';
if (function_exists('doStep' . $_GET['step']))
call_user_func('doStep' . $_GET['step']);
echo '
';
function initialize_inputs()
{
// Turn off magic quotes runtime and enable error reporting.
@set_magic_quotes_runtime(0);
error_reporting(E_ALL);
// Fun. Low PHP version...
if (!isset($_GET))
{
$GLOBALS['_GET']['step'] = 0;
return;
}
if (!isset($_GET['obgz']))
{
ob_start();
if (@ini_get('session.save_handler') == 'user')
@ini_set('session.save_handler', 'files');
if (function_exists('session_start'))
@session_start();
}
else
{
ob_start('ob_gzhandler');
if (@ini_get('session.save_handler') == 'user')
@ini_set('session.save_handler', 'files');
session_start();
if (!headers_sent())
echo '
', htmlspecialchars($_GET['pass_string']), '', htmlspecialchars($_GET['pass_string']), '
';
exit;
}
// Add slashes, as long as they aren't already being added.
if (@get_magic_quotes_gpc() == 0)
{
foreach ($_POST as $k => $v)
$_POST[$k] = addslashes($v);
}
// This is really quite simple; if ?delete is on the URL, delete the installer...
if (isset($_GET['delete']))
{
if (isset($_SESSION['installer_temp_ftp']))
{
$ftp = new ftp_connection($_SESSION['installer_temp_ftp']['server'], $_SESSION['installer_temp_ftp']['port'], $_SESSION['installer_temp_ftp']['username'], $_SESSION['installer_temp_ftp']['password']);
$ftp->chdir($_SESSION['installer_temp_ftp']['path']);
$ftp->unlink('install.php');
$ftp->unlink('webinstall.php');
$ftp->unlink('install_1-1.sql');
$ftp->close();
unset($_SESSION['installer_temp_ftp']);
}
else
{
@unlink(__FILE__);
@unlink(dirname(__FILE__) . '/webinstall.php');
@unlink(dirname(__FILE__) . '/install_1-1.sql');
}
// Now just redirect to a blank.gif...
header('Location: http://' . (isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : $_SERVER['SERVER_NAME'] . ':' . $_SERVER['SERVER_PORT']) . dirname($_SERVER['PHP_SELF']) . '/Themes/default/images/blank.gif');
exit;
}
// Force an integer step, defaulting to 0.
$_GET['step'] = (int) @$_GET['step'];
}
// Load the list of language files, and the current language file.
function load_lang_file()
{
global $txt;
$GLOBALS['detected_languages'] = array();
// Make sure the languages directory actually exists.
if (file_exists(dirname(__FILE__) . '/Themes/default/languages'))
{
// Find all the "Install" language files in the directory.
$dir = dir(dirname(__FILE__) . '/Themes/default/languages');
while ($entry = $dir->read())
{
if (substr($entry, 0, 8) == 'Install.' && substr($entry, -4) == '.php')
$GLOBALS['detected_languages'][$entry] = ucfirst(substr($entry, 8, strlen($entry) - 12));
}
$dir->close();
}
// Didn't find any, show an error message!
if (empty($GLOBALS['detected_languages']))
{
// Let's not cache this message, eh?
header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
header('Cache-Control: no-cache');
echo '
SMF Installer: Error!
A critical error has occurred.
This installer was unable to find the installer\'s language file or files. They should be found under:
In some cases, FTP clients do not properly upload files with this many folders. Please double check to make sure you have uploaded all the files in the distribution.
If that doesn\'t help, please make sure this install.php file is in the same place as the Themes folder.
';
die;
}
// Override the language file?
if (isset($_GET['lang_file']))
$_SESSION['installer_temp_lang'] = $_GET['lang_file'];
elseif (isset($GLOBALS['HTTP_GET_VARS']['lang_file']))
$_SESSION['installer_temp_lang'] = $GLOBALS['HTTP_GET_VARS']['lang_file'];
// Make sure it exists, if it doesn't reset it.
if (!isset($_SESSION['installer_temp_lang']) || !file_exists(dirname(__FILE__) . '/Themes/default/languages/' . $_SESSION['installer_temp_lang']))
{
// Use the first one...
list ($_SESSION['installer_temp_lang']) = array_keys($GLOBALS['detected_languages']);
// If we have english and some other language, use the other language. We Americans hate english :P.
if ($_SESSION['installer_temp_lang'] == 'Install.english.php' && count($GLOBALS['detected_languages']) > 1)
list (, $_SESSION['installer_temp_lang']) = array_keys($GLOBALS['detected_languages']);
}
// And now include the actual language file itself.
require_once(dirname(__FILE__) . '/Themes/default/languages/' . $_SESSION['installer_temp_lang']);
}
// Step zero: Finding out how and where to install.
function doStep0()
{
global $txt;
// Just so people using older versions of PHP aren't left in the cold.
if (!isset($_SERVER['PHP_SELF']))
$_SERVER['PHP_SELF'] = isset($GLOBALS['HTTP_SERVER_VARS']['PHP_SELF']) ? $GLOBALS['HTTP_SERVER_VARS']['PHP_SELF'] : 'install.php';
// Show a language selection...
if (count($GLOBALS['detected_languages']) > 1)
{
echo '
';
}
// Check the PHP version.
if ((!function_exists('version_compare') || version_compare($GLOBALS['required_php_version'], PHP_VERSION) > 0) && !isset($_GET['overphp']))
{
echo '
';
return false;
}
// Is MySQL even compiled in?
if (!function_exists('mysql_connect'))
$error = 'error_mysql_missing';
// How about session support? Some crazy sysadmin remove it?
elseif (!function_exists('session_start'))
$error = 'error_session_missing';
// Make sure they uploaded all the files.
elseif (!file_exists(dirname(__FILE__) . '/index.php') || !file_exists(dirname(__FILE__) . '/install_1-1.sql'))
$error = 'error_missing_files';
// Very simple check on the session.save_path for Windows.
// !!! Move this down later if they don't use database-driven sessions?
elseif (session_save_path() == '/tmp' && substr(__FILE__, 1, 2) == ':\\')
$error = 'error_session_save_path';
// Since each of the three messages would look the same, anyway...
if (isset($error))
{
echo '
';
return false;
}
// Make sure all the files are properly writable (has its own messages...)
if (!make_files_writable())
return false;
// Mod_security blocks everything that smells funny. Let SMF handle security.
if (!fixModSecurity() && !isset($_GET['overmodsecurity']))
{
echo '
';
return false;
}
// Set up the defaults.
$db_server = @ini_get('mysql.default_host') or $db_server = 'localhost';
$db_user = isset($_POST['ftp_username']) ? $_POST['ftp_username'] : @ini_get('mysql.default_user');
$db_name = isset($_POST['ftp_username']) ? $_POST['ftp_username'] : @ini_get('mysql.default_user');
$db_passwd = @ini_get('mysql.default_password');
// This is just because it makes it easier for people on Lycos/Tripod UK :P.
if (isset($_SERVER['SERVER_NAME']) && $_SERVER['SERVER_NAME'] == 'members.lycos.co.uk' && defined('LOGIN'))
{
$db_user = LOGIN;
$db_name = LOGIN . '_uk_db';
}
// Should we use a non standard port?
$db_port = @ini_get('mysql.default_port');
if (!empty($db_port))
$db_server .= ':' . $db_port;
// What host and port are we on?
$host = empty($_SERVER['HTTP_HOST']) ? $_SERVER['SERVER_NAME'] . (empty($_SERVER['SERVER_PORT']) || $_SERVER['SERVER_PORT'] == '80' ? '' : ':' . $_SERVER['SERVER_PORT']) : $_SERVER['HTTP_HOST'];
// Now, to put what we've learned together... and add a path.
$url = 'http://' . $host . substr($_SERVER['PHP_SELF'], 0, strrpos($_SERVER['PHP_SELF'], '/'));
// Check if the database sessions will even work.
$test_dbsession = @ini_get('session.auto_start') != 1 && @version_compare(PHP_VERSION, '4.2.0') != -1;
echo '
';
return true;
}
// Step one: Do the SQL thang.
function doStep1()
{
global $txt, $db_connection;
if (substr($_POST['boardurl'], -10) == '/index.php')
$_POST['boardurl'] = substr($_POST['boardurl'], 0, -10);
elseif (substr($_POST['boardurl'], -1) == '/')
$_POST['boardurl'] = substr($_POST['boardurl'], 0, -1);
if (substr($_POST['boardurl'], 0, 7) != 'http://' && substr($_POST['boardurl'], 0, 7) != 'file://' && substr($_POST['boardurl'], 0, 8) != 'https://')
$_POST['boardurl'] = 'http://' . $_POST['boardurl'];
// Take care of these variables...
$vars = array(
'boardurl' => $_POST['boardurl'],
'boarddir' => addslashes(dirname(__FILE__)),
'sourcedir' => addslashes(dirname(__FILE__)) . '/Sources',
'db_name' => $_POST['db_name'],
'db_user' => $_POST['db_user'],
'db_passwd' => isset($_POST['db_passwd']) ? $_POST['db_passwd'] : '',
'db_server' => $_POST['db_server'],
'db_prefix' => preg_replace('~[^A-Za-z0-9_$]~', '', $_POST['db_prefix']),
'mbname' => $_POST['mbname'],
'language' => substr($_SESSION['installer_temp_lang'], 8, -4),
// The cookiename is special; we want it to be the same if it ever needs to be reinstalled with the same info.
'cookiename' => 'SMFCookie' . abs(crc32($_POST['db_name'] . preg_replace('~[^A-Za-z0-9_$]~', '', $_POST['db_prefix'])) % 1000),
);
// !!! if (is_numeric(substr($vars['db_prefix'], 0, 1)))
if (!updateSettingsFile($vars) && substr(__FILE__, 1, 2) == ':\\')
{
echo '
';
return false;
}
// Make sure it works.
require(dirname(__FILE__) . '/Settings.php');
// Attempt a connection.
$db_connection = @mysql_connect($db_server, $db_user, $db_passwd);
// No dice? Let's try adding the prefix they specified, just in case they misread the instructions ;).
if (!$db_connection)
{
$mysql_error = mysql_error();
$db_connection = @mysql_connect($db_server, $_POST['db_prefix'] . $db_user, $db_passwd);
if ($db_connection != false)
{
$db_user = $_POST['db_prefix'] . $db_user;
updateSettingsFile(array('db_user' => $db_user));
}
}
// Still no connection? Big fat error message :P.
if (!$db_connection)
{
echo '
';
return false;
}
// Do they meet the install requirements?
// !!! Old client, new server?
if (version_compare($GLOBALS['required_mysql_version'], preg_replace('~\-.+?$~', '', min(mysql_get_server_info(), mysql_get_client_info()))) > 0)
{
echo '
';
return false;
}
// Let's try that database on for size...
if ($db_name != '')
mysql_query("
CREATE DATABASE IF NOT EXISTS `$db_name`", $db_connection);
// Okay, let's try the prefix if it didn't work...
if (!mysql_select_db($db_name, $db_connection) && $db_name != '')
{
mysql_query("
CREATE DATABASE IF NOT EXISTS `$_POST[db_prefix]$db_name`", $db_connection);
if (mysql_select_db($_POST['db_prefix'] . $db_name, $db_connection))
{
$db_name = $_POST['db_prefix'] . $db_name;
updateSettingsFile(array('db_name' => $db_name));
}
}
// Okay, now let's try to connect...
if (!mysql_select_db($db_name, $db_connection))
{
echo '
';
return false;
}
// Before running any of the queries, let's make sure another version isn't already installed.
$result = mysql_query("
SELECT value
FROM {$db_prefix}settings
WHERE variable = 'smfVersion'
LIMIT 1");
if ($result !== false)
{
list ($database_version) = mysql_fetch_row($result);
mysql_free_result($result);
// Do they match? If so, this is just a refresh so charge on!
if ($database_version != $GLOBALS['current_smf_version'])
{
echo '
';
return false;
}
}
// UTF-8 requires a setting to override the language charset.
if (isset($_POST['utf8']))
{
if (version_compare('4.1.0', preg_replace('~\-.+?$~', '', mysql_get_server_info())) > 0)
{
echo '
';
return doStep2a();
}
// Step two-A: Ask for the administrator login information.
function doStep2a()
{
global $txt;
if (!isset($_POST['username']))
$_POST['username'] = '';
if (!isset($_POST['email']))
$_POST['email'] = '';
echo '
';
return true;
}
// Step two: Create the administrator, and finish.
function doStep2()
{
global $txt, $db_prefix, $db_connection, $HTTP_SESSION_VARS, $cookiename;
global $func, $db_character_set, $mbname, $context, $scripturl, $boardurl;
global $current_smf_version;
// Load the SQL server login information.
require_once(dirname(__FILE__) . '/Settings.php');
if (!isset($_POST['password3']))
return doStep2a();
$db_connection = @mysql_connect($db_server, $db_user, $_POST['password3']);
if (!$db_connection)
{
echo '
', $txt['error_mysql_connect'], '
';
return doStep2a();
}
if (!mysql_select_db($db_name, $db_connection))
{
echo '
';
// Don't show the box if it's like 99% sure it won't work :P.
if (isset($_SESSION['installer_temp_ftp']) || is_writable(dirname(__FILE__)) || is_writable(__FILE__))
echo '
';
return false;
}
// We're going to have to use... FTP!
elseif ($failure)
{
// Load any session data we might have...
if (!isset($_POST['ftp_username']) && isset($_SESSION['installer_temp_ftp']))
{
$_POST['ftp_server'] = $_SESSION['installer_temp_ftp']['server'];
$_POST['ftp_port'] = $_SESSION['installer_temp_ftp']['port'];
$_POST['ftp_username'] = $_SESSION['installer_temp_ftp']['username'];
$_POST['ftp_password'] = $_SESSION['installer_temp_ftp']['password'];
$_POST['ftp_path'] = $_SESSION['installer_temp_ftp']['path'];
}
if (isset($_POST['ftp_username']))
{
$ftp = new ftp_connection($_POST['ftp_server'], $_POST['ftp_port'], $_POST['ftp_username'], $_POST['ftp_password']);
if ($ftp->error === false)
{
// Try it without /home/abc just in case they messed up.
if (!$ftp->chdir($_POST['ftp_path']))
{
$ftp_error = $ftp->last_message;
$ftp->chdir(preg_replace('~^/home[2]?/[^/]+?~', '', $_POST['ftp_path']));
}
}
}
if (!isset($ftp) || $ftp->error !== false)
{
if (!isset($ftp))
$ftp = new ftp_connection(null);
// Save the error so we can mess with listing...
elseif ($ftp->error !== false && !isset($ftp_error))
$ftp_error = $ftp->last_message === null ? '' : $ftp->last_message;
list ($username, $detect_path, $found_path) = $ftp->detect_path(dirname(__FILE__));
if ($found_path || !isset($_POST['ftp_path']))
$_POST['ftp_path'] = $detect_path;
if (!isset($_POST['ftp_username']))
$_POST['ftp_username'] = $username;
echo '