lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
f2a479695e
dolibarr/htdocs/install/fileconf.php
Raphaël Doursenaud f2a479695e
New: Improved forced install process 
Tamper proofed the process by not relying on POST values for forced fields.
Disabled all fields set when $force_install_noedit is set.
Added a full-featured forced install config file template.

On the side:
Improved Dolibarr root and url detection.
Prevent install locking if install was not successful.
Added missing translation on failed administrator creation.
Better escaping of posted values.
2016-07-20 14:22:35 +02:00

658 lines
22 KiB
PHP
Raw Blame History

<?php
/* Copyright (C) 2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004 Eric Seigne <eric.seigne@ryxeo.com>
* Copyright (C) 2004-2012 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2004 Benoit Mortier <benoit.mortier@opensides.be>
* Copyright (C) 2004 Sebastien DiCintio <sdicintio@ressource-toi.org>
* Copyright (C) 2005-2011 Regis Houssin <regis.houssin@capnetworks.com>
* Copyright (C) 2016 Raphaël Doursenaud <rdoursenaud@gpcsolutions.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file htdocs/install/fileconf.php
* \ingroup install
* \brief Ask all informations required to build Dolibarr htdocs/conf/conf.php file (will be wrote on disk on next page)
*/
include_once 'inc.php';
global $langs;
$err=0;
$setuplang=GETPOST("selectlang",'',3)?GETPOST("selectlang",'',3):(isset($_GET["lang"])?$_GET["lang"]:'auto');
$langs->setDefaultLang($setuplang);
$langs->load("install");
$langs->load("errors");
dolibarr_install_syslog("--- fileconf: entering fileconf.php page");
// You can force preselected values of the config step of Dolibarr by adding a file
// install.forced.php into directory htdocs/install (This is the case with some wizard
// installer like DoliWamp, DoliMamp or DoliBuntu).
// We first init "forced values" to nothing.
if (! isset($force_install_noedit)) $force_install_noedit=''; // 1=To block var specific to distrib, 2 to block all technical parameters
if (! isset($force_install_type)) $force_install_type='';
if (! isset($force_install_dbserver)) $force_install_dbserver='';
if (! isset($force_install_port)) $force_install_port='';
if (! isset($force_install_database)) $force_install_database='';
if (! isset($force_install_prefix)) $force_install_prefix='';
if (! isset($force_install_createdatabase)) $force_install_createdatabase='';
if (! isset($force_install_databaselogin)) $force_install_databaselogin='';
if (! isset($force_install_databasepass)) $force_install_databasepass='';
if (! isset($force_install_databaserootlogin)) $force_install_databaserootlogin='';
if (! isset($force_install_databaserootpass)) $force_install_databaserootpass='';
// Now we load forced value from install.forced.php file.
$useforcedwizard=false;
$forcedfile="./install.forced.php";
if ($conffile == "/etc/dolibarr/conf.php") $forcedfile="/etc/dolibarr/install.forced.php"; // Must be after inc.php
if (@file_exists($forcedfile)) {
$useforcedwizard = true;
include_once $forcedfile;
}
/*
* View
*/
session_start(); // To be able to keep info into session (used for not loosing pass during navigation. pass must not transit throug parmaeters)
pHeader($langs->trans("ConfigurationFile"),"step1","set","",(empty($force_dolibarr_js_JQUERY)?'':$force_dolibarr_js_JQUERY.'/'));
// Test if we can run a first install process
if (! is_writable($conffile))
{
print $langs->trans("ConfFileIsNotWritable", $conffiletoshow);
dolibarr_install_syslog("fileconf: config file is not writable", LOG_WARNING);
dolibarr_install_syslog("--- fileconf: end");
pFooter(1,$setuplang,'jscheckparam');
exit;
}
if (! empty($force_install_message))
{
print '<div><table><tr><td valign="middle"><img src="../theme/common/information.png" style="height:40px;"></td><td valign="middle">'.$langs->trans($force_install_message).'</td></tr></table>';
/*print '<script type="text/javascript">';
print ' jQuery(document).ready(function() {
jQuery("#linktoshowtechnicalparam").click(function() {
jQuery(".hidewhenedit").hide();
jQuery(".hidewhennoedit").show();
});';
if ($force_install_noedit) print 'jQuery(".hidewhennoedit").hide();';
print '});';
print '</script>';
print '<br><a href="#" id="linktoshowtechnicalparam" class="hidewhenedit">'.$langs->trans("ShowEditTechnicalParameters").'</a><br>';
*/
}
?>
<div>
<table class="nobordernopadding<?php if ($force_install_noedit) print ' hidewhennoedit'; ?>">
<tr>
<td colspan="3" class="label" align="center">
<h3><?php echo $langs->trans("WebServer"); ?></h3>
</td>
</tr>
<!-- Documents root $dolibarr_main_document_root -->
<tr>
<?php
print '<td valign="top" class="label"><b>';
print $langs->trans("WebPagesDirectory");
print "</b></td>";
if (empty($dolibarr_main_url_root)) {
$dolibarr_main_document_root = detect_dolibarr_main_document_root();
}
?>
<td class="label" valign="top">
<input type="text"
size="60"
value="<?php print $dolibarr_main_document_root ?>"
name="main_dir"
<?php if (!empty($force_install_noedit)) {
print 'disabled';
} ?>
>
</td>
<td class="comment"><?php
print $langs->trans("WithNoSlashAtTheEnd")."<br>";
print $langs->trans("Examples").":<br>";
?>
<ul>
<li>/var/www/dolibarr/htdocs</li>
<li>C:/wwwroot/dolibarr/htdocs</li>
</ul>
</td>
</tr>
<!-- Documents URL $dolibarr_main_data_root -->
<tr>
<td valign="top" class="label"><b> <?php print $langs->trans("DocumentsDirectory"); ?></b>
</td>
<?php
$dolibarr_main_data_root = $force_install_main_data_root;
if (empty($dolibarr_main_data_root)) {
$dolibarr_main_data_root = detect_dolibarr_main_data_root($dolibarr_main_document_root);
}
?>
<td class="label" valign="top">
<input type="text"
size="60"
value="<?php print $dolibarr_main_data_root ?>"
name="main_data_dir"
<?php if (!empty($force_install_noedit)) {
print 'disabled';
} ?>
>
</td>
<td class="comment"><?php
print $langs->trans("WithNoSlashAtTheEnd")."<br>";
print $langs->trans("DirectoryRecommendation")."<br>";
print $langs->trans("Examples").":<br>";
?>
<ul>
<li>/var/lib/dolibarr/documents</li>
<li>C:/My Documents/dolibarr/</li>
</ul>
</td>
</tr>
<!-- Root URL $dolibarr_main_url_root -->
<?php
if (empty($dolibarr_main_url_root)) {
$dolibarr_main_url_root = detect_dolibarr_main_url_root();
}
?>
<tr>
<td valign="top" class="label"><b> <?php echo $langs->trans("URLRoot"); ?></b>
</td>
<td valign="top" class="label">
<input type="text"
size="60"
name="main_url"
value="<?php print $dolibarr_main_url_root; ?> "
<?php if (!empty($force_install_noedit)) {
print 'disabled';
} ?>
>
</td>
<td class="comment"><?php print $langs->trans("Examples").":<br>"; ?>
<ul>
<li>http://localhost/</li>
<li>http://www.myserver.com:8180/dolibarr</li>
</ul>
</td>
</tr>
<?php
if (! empty($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == 'on') { // Enabled if the installation process is "https://"
?>
<tr>
<td valign="top" class="label"><?php echo $langs->trans("ForceHttps"); ?></td>
<td class="label" valign="top">
<input type="checkbox"
name="main_force_https"
<?php if (!empty($force_install_mainforcehttps)) {
print 'checked';
} ?>
<?php if ($force_install_noedit == 2 && $force_install_mainforcehttps !== null) {
print 'disabled';
} ?>
>
</td>
<td class="comment"><?php echo $langs->trans("CheckToForceHttps"); ?>
</td>
</tr>
<?php
}
?>
<!-- Dolibarr database -->
<tr>
<td colspan="3" class="label" align="center"><br>
<h3><?php echo $langs->trans("DolibarrDatabase"); ?></h3>
</td>
</tr>
<tr>
<td class="label" valign="top"><b> <?php echo $langs->trans("DatabaseName"); ?>
</b></td>
<td class="label" valign="top">
<input type="text" id="db_name"
name="db_name"
value="<?php echo (!empty($dolibarr_main_db_name)) ? $dolibarr_main_db_name : ($force_install_database ? $force_install_database : 'dolibarr'); ?>"
<?php if ($force_install_noedit == 2 && $force_install_database !== null) {
print 'disabled';
} ?>
>
</td>
<td class="comment"><?php echo $langs->trans("DatabaseName"); ?></td>
</tr>
<?php
if (!isset($dolibarr_main_db_host))
{
$dolibarr_main_db_host = "localhost";
}
?>
<tr>
<!-- Driver type -->
<td valign="top" class="label"><b> <?php echo $langs->trans("DriverType"); ?>
</b></td>
<td class="label">
<?php
$defaultype=! empty($dolibarr_main_db_type)?$dolibarr_main_db_type:($force_install_type?$force_install_type:'mysqli');
$modules = array();
$nbok = $nbko = 0;
$option='';
// Scan les drivers
$dir=DOL_DOCUMENT_ROOT.'/core/db';
$handle=opendir($dir);
if (is_resource($handle))
{
while (($file = readdir($handle))!==false)
{
if (is_readable($dir."/".$file) && preg_match('/^(.*)\.class\.php$/i',$file,$reg))
{
$type=$reg[1];
if ($type === 'DoliDB') continue; // Skip abstract class
$class='DoliDB'.ucfirst($type);
include_once $dir."/".$file;
if ($type == 'sqlite') continue; // We hide sqlite because support can't be complete until sqlite does not manage foreign key creation after table creation (ALTER TABLE child ADD CONSTRAINT not supported)
if ($type == 'sqlite3') continue; // We hide sqlite3 because support can't be complete until sqlite does not manage foreign key creation after table creation (ALTER TABLE child ADD CONSTRAINT not supported)
// Version min of database
$versionbasemin=explode('.',$class::VERSIONMIN);
$note='('.$class::LABEL.' >= '.$class::VERSIONMIN.')';
// Switch to mysql if mysqli is not present
if ($defaultype=='mysqli' && !function_exists('mysqli_connect')) $defaultype = 'mysql';
// Show line into list
if ($type=='mysql') { $testfunction='mysql_connect'; $testclass=''; }
if ($type=='mysqli') { $testfunction='mysqli_connect'; $testclass=''; }
if ($type=='pgsql') { $testfunction='pg_connect'; $testclass=''; }
if ($type=='mssql') { $testfunction='mssql_connect'; $testclass=''; }
if ($type=='sqlite') { $testfunction=''; $testclass='PDO'; }
if ($type=='sqlite3') { $testfunction=''; $testclass='SQLite3'; }
$option.='<option value="'.$type.'"'.($defaultype == $type?' selected':'');
if ($testfunction && ! function_exists($testfunction)) $option.=' disabled';
if ($testclass && ! class_exists($testclass)) $option.=' disabled';
$option.='>';
$option.=$type.'&nbsp; &nbsp;';
if ($note) $option.=' '.$note;
// Deprecated and experimental
if ($type=='mysql') $option.=' ' . $langs->trans("Deprecated");
elseif ($type=='mssql') $option.=' '.$langs->trans("VersionExperimental");
elseif ($type=='sqlite') $option.=' '.$langs->trans("VersionExperimental");
elseif ($type=='sqlite3') $option.=' '.$langs->trans("VersionExperimental");
// No available
elseif (! function_exists($testfunction)) $option.=' - '.$langs->trans("FunctionNotAvailableInThisPHP");
$option.='</option>';
}
}
}
?>
<select id="db_type"
name="db_type"
<?php if ($force_install_noedit && $force_install_type !== null) {
print 'disabled';
} ?>
>
<?php print $option; ?>
</select>
</td>
<td class="comment"><?php echo $langs->trans("DatabaseType"); ?></td>
</tr>
<tr class="hidesqlite">
<td valign="top" class="label"><b> <?php echo $langs->trans("Server"); ?>
</b></td>
<td valign="top" class="label">
<input type="text"
name="db_host"
value="<?php print (!empty($force_install_dbserver) ? $force_install_dbserver : (!empty($dolibarr_main_db_host) ? $dolibarr_main_db_host : 'localhost')); ?>"
<?php if ($force_install_noedit == 2 && $force_install_dbserver !== null) {
print ' disabled';
} ?>
>
</td>
<td class="comment"><?php echo $langs->trans("ServerAddressDescription"); ?>
</td>
</tr>
<tr class="hidesqlite">
<td valign="top" class="label"><?php echo $langs->trans("Port"); ?></td>
<td valign="top" class="label">
<input type="text"
name="db_port"
id="db_port"
value="<?php print (!empty($force_install_port)) ? $force_install_port : $dolibarr_main_db_port; ?>"
<?php if ($force_install_noedit == 2 && $force_install_port !== null) {
print ' disabled';
} ?>
>
</td>
<td class="comment"><?php echo $langs->trans("ServerPortDescription"); ?>
</td>
</tr>
<tr class="hidesqlite">
<td class="label" valign="top"><?php echo $langs->trans("DatabasePrefix"); ?>
</td>
<td class="label" valign="top">
<input type="text" id="db_prefix"
name="db_prefix"
value="<?php echo(!empty($force_install_prefix) ? $force_install_prefix : (!empty($dolibarr_main_db_prefix) ? $dolibarr_main_db_prefix : 'llx_')); ?>"
<?php if ($force_install_noedit == 2 && $force_install_prefix !== null) {
print ' disabled';
} ?>
>
</td>
<td class="comment"><?php echo $langs->trans("DatabasePrefix"); ?></td>
</tr>
<tr class="hidesqlite">
<td class="label" valign="top"><?php echo $langs->trans("CreateDatabase"); ?>
</td>
<td class="label" valign="top">
<input type="checkbox"
id="db_create_database"
name="db_create_database"
<?php if ($force_install_createdatabase) {
print ' checked';
} ?>
<?php if ($force_install_noedit == 2 && $force_install_createdatabase !== null) {
print ' disabled';
} ?>
>
</td>
<td class="comment"><?php echo $langs->trans("CheckToCreateDatabase"); ?>
</td>
</tr>
<tr class="hidesqlite">
<td class="label" valign="top"><b><?php echo $langs->trans("Login"); ?></b>
</td>
<td class="label" valign="top">
<input type="text" id="db_user"
name="db_user"
value="<?php print (!empty($force_install_databaselogin)) ? $force_install_databaselogin : $dolibarr_main_db_user; ?>"
<?php if ($force_install_noedit == 2 && $force_install_databaselogin !== null) {
print ' disabled';
} ?>
>
</td>
<td class="comment"><?php echo $langs->trans("AdminLogin"); ?></td>
</tr>
<tr class="hidesqlite">
<td class="label" valign="top"><b><?php echo $langs->trans("Password"); ?></b>
</td>
<td class="label" valign="top">
<input type="password" id="db_pass" autocomplete="off"
name="db_pass"
value="<?php
// We don't want to set password. It will be extracted from the forced install file at step1.
$autofill = ((!empty($_SESSION['dol_save_pass'])) ? $_SESSION['dol_save_pass'] : '');
if (!empty($dolibarr_main_prod)) {
$autofill = '';
}
print dol_escape_htmltag($autofill);
?>"
<?php if ($force_install_noedit == 2 && $force_install_databasepass !== null) {
print 'disabled';
} ?>
>
</td>
<td class="comment"><?php echo $langs->trans("AdminPassword"); ?></td>
</tr>
<tr class="hidesqlite">
<td class="label" valign="top"><?php echo $langs->trans("CreateUser"); ?>
</td>
<td class="label" valign="top">
<input type="checkbox"
id="db_create_user" name="db_create_user"
<?php if (!empty($force_install_createuser)) {
print 'checked';
} ?>
<?php if ($force_install_noedit == 2 && $force_install_createuser !== null) {
print 'disabled';
} ?>
>
</td>
<td class="comment"><?php echo $langs->trans("CheckToCreateUser"); ?>
</td>
</tr>
<!-- Super access -->
<?php
$force_install_databaserootlogin = parse_database_login($force_install_databaserootlogin);
$force_install_databaserootpass = parse_database_pass($force_install_databaserootpass);
?>
<tr class="hidesqlite hideroot">
<td colspan="3" class="label" align="center"><br>
<h3><?php echo $langs->trans("DatabaseSuperUserAccess"); ?></h3>
</td>
</tr>
<tr class="hidesqlite hideroot">
<td class="label" valign="top"><b><?php echo $langs->trans("Login"); ?></b></td>
<td class="label" valign="top">
<input type="text"
id="db_user_root"
name="db_user_root"
class="needroot"
value="<?php print (!empty($force_install_databaserootlogin)) ? $force_install_databaserootlogin : $db_user_root; ?>"
<?php if ($force_install_noedit == 2 && $force_install_databaserootlogin !== null) {
print 'disabled';
} ?>
>
</td>
<td class="comment"><?php echo $langs->trans("DatabaseRootLoginDescription"); ?>
<!--
<?php echo '<br>'.$langs->trans("Examples").':<br>' ?>
<ul>
<li>root (Mysql)</li>
<li>postgres (PostgreSql)</li>
</ul>
</td>
-->
</tr>
<tr class="hidesqlite hideroot">
<td class="label" valign="top"><b><?php echo $langs->trans("Password"); ?></b>
</td>
<td class="label" valign="top">
<input type="password"
autocomplete="off"
id="db_pass_root"
name="db_pass_root"
class="needroot"
value="<?php
// We don't want to set password. It will be extracted from the forced install file at step1.
$autofill = ((!empty($force_install_database_rootpass)) ? '' : $db_pass_root);
if (!empty($dolibarr_main_prod)) {
$autofill = '';
} // Do not autofill password if instance is a production instance
if (!empty($_SERVER["SERVER_NAME"]) && !in_array($_SERVER["SERVER_NAME"],
array('127.0.0.1', 'localhost'))
) {
$autofill = '';
} // Do not autofill password for remote access
print dol_escape_htmltag($autofill);
?>"
<?php if ($force_install_noedit == 2 && $force_install_databaserootpass !== null) {
print ' disabled';
} ?>
>
</td>
<td class="comment"><?php echo $langs->trans("KeepEmptyIfNoPassword"); ?>
</td>
</tr>
</table>
</div>
<script type="text/javascript">
jQuery(document).ready(function() {
var dbtype = jQuery("#db_type");
dbtype.change(function () {
if (dbtype.val() == 'sqlite' || dbtype.val() == 'sqlite3') {
jQuery(".hidesqlite").hide();
} else {
jQuery(".hidesqlite").show();
}
// Automatically set default database ports and admin user
if (dbtype.val() == 'mysql' || dbtype.val() == 'mysqli') {
jQuery("#db_port").val(3306);
jQuery("#db_user_root").val('root');
} else if (dbtype.val() == 'pgsql') {
jQuery("#db_port").val(5432);
jQuery("#db_user_root").val('postgres');
} else if (dbtype.val() == 'mssql') {
jQuery("#db_port").val(1433);
jQuery("#db_user_root").val('sa');
}
});
function init_needroot()
{
/*alert(jQuery("#db_create_database").prop("checked")); */
if (jQuery("#db_create_database").is(":checked") || jQuery("#db_create_user").is(":checked"))
{
jQuery(".hideroot").show();
jQuery(".needroot").removeAttr('disabled');
}
else
{
jQuery(".hideroot").hide();
jQuery(".needroot").prop('disabled', true);
}
}
init_needroot();
jQuery("#db_create_database").click(function() {
init_needroot();
});
jQuery("#db_create_user").click(function() {
init_needroot();
});
<?php if ($force_install_noedit == 2 && empty($force_install_databasepass)) { ?>
jQuery("#db_pass").focus();
<?php } ?>
});
function checkDatabaseName(databasename) {
if (databasename.match(/[;\.]/)) { return false; }
return true;
}
function jscheckparam()
{
ok=true;
if (document.forminstall.main_dir.value == '')
{
ok=false;
alert('<?php echo dol_escape_js($langs->transnoentities("ErrorFieldRequired",$langs->transnoentitiesnoconv("WebPagesDirectory"))); ?>');
}
else if (document.forminstall.main_data_dir.value == '')
{
ok=false;
alert('<?php echo dol_escape_js($langs->transnoentities("ErrorFieldRequired",$langs->transnoentitiesnoconv("DocumentsDirectory"))); ?>');
}
else if (document.forminstall.main_url.value == '')
{
ok=false;
alert('<?php echo dol_escape_js($langs->transnoentities("ErrorFieldRequired",$langs->transnoentitiesnoconv("URLRoot"))); ?>');
}
else if (document.forminstall.db_host.value == '')
{
ok=false;
alert('<?php echo dol_escape_js($langs->transnoentities("ErrorFieldRequired",$langs->transnoentitiesnoconv("Server"))); ?>');
}
else if (document.forminstall.db_name.value == '')
{
ok=false;
alert('<?php echo dol_escape_js($langs->transnoentities("ErrorFieldRequired",$langs->transnoentitiesnoconv("DatabaseName"))); ?>');
}
else if (! checkDatabaseName(document.forminstall.db_name.value))
{
ok=false;
alert('<?php echo dol_escape_js($langs->transnoentities("ErrorSpecialCharNotAllowedForField",$langs->transnoentitiesnoconv("DatabaseName"))); ?>');
}
// If create database asked
else if (document.forminstall.db_create_database.checked == true && (document.forminstall.db_user_root.value == ''))
{
ok=false;
alert('<?php echo dol_escape_js($langs->transnoentities("YouAskToCreateDatabaseSoRootRequired")); ?>');
}
else if (document.forminstall.db_create_database.checked == true && (document.forminstall.db_user_root.value == ''))
{
ok=false;
alert('<?php echo dol_escape_js($langs->transnoentities("YouAskToCreateDatabaseSoRootRequired")); ?>');
}
// If create user asked
else if (document.forminstall.db_create_user.checked == true && (document.forminstall.db_user_root.value == ''))
{
ok=false;
alert('<?php echo dol_escape_js($langs->transnoentities("YouAskToCreateDatabaseUserSoRootRequired")); ?>');
}
else if (document.forminstall.db_create_user.checked == true && (document.forminstall.db_user_root.value == ''))
{
ok=false;
alert('<?php echo dol_escape_js($langs->transnoentities("YouAskToCreateDatabaseUserSoRootRequired")); ?>');
}
return ok;
}
</script>
<?php
// $db->close(); Not database connexion yet
dolibarr_install_syslog("--- fileconf: end");
pFooter($err,$setuplang,'jscheckparam');
Reference in New Issue View Git Blame Copy Permalink