diff options
Diffstat (limited to 'install')
| -rw-r--r-- | install/ElggInstaller.php | 39 | ||||
| -rw-r--r-- | install/ElggRewriteTester.php | 4 | ||||
| -rw-r--r-- | install/cli/sample_installer.php | 43 | ||||
| -rw-r--r-- | install/js/install.js | 21 | ||||
| -rw-r--r-- | install/languages/en.php | 5 |
5 files changed, 95 insertions, 17 deletions
diff --git a/install/ElggInstaller.php b/install/ElggInstaller.php index 03c84a43e..78cdde90f 100644 --- a/install/ElggInstaller.php +++ b/install/ElggInstaller.php @@ -157,7 +157,7 @@ class ElggInstaller { 'password', ); foreach ($requiredParams as $key) { - if (!array_key_exists($key, $params)) { + if (empty($params[$key])) { $msg = elgg_echo('install:error:requiredfield', array($key)); throw new InstallationException($msg); } @@ -1148,11 +1148,21 @@ class ElggInstaller { foreach ($formVars as $field => $info) { if ($info['required'] == TRUE && !$submissionVars[$field]) { $name = elgg_echo("install:database:label:$field"); - register_error("$name is required"); + register_error(elgg_echo('install:error:requiredfield', array($name))); return FALSE; } } + // according to postgres documentation: SQL identifiers and key words must + // begin with a letter (a-z, but also letters with diacritical marks and + // non-Latin letters) or an underscore (_). Subsequent characters in an + // identifier or key word can be letters, underscores, digits (0-9), or dollar signs ($). + // Refs #4994 + if (!preg_match("/^[a-zA-Z_][\w]*$/", $submissionVars['dbprefix'])) { + register_error(elgg_echo('install:error:database_prefix')); + return FALSE; + } + return $this->checkDatabaseSettings( $submissionVars['dbuser'], $submissionVars['dbpassword'], @@ -1404,7 +1414,7 @@ class ElggInstaller { $submissionVars['wwwroot'] = sanitise_filepath($submissionVars['wwwroot']); $site = new ElggSite(); - $site->name = $submissionVars['sitename']; + $site->name = strip_tags($submissionVars['sitename']); $site->url = $submissionVars['wwwroot']; $site->access_id = ACCESS_PUBLIC; $site->email = $submissionVars['siteemail']; @@ -1519,22 +1529,27 @@ class ElggInstaller { protected function createAdminAccount($submissionVars, $login = FALSE) { global $CONFIG; - $guid = register_user( - $submissionVars['username'], - $submissionVars['password1'], - $submissionVars['displayname'], - $submissionVars['email'] - ); + try { + $guid = register_user( + $submissionVars['username'], + $submissionVars['password1'], + $submissionVars['displayname'], + $submissionVars['email'] + ); + } catch (Exception $e) { + register_error($e->getMessage()); + return false; + } if (!$guid) { register_error(elgg_echo('install:admin:cannot_create')); - return FALSE; + return false; } $user = get_entity($guid); if (!$user) { register_error(elgg_echo('install:error:loadadmin')); - return FALSE; + return false; } elgg_set_ignore_access(TRUE); @@ -1543,7 +1558,7 @@ class ElggInstaller { } else { datalist_set('admin_registered', 1); } - elgg_set_ignore_access(FALSE); + elgg_set_ignore_access(false); // add validation data to satisfy user validation plugins create_metadata($guid, 'validated', TRUE, '', 0, ACCESS_PUBLIC); diff --git a/install/ElggRewriteTester.php b/install/ElggRewriteTester.php index c01510f60..ab68da2b7 100644 --- a/install/ElggRewriteTester.php +++ b/install/ElggRewriteTester.php @@ -154,6 +154,8 @@ class ElggRewriteTester { if ($this->serverSupportsRemoteRead == FALSE) { $msg = elgg_echo('install:warning:rewrite:unknown', array($url)); + $msg .= elgg_view('install/js_rewrite_check', array('url' => $url)); + return array( 'severity' => 'warning', 'message' => $msg, @@ -165,6 +167,8 @@ class ElggRewriteTester { $msg = "$serverString\n\n"; if (!isset($this->htaccessIssue)) { $msg .= elgg_echo('install:error:rewrite:allowoverride'); + $msg .= elgg_view('install/js_rewrite_check', array('url' => $url)); + return array( 'severity' => 'failure', 'message' => $msg, diff --git a/install/cli/sample_installer.php b/install/cli/sample_installer.php index 954169a6a..a51f9aae4 100644 --- a/install/cli/sample_installer.php +++ b/install/cli/sample_installer.php @@ -1,12 +1,13 @@ <?php + /** * Sample cli installer script */ -require_once(dirname(dirname(__FILE__)) . "/ElggInstaller.php"); - -$installer = new ElggInstaller(); +// change to true to run this script. Change back to false when done. +$enabled = false; +// none of the following may be empty $params = array( // database parameters 'dbuser' => '', @@ -26,5 +27,41 @@ $params = array( 'password' => '', ); + +// Do not edit below this line. ////////////////////////////// + + +if (!$enabled) { + echo "To enable this script, change \$enabled to true.\n"; + echo "You *must* disable this script after a successful installation.\n"; + exit; +} + +if (PHP_SAPI !== 'cli') { + echo "You must use the command line to run this script."; + exit; +} + +require_once(dirname(dirname(__FILE__)) . "/ElggInstaller.php"); + +$installer = new ElggInstaller(); + // install and create the .htaccess file $installer->batchInstall($params, TRUE); + +// at this point installation has completed (otherwise an exception halted execution). +// try to rewrite the script to disable it. +if (is_writable(__FILE__)) { + $code = file_get_contents(__FILE__); + if (preg_match('~\\$enabled\\s*=\\s*(true|1)\\s*;~i', $code)) { + // looks safe to rewrite + $code = preg_replace('~\\$enabled\\s*=\\s*(true|1)\\s*;~i', '$enabled = false;', $code); + file_put_contents(__FILE__, $code); + + echo "\nNote: This script has been disabled for your safety.\n"; + exit; + } +} + +echo "\nWarning: You *must* disable this script by setting \$enabled = false;.\n"; +echo "Leaving this script enabled could endanger your installation.\n"; diff --git a/install/js/install.js b/install/js/install.js index 49b2be10c..37e5b0dc3 100644 --- a/install/js/install.js +++ b/install/js/install.js @@ -19,3 +19,24 @@ $(function() { } }); }); + +elgg = { + installer: {} +}; + +/** + * Check the rewrite address for "success" and then allows the installation to proceed. + */ +elgg.installer.rewriteTest = function(url, success_msg, nextURL) { + $.ajax(url, { + success: function(data, status, xhr) { + if (data == 'success') { + $('.elgg-require-rewrite li').attr('class', 'pass'); + $('.elgg-require-rewrite li').html('<p>' + success_msg + '</p>'); + $('.elgg-install-nav a.elgg-state-disabled') + .removeClass('elgg-state-disabled') + .attr('href', nextURL); + } + } + }); +} diff --git a/install/languages/en.php b/install/languages/en.php index 3a692e020..531379b1e 100644 --- a/install/languages/en.php +++ b/install/languages/en.php @@ -124,6 +124,7 @@ If you are ready to proceed, click the Next button.", 'install:error:htaccess' => 'Unable to create an .htaccess', 'install:error:settings' => 'Unable to create the settings file', 'install:error:databasesettings' => 'Unable to connect to the database with these settings.', + 'install:error:database_prefix' => 'Invalid characters in database prefix', 'install:error:oldmysql' => 'MySQL must be version 5.0 or above. Your server is using %s.', 'install:error:nodatabase' => 'Unable to use database %s. It may not exist.', 'install:error:cannotloadtables' => 'Cannot load the database tables', @@ -131,7 +132,7 @@ If you are ready to proceed, click the Next button.", 'install:error:readsettingsphp' => 'Unable to read engine/settings.example.php', 'install:error:writesettingphp' => 'Unable to write engine/settings.php', 'install:error:requiredfield' => '%s is required', - 'install:error:relative_path' => 'We don\'t think "%s" is an absoluate path for your data directory', + 'install:error:relative_path' => 'We don\'t think "%s" is an absolute path for your data directory', 'install:error:datadirectoryexists' => 'Your data directory %s does not exist.', 'install:error:writedatadirectory' => 'Your data directory %s is not writable by the web server.', 'install:error:locationdatadirectory' => 'Your data directory %s must be outside of your install path for security.', @@ -154,7 +155,7 @@ If you are ready to proceed, click the Next button.", 'install:error:rewrite:htaccess:cannot_copy' => 'A unknown error occurred while creating the .htaccess file. You need to manually copy htaccess_dist to .htaccess in Elgg\'s directory.', 'install:error:rewrite:altserver' => 'The rewrite rules test failed. You need to configure your web server with Elgg\'s rewrite rules and try again.', 'install:error:rewrite:unknown' => 'Oof. We couldn\'t figure out what kind of web server is running on your server and it failed the rewrite rules. We cannot offer any specific advice. Please check the troubleshooting link.', - 'install:warning:rewrite:unknown' => 'Your server does not support automatic testing of the rewrite rules. You can continue the installation, but you may experience problems with your site. You can manually test the rewrite rules by clicking this link: <a href="%s" target="_blank">test</a>. You will see the word success if the rules are working.', + 'install:warning:rewrite:unknown' => 'Your server does not support automatic testing of the rewrite rules and your browser does not support checking via JavaScript. You can continue the installation, but you may experience problems with your site. You can manually test the rewrite rules by clicking this link: <a href="%s" target="_blank">test</a>. You will see the word success if the rules are working.', ); add_translation("en", $english); |