhost" value="', Html::escape($_POST['dbhost']), '">'; - echo '<input type="hidden" name="dbport" value="', Html::escape($_POST['dbport']), '">'; - echo '<input type="hidden" name="dbuser" value="', Html::escape($_POST['dbuser']), '">'; - echo '<input type="hidden" name="dbpass" value="', Html::escape($_POST['dbpass']), '">'; -} - -//////////////////////////////////////////////////////////////////////////////// -// Step four - Database connection. -//////////////////////////////////////////////////////////////////////////////// - -// The character ` is not valid in database or table names (even if escaped). -// By removing it, we can ensure that our SQL statements are quoted correctly. -// -// Other characters may be invalid (objects must be valid filenames on the -// MySQL server’s filesystem), so block the usual ones. -$DBNAME = str_replace(['`', '"', '\'', ':', '/', '\\', '\r', '\n', '\t', '\0'], '', $_POST['dbname']); -$TBLPREFIX = str_replace(['`', '"', '\'', ':', '/', '\\', '\r', '\n', '\t', '\0'], '', $_POST['tblpfx']); - -// If we have specified a database, and we have not used invalid characters, -// try to connect to it. -$dbname_ok = false; -if ($DBNAME && $DBNAME == $_POST['dbname'] && $TBLPREFIX == $_POST['tblpfx']) { - try { - // Try to create the database, if it does not exist. - Database::exec("CREATE DATABASE IF NOT EXISTS `{$DBNAME}` COLLATE utf8_unicode_ci"); - } catch (PDOException $ex) { - // If we have no permission to do this, there’s nothing helpful we can say. - // We’ll get a more helpful error message from the next test. - } - try { - Database::exec("USE `{$DBNAME}`"); - $dbname_ok = true; - } catch (PDOException $ex) { - echo - '<p class="bad">', I18N::translate('Unable to connect using this username and password. Your server gave the following error.'), '</p>', - '<pre>', $ex->getMessage(), '</pre>', - '<p class="bad">', I18N::translate('Check the settings and try again.'), '</p>'; - } -} - -// If the database exists, check whether it is already used by another application. -if ($dbname_ok) { - try { - // PhpGedView (4.2.3 and earlier) and many other applications have a USERS table. - // webtrees has a USER table - Database::prepare("SELECT COUNT(*) FROM `##users`")->fetchOne(); - echo '<p class="bad">', I18N::translate('This database and table-prefix appear to be used by another application. If you have an existing PhpGedView system, you should create a new webtrees system. You can import your PhpGedView data and settings later.'), '</p>'; - $dbname_ok = false; - } catch (PDOException $ex) { - // Table not found? Good! - } -} -if ($dbname_ok) { - try { - // PhpGedView (4.2.4 and later) has a site_setting.site_setting_name column. - // [We changed the column name in webtrees, so we can tell the difference!] - Database::prepare("SELECT site_setting_value FROM `##site_setting` WHERE site_setting_name='PGV_SCHEMA_VERSION'")->fetchOne(); - echo '<p class="bad">', I18N::translate('This database and table-prefix appear to be used by another application. If you have an existing PhpGedView system, you should create a new webtrees system. You can import your PhpGedView data and settings later.'), '</p>'; - $dbname_ok = false; - } catch (PDOException $ex) { - // Table/column not found? Good! - } -} - -if (!$dbname_ok) { - echo - '<h2>', I18N::translate('Database and table names'), '</h2>', - '<p>', I18N::translate('A database server can store many separate databases. You need to select an existing database (created by your server’s administrator) or create a new one (if your database user account has sufficient privileges).'), '</p>', - '<fieldset><legend>', I18N::translate('Database name'), '</legend>', - '<table border="0"><tr><td>', - I18N::translate('Database name'), '</td><td>', - '<input type="text" name="dbname" value="', Html::escape($_POST['dbname']), '" autofocus required></td><td>', - I18N::translate('This is case sensitive. If a database with this name does not already exist webtrees will attempt to create one for you. Success will depend on permissions set for your web server, but you will be notified if this fails.'), - '</td></tr><tr><td>', - I18N::translate('Table prefix'), '</td><td>', - '<input type="text" name="tblpfx" value="', Html::escape($_POST['tblpfx']), '"></td><td>', - I18N::translate('The prefix is optional, but recommended. By giving the table names a unique prefix you can let several different applications share the same database. “wt_” is suggested, but can be anything you want.'), - '</td></tr></table>', - '</fieldset>', - '<br><hr><input type="submit" id="btncontinue" value="', I18N::translate('continue'), '">', - '</form>', - '</body></html>'; - - return; -} else { - // Copy these values through to the next step - echo '<input type="hidden" name="dbname" value="', Html::escape($_POST['dbname']), '">'; - echo '<input type="hidden" name="tblpfx" value="', Html::escape($_POST['tblpfx']), '">'; -} - -//////////////////////////////////////////////////////////////////////////////// -// Step five - site setup data -//////////////////////////////////////////////////////////////////////////////// - -if (!isset($_POST['wtname'])) { - $_POST['wtname'] = ''; -} -if (!isset($_POST['wtuser'])) { - $_POST['wtuser'] = ''; -} -if (!isset($_POST['wtpass'])) { - $_POST['wtpass'] = ''; -} -if (!isset($_POST['wtpass2'])) { - $_POST['wtpass2'] = ''; -} -if (!isset($_POST['wtemail'])) { - $_POST['wtemail'] = ''; -} - -if (empty($_POST['wtname']) || empty($_POST['wtuser']) || strlen($_POST['wtpass']) < 6 || strlen($_POST['wtpass2']) < 6 || empty($_POST['wtemail']) || $_POST['wtpass'] != $_POST['wtpass2']) { - if (strlen($_POST['wtpass']) > 0 && strlen($_POST['wtpass']) < 6) { - echo '<p class="bad">', I18N::translate('The password needs to be at least six characters long.'), '</p>'; - } elseif ($_POST['wtpass'] != $_POST['wtpass2']) { - echo '<p class="bad">', I18N::translate('The passwords do not match.'), '</p>'; - } elseif ((empty($_POST['wtname']) || empty($_POST['wtuser']) || empty($_POST['wtpass']) || empty($_POST['wtemail'])) && $_POST['wtname'] . $_POST['wtuser'] . $_POST['wtpass'] . $_POST['wtemail'] != '') { - echo '<p class="bad">', I18N::translate('You must enter all the administrator account fields.'), '</p>'; - } - echo - '<h2>', I18N::translate('Administrator account'), '</h2>', - '<p>', I18N::translate('You need to set up an administrator account. This account can control all aspects of this webtrees installation. Please choose a strong password.'), '</p>', - '<fieldset><legend>', I18N::translate('Administrator account'), '</legend>', - '<table border="0"><tr><td>', - I18N::translate('Your name'), '</td><td>', - '<input type="text" name="wtname" value="', Html::escape($_POST['wtname']), '" autofocus required></td><td>', - I18N::translate('This is your real name, as you would like it displayed on screen.'), - '</td></tr><tr><td>', - I18N::translate('Username'), '</td><td>', - '<input type="text" name="wtuser" value="', Html::escape($_POST['wtuser']), '" required></td><td>', - I18N::translate('You will use this to sign in to webtrees.'), - '</td></tr><tr><td>', - I18N::translate('Password'), '</td><td>', - '<input type="password" name="wtpass" value="', Html::escape($_POST['wtpass']), '" required></td><td>', - I18N::translate('This must be at least six characters long. It is case-sensitive.'), - '</td></tr><tr><td></td><td>', - '<input type="password" name="wtpass2" value="', Html::escape($_POST['wtpass2']), '" required></td><td>', - I18N::translate('Type your password again, to make sure you have typed it correctly.'), - '</td></tr><tr><td>', - I18N::translate('Email address'), '</td><td>', - '<input type="email" name="wtemail" value="', Html::escape($_POST['wtemail']), '" required></td><td>', - I18N::translate('This email address will be used to send password reminders, website notifications, and messages from other family members who are registered on the website.'), - '</td></tr><tr><td>', - '</td></tr></table>', - '</fieldset>', - '<br><hr><input type="submit" id="btncontinue" value="', I18N::translate('continue'), '">', - '</form>', - '</body></html>'; - - return; -} else { - // Copy these values through to the next step - echo '<input type="hidden" name="wtname" value="', Html::escape($_POST['wtname']), '">'; - echo '<input type="hidden" name="wtuser" value="', Html::escape($_POST['wtuser']), '">'; - echo '<input type="hidden" name="wtpass" value="', Html::escape($_POST['wtpass']), '">'; - echo '<input type="hidden" name="wtpass2" value="', Html::escape($_POST['wtpass2']), '">'; - echo '<input type="hidden" name="wtemail" value="', Html::escape($_POST['wtemail']), '">'; -} - -//////////////////////////////////////////////////////////////////////////////// -// Step six We have a database connection and a writable folder. Do it! -//////////////////////////////////////////////////////////////////////////////// - -try { - // Create/update the database tables. - Database::updateSchema('\Fisharebest\Webtrees\Schema', 'WT_SCHEMA_VERSION', 30); - - // If we are re-installing, then this user may already exist. - $admin = User::findByIdentifier($_POST['wtemail']); - if ($admin === null) { - $admin = User::findByIdentifier($_POST['wtuser']); - } - // Create the user - if ($admin === null) { - $admin = User::create($_POST['wtuser'], $_POST['wtname'], $_POST['wtemail'], $_POST['wtpass']) - ->setPreference('language', WT_LOCALE) - ->setPreference('visibleonline', '1'); - } else { - $admin->setPassword($_POST['wtpass']); - } - // Make the user an administrator - $admin - ->setPreference('canadmin', '1') - ->setPreference('verified', '1') - ->setPreference('verified_by_admin', '1'); - - // Write the config file. We already checked that this would work. - $config_ini_php = - '; <' . '?php exit; ?' . '> DO NOT DELETE THIS LINE' . PHP_EOL . - 'dbhost="' . addcslashes($_POST['dbhost'], '"') . '"' . PHP_EOL . - 'dbport="' . addcslashes($_POST['dbport'], '"') . '"' . PHP_EOL . - 'dbuser="' . addcslashes($_POST['dbuser'], '"') . '"' . PHP_EOL . - 'dbpass="' . addcslashes($_POST['dbpass'], '"') . '"' . PHP_EOL . - 'dbname="' . addcslashes($_POST['dbname'], '"') . '"' . PHP_EOL . - 'tblpfx="' . addcslashes($_POST['tblpfx'], '"') . '"' . PHP_EOL; - - file_put_contents(WT_DATA_DIR . 'config.ini.php', $config_ini_php); - - // Done - start using webtrees! - echo '<script>document.location=document.location;</script>'; - echo '</form></body></html>'; -} catch (PDOException $ex) { - echo - '<p class="bad">', I18N::translate('An unexpected database error occurred.'), '</p>', - '<pre>', $ex->getMessage(), '</pre>', - '<p class="info">', I18N::translate('The webtrees developers would be very interested to learn about this error. If you contact them, they will help you resolve the problem.'), '</p>'; -} +$response->prepare($request)->send(); |
