1 files changed, 338 insertions, 8 deletions

@@ -2,20 +2,350 @@
 
 /* InstaDisc Server - A Four Island Project */
 
-if (!isset($_GET['step']))
+$softwareVersion = 1;
+
+if (!isset($_GET['submit']))
+{
+        showHeader('1');
+        showStepOne('localhost', 'root', '', 'instadisc', array());
+} else {
+        $numOfErrors = 0;
+        $errors = array();
+
+        switch ($_GET['submit'])
+        {
+                case 1:
+                        if ($_POST['host'] == '')
+                        {
+                                addError($numOfErrors, $errors, 'host', 'Hostname is a required field');
+                        }
+
+                        if ($_POST['username'] == '')
+                        {
+                                addError($numOfErrors, $errors, 'username', 'Username is a required field');
+                        }
+
+                        if ($_POST['password'] == '')
+                        {
+                                addError($numOfErrors, $errors, 'password', 'Password is a required field');
+                        }
+
+                        if ($_POST['dbname'] == '')
+                        {
+                                addError($numOfErrors, $errors, 'dbname', 'Name is a required field');
+                        }
+
+                        if ($numOfErrors > 0)
+                        {
+                                showHeader('1');
+                                showStepOne($_POST['host'], $_POST['username'], $_POST['password'], $_POST['dbname'], $errors);
+                        } else {
+                                if (!@mysql_connect($_POST['host'], $_POST['username'], $_POST['password']))
+                                {
+                                        addError($numOfErrors, $errors, '', 'Cannot connect to database server');
+                                        showHeader('1');
+                                        showStepOne($_POST['host'], $_POST['username'], $_POST['password'], $_POST['dbname'], $errors);
+                                } else {
+                                        if (!@mysql_select_db($_POST['dbname']))
+                                        {
+                                                addError($numOfErrors, $errors, 'dbname', 'Database does not exist');
+                                                showHeader('1');
+                                                showStepOne($_POST['host'], $_POST['username'], $_POST['password'], $_POST['dbname'], $errors);
+                                        } else {
+                                                $sql = file_get_contents('instadisc.sql');
+                                                $makedb = split(';', $sql);
+                                                foreach ($makedb as $name => $value)
+                                                {
+                                                        if (!trim($value) == '')
+                                                        {
+                                                                $makedb2 = @mysql_query($value);
+                                                                if (!$makedb2)
+                                                                {
+                                                                        addError($numOfErrors, $errors, '', "MySQL error \"" . mysql_error() . "\" while creating database");
+                                                                }
+                                                        }
+                                                }
+
+                                                @file_put_contents('config.php', "<?php\n\n/* InstaDisc Server - A Four Island Project */\n\n\$dbhost = \"" . $_POST['host'] . "\";\n\$dbuser = \"" . $_POST['username'] . "\";\n\$dbpass = \"" . $_POST['password'] . "\";\n\$dbname = \"" . $_POST['dbname'] . "\";\n\n?>");
+
+                                                if (!file_exists('config.php'))
+                                                {
+                                                        addError($numOfErrors, $errors, '', 'Could not write config.php file, please check directory permissions');
+                                                }
+
+                                                if ($numOfErrors > 0)
+                                                {
+                                                        showHeader('1');
+                                                        showStepOne($_POST['host'], $_POST['username'], $_POST['password'], $_POST['dbname'], $errors);
+                                                } else {
+                                                        showHeader('2');
+                                                        showStepTwo('','',' CHECKED','','','','','','','', array());
+                                                }
+                                        }
+                                }
+                        }
+
+                        break;
+
+                case 2:
+                        if ($_POST['mailDomain'] == '')
+                        {
+                                addError($numOfErrors, $errors, 'mailDomain', 'Mail Domain is a required field');
+                        }
+
+                        if ($_POST['smtpHost'] == '')
+                        {
+                                addError($numOfErrors, $errors, 'smtpHost', 'SMTP Host is a required field');
+                        }
+
+                        if ($_POST['smtpAuth'] == 'on')
+                        {
+                                if ($_POST['smtpUser'] == '')
+                                {
+                                        addError($numOfErrors, $errors, 'smtpUser', 'When "SMTP Authentication Required?" is checked, SMTP Username is a required field');
+                                }
+
+                                if ($_POST['smtpPass'] == '')
+                                {
+                                        addError($numOfErrors, $errors, 'smtpPass', 'When "SMTP Authentication Required?" is checked, SMTP Password is a required field');
+                                }
+                        }
+
+                        if ($_POST['siteName'] == '')
+                        {
+                                addError($numOfErrors, $errors, 'siteName', 'Site Name is a required field');
+                        }
+
+                        if ($_POST['xmlrpcURL'] == '')
+                        {
+                                addError($numOfErrors, $errors, 'xmlrpcURL', 'XML-RPC URL is a required field');
+                        } else {
+                                include_once('xmlrpc/xmlrpc.inc');
+
+                                $client = new xmlrpc_client($_POST['xmlrpcURL']);
+                                $msg = new xmlrpcmsg('system.listMethods');
+                                $r = $client->send($msg);
+                                if (stripos($r->faultString(),'Connect error') !== FALSE)
+                                {
+                                        addError($numOfErrors, $errors, 'xmlrpcURL', $r->faultString());
+                                }
+                        }
+
+                        if ($_POST['adminUser'] == '')
+                        {
+                                addError($numOfErrors, $errors, 'adminUser', 'Admin Username is a required field');
+                        }
+
+                        if ($_POST['adminPass'] == '')
+                        {
+                                addError($numOfErrors, $errors, 'adminPass', 'Admin Password is a required field');
+                        }
+
+                        if ($_POST['adminEmail'] == '')
+                        {
+                                addError($numOfErrors, $errors, 'adminEmail', 'Admin Email is a required field');
+                        }
+
+                        if ($numOfErrors > 0)
+                        {
+                                showHeader('2');
+                                showStepTwo($_POST['mailDomain'], $_POST['smtpHost'], ($_POST['smtpAuth'] == 'on' ? ' CHECKED' : ''), $_POST['smtpUser'], $_POST['smtpPass'], $_POST['siteName'], $_POST['xmlrpcURL'], $_POST['adminUser'], $_POST['adminPass'], $_POST['adminEmail'], $errors);
+                        } else {
+                                include_once('config.php');
+
+                                mysql_connect($dbhost, $dbuser, $dbpass);
+                                mysql_select_db($dbname);
+
+                                $sql[0] = "INSERT INTO config (name,value) VALUES (\"mailDomain\",\"" . mysql_real_escape_string($_POST['mailDomain']) . "\")";
+                                $sql[1] = "INSERT INTO config (name,value) VALUES (\"smtpHost\",\"" . mysql_real_escape_string($_POST['smtpHost']) . "\")";
+                                $sql[2] = "INSERT INTO config (name,value) VALUES (\"smtpAuth\",\"" . mysql_real_escape_string($_POST['smtpAuth']) . "\")";
+                                $sql[3] = "INSERT INTO config (name,value) VALUES (\"smtpUser\",\"" . mysql_real_escape_string($_POST['smtpUser']) . "\")";
+                                $sql[4] = "INSERT INTO config (name,value) VALUES (\"smtpPass\",\"" . mysql_real_escape_string($_POST['smtpPass']) . "\")";
+                                $sql[5] = "INSERT INTO config (name,value) VALUES (\"siteName\",\"" . mysql_real_escape_string($_POST['siteName']) . "\")";
+                                $sql[6] = "INSERT INTO config (name,value) VALUES (\"xmlrpcURL\",\"" . mysql_real_escape_string($_POST['xmlrpcURL']) . "\")";
+                                $sql[7] = "INSERT INTO config (name,value) VALUES (\"owner\",\"" . mysql_real_escape_string($_POST['adminUser']) . "\")";
+                                $sql[8] = "INSERT INTO config (name,value) VALUES (\"verIDBufferSize\",\"100\")";
+                                $sql[9] = "INSERT INTO config (name,value) VALUES (\"softwareVersion\",\"" . $softwareVersion . "\")";
+                                $sql[10] = "INSERT INTO config (name,value) VALUES (\"databaseVersion\",\"1\")";
+                                $sql[11] = "INSERT INTO users (username, password, email, ip) VALUES (\"" . mysql_real_escape_string($_POST['adminUser']) . "\",\"" . mysql_real_escape_string(md5($_POST['adminPass'])) . "\",\"" . mysql_real_escape_string($_POST['adminEmail']) . "\",\"" . mysql_real_escape_string($_SERVER['REMOTE_IP']) . "\")";
+                                $sql[12] = "INSERT INTO centralServers (url, code, xmlrpc) VALUES (\"" . mysql_real_escape_string('central.fourisland.com') . "\",\"" . mysql_real_escape_string(md5('central.fourisland.com')) . "\",\"" . mysql_real_escape_string('http://central.fourisland.com/xmlrpc.php') . "\")";
+
+                                foreach ($sql as $name => $value)
+                                {
+                                        if (!trim($value) == '')
+                                        {
+                                                $sql2 = @mysql_query($value);
+                                                if (!$sql2)
+                                                {
+                                                        addError($numOfErrors, $errors, '', "MySQL error \"" . mysql_error() . "\" while filling database");
+                                                }
+                                        }
+                                }
+
+                                if ($numOfErrors > 0)
+                                {
+                                        showHeader('2');
+                                        showStepTwo($_POST['mailDomain'], $_POST['smtpHost'], ($_POST['smtpAuth'] == 'on' ? ' CHECKED' : ''), $_POST['smtpUser'], $_POST['smtpPass'], $_POST['siteName'], $_POST['xmlrpcURL'], $_POST['adminUser'], $_POST['adminPass'], $_POST['adminEmail'], $errors);
+                                } else {
+                                        showHeader('3');
+                                        showStepThree();
+                                }
+                        }
+
+                        break;
+        }
+}
+
+?><P><CENTER><SMALL><SMALL>InstaDisc (C) Starla Insigna 2008. InstaDisc Setup uses the UniForm form theme</SMALL></SMALL></CENTER></BODY></HTML><?php
+
+function showHeader($number)
 {
-?>Welcome to the InstaDisc Central Server installation! Please input your database details here:<P><FORM ACTION="./install.php?step=2" METHOD="POST">Database host: <INPUT TYPE="text" NAME="host" VALUE="localhost"><BR>Username: <INPUT TYPE="text" NAME="username" VALUE="root"><BR>Password: <INPUT TYPE="text" NAME="password"><BR>Database name: <INPUT TYPE="text" NAME="name"> (Note: You must create this database BEFORE running installation)<BR><INPUT TYPE="submit"></FORM><?php
-} else if ($_GET['step']==2)
+?><HTML><HEAD><TITLE>InstaDisc Server Setup Step <?php echo($number); ?></TITLE><LINK REL="stylesheet" TYPE="text/css" HREF="uniform.css"></HEAD><BODY><CENTER><H1>InstaDisc Installation</H1></CENTER><P><?php
+}
+
+function showStepOne($host, $username, $password, $dbname, $errors)
 {
-        if (!mysql_connect($_POST['host'], $_POST['username'], $_POST['password']))
+?>Welcome to the InstaDisc Central Server installation! Please input your database details below.<P>
+<FORM CLASS="uniform" ACTION="./install.php?submit=1" METHOD="POST">
+<?php
+        if (isset($errors[1]))
         {
-?>Cannot connect to your database server! Please verify you typed you host, username and password correctly. <A HREF="./install.php">Back</A><?php exit();
+?><DIV ID="errorMsg">Uh oh! Validation errors!<P>
+<OL><?php
+                foreach ($errors as $name => $value)
+                {
+?><LI><A HREF="#error<?php echo($name); ?>"><?php echo($value['msg']); ?></A></LI><?php
+                }
+?></OL></DIV><?php
         }
-        if (!mysql_select_db($_POST['name']))
+?>
+<FIELDSET CLASS="inlineLabels"><LEGEND>Database Details</LEGEND>
+<DIV CLASS="ctrlHolder<?php ifErrors($errors, 'host'); ?>">
+<?php doErrors($errors, 'host'); ?> <LABEL FOR="host"><EM>*</EM> Host: </LABEL>
+ <INPUT TYPE="text" ID="host" NAME="host" CLASS="textInput" VALUE="<?php echo($host); ?>">
+</DIV>
+<DIV CLASS="ctrlHolder<?php ifErrors($errors, 'username'); ?>">
+<?php doErrors($errors, 'username'); ?> <LABEL FOR="username"><EM>*</EM> Username: </LABEL>
+ <INPUT TYPE="text" ID="username" NAME="username" CLASS="textInput" VALUE="<?php echo($username); ?>">
+</DIV>
+<DIV CLASS="ctrlHolder<?php ifErrors($errors, 'password'); ?>">
+<?php doErrors($errors, 'password'); ?> <LABEL FOR="password"><EM>*</EM> Password: </LABEL>
+ <INPUT TYPE="password" ID="password" NAME="password" CLASS="textInput" VALUE="<?php echo($password); ?>">
+</DIV>
+<DIV CLASS="ctrlHolder<?php ifErrors($errors, 'dbname'); ?>">
+<?php doErrors($errors, 'dbname'); ?> <LABEL FOR="dbname"><EM>*</EM> Name: </LABEL>
+ <INPUT TYPE="text" ID="dbname" NAME="dbname" CLASS="textInput" VALUE="<?php echo($dbname); ?>">
+ <P CLASS="formHint">You need to create this database before running this script.</P>
+</DIV>
+</FIELDSET>
+<DIV CLASS="buttonHolder">
+ <INPUT TYPE="submit" VALUE="Next">
+</DIV></FORM><?php
+}
+
+function showStepTwo($mailDomain, $smtpHost, $smtpAuth, $smtpUser, $smtpPass, $siteName, $xmlrpcURL, $adminUser, $adminPass, $adminEmail, $errors)
+{
+?>Your database has been set up. All we need to do now is fill it up a little. Please answer the below questions to set up your configuration:
+<FORM CLASS="uniform" ACTION="./install.php?submit=2" METHOD="POST">
+<?php
+        if (isset($errors[1]))
         {
-?>Cannot connect to your database! Please verify that the database you specified already exists and that you spelled it correctly. <A HREF="./install.php">Back</A><?php exit();
+?><DIV ID="errorMsg">Uh oh! Validation errors!<P>
+<OL><?php
+                foreach ($errors as $name => $value)
+                {
+?><LI><A HREF="#error<?php echo($name); ?>"><?php echo($value['msg']); ?></A></LI><?php
+                }
+?></OL></DIV><?php
         }
+?>
+<FIELDSET CLASS="inlineLabels"><LEGEND>Email</LEGEND>
+<DIV CLASS="ctrlHolder<?php ifErrors($errors, 'mailDomain'); ?>">
+<?php doErrors($errors, 'mailDomain'); ?> <LABEL FOR="mailDomain"><EM>*</EM> Mail Domain: </LABEL>
+ <INPUT TYPE="text" ID="mailDomain" NAME="mailDomain" CLASS="textInput" VALUE="<?php echo($mailDomain); ?>">
+ <P CLASS="formHint">Type in the part that comes after the @ in your email addresses. This is used when InstaDisc needs to send an email to someone.</P>
+</DIV>
+<DIV CLASS="ctrlHolder<?php ifErrors($errors, 'smtpHost'); ?>">
+<?php doErrors($errors, 'smtpHost'); ?> <LABEL FOR="smtpHost"><EM>*</EM> SMTP Host: </LABEL>
+ <INPUT TYPE="text" ID="smtpHost" NAME="smtpHost" CLASS="textInput" VALUE="<?php echo($smtpHost); ?>">
+ <P CLASS="formHint">This is required because InstaDisc has to be able to send emails to people.</P>
+</DIV>
+<DIV CLASS="ctrlHolder<?php ifErrors($errors, 'smtpAuth'); ?>">
+<?php doErrors($errors, 'smtpAuth'); ?> <LABEL FOR="smtpAuth">SMTP Authentication Required? </LABEL>
+ <INPUT TYPE="checkbox" ID="smtpAuth" NAME="smtpAuth" CLASS="textInput"<?php echo($smtpAuth); ?>">
+ <P CLASS="formHint">If your SMTP server requires authentication (most do), you need to check this box and enter the authentication details in the fields below.</P>
+</DIV>
+<DIV CLASS="ctrlHolder<?php ifErrors($errors, 'smtpUser'); ?>">
+<?php doErrors($errors, 'smtpUser'); ?> <LABEL FOR="smtpUser">SMTP Username: </LABEL>
+ <INPUT TYPE="text" ID="smtpUser" NAME="smtpUser" CLASS="textInput" VALUE="<?php echo($smtpUser); ?>">
+</DIV>
+<DIV CLASS="ctrlHolder<?php ifErrors($errors, 'smtpPass'); ?>">
+<?php doErrors($errors, 'smtpPass'); ?> <LABEL FOR="smtpPass">SMTP Password: </LABEL>
+ <INPUT TYPE="password" ID="smtpPass" NAME="smtpPass" CLASS="textInput" VALUE="<?php echo($smtpPass); ?>">
+ <P CLASS="formHint">The two above fields only need be filled out if the "SMTP Authentication Required?" box is checked.</P>
+</DIV>
+</FIELDSET><FIELDSET CLASS="inlineLabels"><LEGEND>Website</LEGEND>
+<DIV CLASS="ctrlHolder<?php ifErrors($errors, 'siteName'); ?>">
+<?php doErrors($errors, 'siteName'); ?> <LABEL FOR="siteName"><EM>*</EM> Site Name: </LABEL>
+ <INPUT TYPE="text" ID="siteName" NAME="siteName" CLASS="textInput" VALUE="<?php echo($siteName); ?>">
+ <P CLASS="formHint">Your website's name is required for a little personalization of emails.</P>
+</DIV>
+<DIV CLASS="ctrlHolder<?php ifErrors($errors, 'xmlrpcURL'); ?>">
+<?php doErrors($errors, 'xmlrpcURL'); ?> <LABEL FOR="xmlrpcURL"><EM>*</EM> XML-RPC URL: </LABEL>
+ <INPUT TYPE="text" ID="xmlrpcURL" NAME="xmlrpcURL" CLASS="textInput" VALUE="<?php echo($xmlrpcURL); ?>">
+ <P CLASS="formHint">What is the URL of the xmlrpc.php file provided for you in the InstaDisc package?</P>
+</DIV>
+</FIELDSET><FIELDSET CLASS="inlineLabels"><LEGEND>Administrator's Account</LEGEND>
+<DIV CLASS="ctrlHolder<?php ifErrors($errors, 'adminUser'); ?>">
+<?php doErrors($errors, 'adminUser'); ?> <LABEL FOR="adminUser"><EM>*</EM> Admin Username: </LABEL>
+ <INPUT TYPE="text" ID="adminUser" NAME="adminUser" CLASS="textInput" VALUE="<?php echo($adminUser); ?>">
+</DIV>
+<DIV CLASS="ctrlHolder<?php ifErrors($errors, 'adminPass'); ?>">
+<?php doErrors($errors, 'adminPass'); ?> <LABEL FOR="adminPass"><EM>*</EM> Admin Password: </LABEL>
+ <INPUT TYPE="password" ID="adminPass" NAME="adminPass" CLASS="textInput" VALUE="<?php echo($adminPass); ?>">
+</DIV>
+<DIV CLASS="ctrlHolder<?php ifErrors($errors, 'adminEmail'); ?>">
+<?php doErrors($errors, 'adminEmail'); ?> <LABEL FOR="adminEmail"><EM>*</EM> Admin Email: </LABEL>
+ <INPUT TYPE="text" ID="adminEmail" NAME="adminEmail" CLASS="textInput" VALUE="<?php echo($adminEmail); ?>">
+ <P CLASS="formHint">You, the administrator, must have an account on your InstaDisc server to be able to edit configuration values (mostly the ones you just entered) at will.</P>
+</DIV>
+</FIELDSET>
+<DIV CLASS="buttonHolder">
+ <INPUT TYPE="submit" VALUE="Next">
+</DIV></FORM><?php
+}
 
+function showStepThree()
+{
 ?>Congradulations! You've successfully set up your InstaDisc Central Server's database! Now, the next step for you is to implement the functions in instadisc.php into your web application. Read README.txt for more information.<?php
 }
-?>
+
+function ifErrors($errors, $id)
+{
+        foreach ($errors as $name => $value)
+        {
+                if ($value['field'] == $id)
+                {
+                        echo(' error');
+                        return;
+                }
+        }
+}
+
+
+function doErrors($errors, $id)
+{
+        foreach ($errors as $name => $value)
+        {
+                if ($value['field'] == $id)
+                {
+?> <P ID="error<?php echo($name); ?>" CLASS="errorField"><EM>*</EM> <?php echo($value['msg']); ?></P><?php echo("\n");
+                }
+        }
+}
+
+function addError(&$numOfErrors, &$errors, $field, $msg)
+{
+        $numOfErrors++;
+        $errors[$numOfErrors] = array('field' => $field, 'msg' => $msg);
+}