Context Navigation

install.php

Revision 1517, 17.4 kB (checked in by cfriesen, 2 years ago)
Hopefully this fixes that exploit.

Line
1	<?php
2	###############################################################################
3	# Gregarius - A PHP based RSS aggregator.
4	# Copyright (C) 2003 - 2005 Marco Bonetti
5	#
6	###############################################################################
7	# This program is free software and open source software; you can redistribute
8	# it and/or modify it under the terms of the GNU General Public License as
9	# published by the Free Software Foundation; either version 2 of the License,
10	# or (at your option) any later version.
11	#
12	# This program is distributed in the hope that it will be useful, but WITHOUT
13	# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
14	# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
15	# more details.
16	#
17	# You should have received a copy of the GNU General Public License along
18	# with this program; if not, write to the Free Software Foundation, Inc.,
19	# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA or visit
20	# http://www.gnu.org/licenses/gpl.html
21	#
22	###############################################################################
23	# E-mail: mbonetti at gmail dot com
24	# Web page: http://gregarius.net/
25	#
26	###############################################################################
27
28	define('GREGARIUS_RELEASE', '0.5.5');
29	define('GREGARIUS_CODENAME', 'null');
30
31	define('DBINIT', dirname(__FILE__) . '/dbinit.php');
32
33	// NOTE: This _must_ be a standard version string, see:
34	// php.net/version_compare
35	define('REQUIRED_VERSION', '4.3.0');
36
37	define('SQL_SERVER_DEFAULT', 'localhost');
38	define('SQLITE_DEFAULT', '/tmp/gregarius.sqlite');
39	define('WEB_SERVER_DEFAULT', 'localhost');
40	define('DATABASE_DEFAULT', 'rss');
41
42	define('TYPE_HELP', 'The type of database being used.');
43	define('SQL_SERVER_HELP', 'The location of the database. If in doubt, leave the default. Default: ' . SQL_SERVER_DEFAULT . '');
44	define('SQLITE_HELP', 'The path to the database. If in doubt, leave the default. Default: ' . SQLITE_DEFAULT . '');
45	define('DATABASE_HELP', 'The name of the database. Default: ' . DATABASE_DEFAULT . '');
46	define('USERNAME_HELP', 'The username to connect to the database. <br/>Make sure this user has INSERT,UPDATE,DELETE,CREATE,ALTER permission to the database!');
47	define('PASSWORD_HELP', 'The password used to connect to the database.');
48	define('PREFIX_HELP', 'The string to prefix the tables with. Example: A table called rss_item should have rss as the prefix.');
49	define('ADMIN_USERNAME_HELP', 'The administrator username to use for database creation.');
50	define('ADMIN_PASSWORD_HELP', 'The administrator password used to connect to the database. Make sure this user has GRANT privileges!');
51	define('WEBSERVER_HELP', 'The location of the webserver. If in doubt, leave the default. Default: ' . WEB_SERVER_DEFAULT . '');
52
53	global $hasWritePerm;
54
55	function install_main() {
56	$hasXML = function_exists('xml_parser_create');
57	$hasMySQL = function_exists('mysql_connect');
58	$hasSQLite = function_exists('sqlite_open');
59	$hasSocket = function_exists('fsockopen');
60
61	// $hasSQLite = true;
62	// If the server is running safe mode, try writing a temp file.
63	if(ini_get('safe_mode')) {
64	define ('TMPINIT', DBINIT . GREGARIUS_CODENAME . "tmp");
65	$fp = @fopen(TMPINIT, 'w');
66	if ($fp) {
67	$hasWritePerm = true;
68	fclose($fp);
69	unlink (TMPINIT);
70	} else {
71	$hasWritePerm = false;
72	}
73	} else { // else, just check to see if it's writable.
74	$hasWritePerm = is_writable(dirname(__FILE__));
75	}
76
77	if($hasMySQL && $hasSQLite) {
78	$sql = "MySQL & SQLite";
79	} else if($hasMySQL) {
80	$sql = "MySQL";
81	} else if($hasSQLite) {
82	$sql = "SQLite";
83	} else {
84	$sql = "None!";
85	}
86
87	echo ""
88	. "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\n"
89	. "<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"en\">\n"
90	. "<head>\n"
91	. " <meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />"
92	. " <title>Gregarius " . GREGARIUS_RELEASE . " " . GREGARIUS_CODENAME . " Installer</title>\n"
93	. " <link rel=\"stylesheet\" type=\"text/css\" href=\"themes/default/css/layout.css\" />\n"
94	. " <link rel=\"stylesheet\" type=\"text/css\" href=\"themes/default/css/look.css\" />\n"
95	. "<style type=\"text/css\">\n"
96	. " .install {\n"
97	. " display: block;\n"
98	. " text-align: left;\n"
99	. " }\n"
100	. " .help {\n"
101	. " display: none;\n"
102	. " font-size: 12pt;\n"
103	. " color: red;\n"
104	. " }\n"
105	. " .found {\n"
106	. " color: green;\n"
107	. " font-weight: bold;\n"
108	. " }\n"
109	. " .not_found {\n"
110	. " color: red;\n"
111	. " font-weight: bold;\n"
112	. " }\n"
113	. " h2 {\n"
114	. " margin: 2px;\n"
115	. " }\n"
116	. " label { display:block; }\n"
117	. "</style>\n"
118	. "<script type=\"text/javascript\">\n"
119	. "//<![CDATA[\n"
120	. " function ValidInput(str) {\n"
121	. " return true;\n"
122	. " }\n"
123	. "\n"
124	. " function ToggleHelp(name) {\n"
125	. " var i=document.getElementById(name);\n"
126	. " if('block' == i.style.display) {\n"
127	. " i.style.display='none';\n"
128	. " } else {\n"
129	. " i.style.display='block';\n"
130	. " }\n"
131	. " }\n"
132	. "\n"
133	. " function ToggleType(rad) {\n"
134	. " if('mysql' == rad.value) {\n"
135	. " document.getElementById('database').disabled = false;\n"
136	. " document.getElementById('username').disabled = false;\n"
137	. " document.getElementById('password').disabled = false;\n"
138	. " document.getElementById('admin_username').disabled = false;\n"
139	. " document.getElementById('admin_password').disabled = false;\n"
140	. " document.getElementById('prefix').disabled = false;\n"
141	. " document.getElementById('web_server').disabled = false;\n"
142	. " document.getElementById('server').value = '" . SQL_SERVER_DEFAULT . "';\n"
143	. " document.getElementById('server_help').innerHTML = '" . SQL_SERVER_HELP . "';\n"
144	. " } else if ('sqlite' == rad.value) {\n"
145	. " document.getElementById('database').disabled = true;\n"
146	. " document.getElementById('username').disabled = true;\n"
147	. " document.getElementById('password').disabled = true;\n"
148	. " document.getElementById('admin_username').disabled = true;\n"
149	. " document.getElementById('admin_password').disabled = true;\n"
150	. " document.getElementById('prefix').disabled = true;\n"
151	. " document.getElementById('web_server').disabled = true;\n"
152	. " document.getElementById('server').value = '" . SQLITE_DEFAULT . "';\n"
153	. " document.getElementById('server_help').innerHTML = '" . SQLITE_HELP . "';\n"
154	. " }\n"
155	. " }\n"
156	. "\n"
157	. " function ValidateData() {\n"
158	. " var ret = false;\n"
159	. " if('mysql' == document.getElementById('type').value) {\n"
160	. " if(document.getElementById('server').value.length < 1) {\n"
161	. " alert('A server location is required.');\n"
162	. " document.getElementById('server').focus();\n"
163	. " } else if(document.getElementById('database').value.length < 1) {\n"
164	. " alert('A database name is required.');\n"
165	. " document.getElementById('database').focus();\n"
166	. " } else if(document.getElementById('username').value.length < 1) {\n"
167	. " alert('A username is required.');\n"
168	. " document.getElementById('username').focus();\n"
169	. " } else if(document.getElementById('password').value.length < 1) {\n"
170	. " alert('A password is required.');\n"
171	. " document.getElementById('password').focus();\n"
172	. " } else {\n"
173	. " ret = true;\n"
174	. " }\n"
175	. " } else if('sqlite' == document.getElementById('type').value) {\n"
176	. " if(document.getElementById('server').value.length < 1) {\n"
177	. " alert('A server path is required.');\n"
178	. " document.getElementById('server').focus();\n"
179	. " } else {\n"
180	. " ret = true;\n"
181	. " }\n"
182	. " }\n"
183	. "\n"
184	. " return ret;\n"
185	. " }\n"
186	. "//]]>\n"
187	. "</script>\n"
188	. "</head>\n"
189	. "<body>\n"
190	. "<div id=\"nav\" class=\"frame\">"
191	. "<h1>Gregarius Database Setup</h1>\n"
192	. "<fieldset class=\"install\" style=\"text-align:center\">\n"
193	. "<legend>Version " . GREGARIUS_RELEASE . " - " . GREGARIUS_CODENAME . "</legend>\n"
194	. "<p><img src=\"themes/default/media/installer/codename.jpg\" alt=\"".GREGARIUS_CODENAME."\" /></p>\n"
195	. "</fieldset>\n"
196	. "</div>"
197	. "<div id=\"install\" class=\"frame\">\n"
198	. "<h2>Step 1: Verify Environment</h2>\n"
199	. "<form method=\"post\" action=\"" . $_SERVER['PHP_SELF'] . "\" onsubmit=\"return ValidateData();\">\n"
200	. "<fieldset class=\"install\">\n"
201	. "<legend>Diagnostics</legend>\n"
202	. "<p>Below are some of the requirements to run Gregarius. If any are not found, please fix them before continuing.</p>\n"
203	. "<p class=\"" . (version_compare(REQUIRED_VERSION, PHP_VERSION) <= 0 ? "found" : "not_found") . "\"><label>PHP Version: " . phpversion() . "</label></p>\n"
204	. "<p class=\"" . ($hasSocket ? "found" : "not_found") . "\"><label>Sockets: " . ($hasSocket ? "Found" : "Not Found!") . "</label></p>\n"
205	. "<p class=\"" . ($hasXML ? "found" : "not_found") . "\"><label>XML: " . ($hasXML ? "Found" : "Not Found!") . "</label></p>\n"
206	. "<p class=\"" . ($hasMySQL \|\| $hasSQLite ? "found" : "not_found") . "\"><label>Database: " . $sql . "</label></p>\n"
207	. "</fieldset>\n"
208	. "<h2>Step 2: Provide Database Settings</h2>\n"
209	. "<fieldset class=\"install\">\n"
210	. "<legend>Database Settings</legend>\n"
211	. "<p>The settings below are for the database Gregarius will keep its data.</p>\n"
212	. "<p><label for=\"type\">Server Type <a href=\"#\" onclick=\"ToggleHelp('type_help'); return false; \">[?]</a></label>\n"
213	. "<input type=\"radio\" style=\"display:inline\" name=\"type\" id=\"type\" value=\"mysql\" onchange=\"ToggleType(this); return false;\" " . ($hasMySQL ? "checked=\"checked\"" : "disabled=\"disabled\"") . "/>MySQL"
214	. "<input type=\"radio\" style=\"display:inline\" name=\"type\" value=\"sqlite\" onchange=\"ToggleType(this); return false;\" " . ($hasSQLite ? ($hasMySQL ? "" : "checked=\"checked\"") : "disabled=\"disabled\"") . "/>SQLite"
215	. "<span class=\"help\" id=\"type_help\">" . TYPE_HELP . "</span></p>\n"
216	. "<p><label for=\"server\">Server Location <a href=\"#\" onclick=\"ToggleHelp('server_help'); return false; \">[?]</a></label>\n"
217	. "<input type=\"text\" name=\"server\" id=\"server\" value=\"" . SQL_SERVER_DEFAULT . "\" />"
218	. "<span class=\"help\" id=\"server_help\">" . SQL_SERVER_HELP . "</span></p>\n"
219	. "<p><label for=\"database\">Database Name <a href=\"#\" onclick=\"ToggleHelp('database_help'); return false; \">[?]</a></label>\n"
220	. "<input type=\"text\" name=\"database\" id=\"database\" value=\"" . DATABASE_DEFAULT . "\" />"
221	. "<span class=\"help\" id=\"database_help\">" . DATABASE_HELP . "</span></p>\n"
222	. "<p><label for=\"username\">Database UserName <a href=\"#\" onclick=\"ToggleHelp('username_help'); return false; \">[?]</a></label>\n"
223	. "<input type=\"text\" name=\"username\" id=\"username\" value=\"\" />"
224	. "<span class=\"help\" id=\"username_help\">" . USERNAME_HELP . "</span></p>\n"
225	. "<p><label for=\"password\">Database Password <a href=\"#\" onclick=\"ToggleHelp('password_help'); return false; \">[?]</a></label>\n"
226	. "<input type=\"password\" name=\"password\" id=\"password\" value=\"\" />"
227	. "<span class=\"help\" id=\"password_help\">" . PASSWORD_HELP . "</span></p>\n"
228	. "<p><label for=\"prefix\">Database Table Prefix <a href=\"#\" onclick=\"ToggleHelp('prefix_help'); return false; \">[?]</a></label>\n"
229	. "<input type=\"text\" name=\"prefix\" id=\"prefix\" value=\"\" />"
230	. "<span class=\"help\" id=\"prefix_help\">" . PREFIX_HELP . "</span></p>\n"
231	. "</fieldset>\n"
232	. "<h2>Step 3: Provide Admin Settings (optional)</h2>\n"
233	. "<fieldset class=\"install\">\n"
234	. "<legend>Server Setup</legend>\n"
235	. "<p>If you would like Gregarius to create the database and user for you, input the correct settings below.</p>\n"
236	. "<p><label for=\"admin_username\">Admin UserName <a href=\"#\" onclick=\"ToggleHelp('admin_username_help'); return false; \">[?]</a></label>\n"
237	. "<input type=\"text\" name=\"admin_username\" id=\"admin_username\" value=\"\" />"
238	. "<span class=\"help\" id=\"admin_username_help\">" . ADMIN_USERNAME_HELP . "</span></p>\n"
239	. "<p><label for=\"admin_password\">Admin Password <a href=\"#\" onclick=\"ToggleHelp('admin_password_help'); return false; \">[?]</a></label>\n"
240	. "<input type=\"password\" name=\"admin_password\" id=\"admin_password\" value=\"\" />"
241	. "<span class=\"help\" id=\"admin_password_help\">" . ADMIN_PASSWORD_HELP . "</span></p>\n"
242	. "<p><label for=\"web_server\">Web Location <a href=\"#\" onclick=\"ToggleHelp('web_server_help'); return false; \">[?]</a></label>\n"
243	. "<input type=\"text\" name=\"web_server\" id=\"web_server\" value=\"" . WEB_SERVER_DEFAULT . "\" />"
244	. "<span class=\"help\" id=\"web_server_help\">" . WEBSERVER_HELP . "</span></p>\n"
245	. "</fieldset>\n"
246	. "<h2>Step 4: " . ($hasWritePerm ? "Create database and write dbinit.php" : "Create database and download dbinit.php") . "</h2>\n"
247	. "<p><input type=\"submit\" name=\"action\" value=\"" . ($hasWritePerm ? "Setup Database" : "Download dbinit.php file") . "\" /></p>\n"
248	. "<p><input type=\"hidden\" name=\"process\" value=\"1\" /></p>\n"
249	. "</form>\n"
250	. "</div>\n"
251	. "</body>\n"
252	. "</html>\n";
253	}
254
255	if(file_exists(DBINIT)) {
256	print("The dbinit.php file already exists in the Gregarius directory! Please remove it if you would like to use this installer.");
257	} else if(!empty($_POST['process']) && 1 == $_POST['process']) {
258	if(empty($_POST['server']) \|\|
259	empty($_POST['database']) \|\|
260	empty($_POST['username']) \|\|
261	empty($_POST['password']) \|\|
262	empty($_POST['type'])) {
263
264	print("Not all required fields have been filled in!");
265	} else {
266	// create the database and user
267	if(!empty($_POST['admin_username'])) {
268	if("mysql" == $_POST['type']) {
269	$sql = @mysql_connect($_POST['server'], $_POST['admin_username'], $_POST['admin_password']);
270
271	if(!$sql) {
272	print("Unable to connect to database! Please create manually.");
273	} else {
274	mysql_query("CREATE DATABASE " . $_POST['database'] . "", $sql);
275	mysql_query("GRANT ALL ON " . $_POST['database'] . ".* TO '" . $_POST['username'] . "'@'" . $_POST['web_server'] . "' IDENTIFIED BY '" . $_POST['password'] . "'", $sql);
276	mysql_close($sql);
277	}
278	} else if("sqlite" == $_POST['type']) {
279	$sql = @sqlite_open($_POST['server'], 0666);
280
281	if(!$sql) {
282	print("Unable to connect to database! Please create manually.");
283	}
284	} else {
285	print("Invalid SQL Type!");
286	exit();
287	}
288	}
289
290	$out = "<?php
291	//
292	// The type of database server you are using. By default
293	// Gregarius will look for a MySQL database server. If you
294	// would like to use an SQLite database, change accordingly
295	//
296	define ('DBTYPE','" . $_POST['type'] . "');
297
298	//
299	// The name of your database
300	//
301	define ('DBNAME','" . $_POST['database'] . "');
302
303	//
304	// The username to use when connecting to the database. Make sure that
305	// thus user owns privileges to CREATE database tables on the above
306	// database!
307	//
308	define ('DBUNAME','" . $_POST['username'] . "');
309
310	//
311	// The password to use when connecting to the database
312	//
313	define ('DBPASS', '" . $_POST['password'] . "');
314
315	//
316	// If you are using a MySQL database:
317	// The hostname of your database server. Unless you know
318	// different this should probably be 'localhost' or '127.0.0.1'
319	//
320	// If you are using a SQLite database:
321	// This constant must contain the full path to your database file,
322	// for example: '/tmp/gregarius.db'
323	// Note that the apache process must have write access privileges
324	// on the given directory!
325	//
326	define ('DBSERVER', '" . $_POST['server'] . "');
327
328	//
329	// The table name prefix to use. If you specify anything here,
330	// say 'gregarius', your database table 'channels' will be referred to
331	// as 'gregarius_channels'. This is useful to avoid table collisions when
332	// your hosting provider only grants you one single database and several
333	// applications rely on that db.
334	//
335	// If this is not the case you can safely ignore this option.
336	//
337	";
338
339	if(empty($_POST['prefix'])) {
340	$out .= "//define ('DB_TABLE_PREFIX','');";
341	} else {
342	$out .= "define('DB_TABLE_PREFIX', '" . $_POST['prefix'] . "');";
343	}
344
345	$out .= "\n?>";
346
347	$fp = @fopen(DBINIT, 'w');
348
349	if(!$fp) {
350	// unable to open file for writing
351	header('Content-type: application/x-httpd-php-source');
352	header('Content-Disposition: attachment; filename="dbinit.php"');
353	echo($out);
354	exit();
355	} else {
356	// write the file
357	fwrite($fp, $out);
358	fclose($fp);
359
360	header('Location: admin/');
361	exit();
362	}
363	}
364	} else { // dbinit.php does not exist and we are not asked to process
365	// print out the form
366	install_main();
367	}
368	?>

Note: See TracBrowser for help on using the browser.

Context Navigation

root/trunk/gregarius/install.php

Download in other formats: