]> git.wh0rd.org - tt-rss.git/blob - install/index.php
git.wh0rd.org / tt-rss.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Removing required attribute from database password field
[tt-rss.git] / install / index.php
1 <html>
2 <head>
3 <title>Tiny Tiny RSS - Installer</title>
4 <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
5 <link rel="stylesheet" type="text/css" href="../css/utility.css">
6 <link rel="stylesheet" type="text/css" href="../css/dijit.css">
7 <style type="text/css">
8 textarea { font-size : 12px; }
9 </style>
10 </head>
11 <body>
12
13 <?php
14
15 // could be needed because of existing config.php
16 function define_default($param, $value) {
17 //
18 }
19
20 function make_password($length = 8) {
21
22 $password = "";
23 $possible = "0123456789abcdfghjkmnpqrstvwxyzABCDFGHJKMNPQRSTVWXYZ*%+^";
24
25 $i = 0;
26
27 while ($i < $length) {
28 $char = substr($possible, mt_rand(0, strlen($possible)-1), 1);
29
30 if (!strstr($password, $char)) {
31 $password .= $char;
32 $i++;
33 }
34 }
35 return $password;
36 }
37
38
39 function sanity_check($db_type) {
40 $errors = array();
41
42 if (version_compare(PHP_VERSION, '5.3.0', '<')) {
43 array_push($errors, "PHP version 5.3.0 or newer required.");
44 }
45
46 if (!function_exists("curl_init") && !ini_get("allow_url_fopen")) {
47 array_push($errors, "PHP configuration option allow_url_fopen is disabled, and CURL functions are not present. Either enable allow_url_fopen or install PHP extension for CURL.");
48 }
49
50 if (!function_exists("json_encode")) {
51 array_push($errors, "PHP support for JSON is required, but was not found.");
52 }
53
54 if ($db_type == "mysql" && !function_exists("mysql_connect") && !function_exists("mysqli_connect")) {
55 array_push($errors, "PHP support for MySQL is required for configured $db_type in config.php.");
56 }
57
58 if ($db_type == "pgsql" && !function_exists("pg_connect")) {
59 array_push($errors, "PHP support for PostgreSQL is required for configured $db_type in config.php");
60 }
61
62 if (!function_exists("mb_strlen")) {
63 array_push($errors, "PHP support for mbstring functions is required but was not found.");
64 }
65
66 if (!function_exists("hash")) {
67 array_push($errors, "PHP support for hash() function is required but was not found.");
68 }
69
70 if (!function_exists("ctype_lower")) {
71 array_push($errors, "PHP support for ctype functions are required by HTMLPurifier.");
72 }
73
74 if (!function_exists("iconv")) {
75 array_push($errors, "PHP support for iconv is required to handle multiple charsets.");
76 }
77
78 /* if (ini_get("safe_mode")) {
79 array_push($errors, "PHP safe mode setting is not supported.");
80 } */
81
82 if (!class_exists("DOMDocument")) {
83 array_push($errors, "PHP support for DOMDocument is required, but was not found.");
84 }
85
86 return $errors;
87 }
88
89 function print_error($msg) {
90 print "<div class='error'><span><img src='../images/alert.png'></span>
91 <span>$msg</span></div>";
92 }
93
94 function print_notice($msg) {
95 print "<div class=\"notice\">
96 <span><img src=\"../images/information.png\"></span><span>$msg</span></div>";
97 }
98
99 function db_connect($host, $user, $pass, $db, $type, $port = false) {
100 if ($type == "pgsql") {
101
102 $string = "dbname=$db user=$user";
103
104 if ($pass) {
105 $string .= " password=$pass";
106 }
107
108 if ($host) {
109 $string .= " host=$host";
110 }
111
112 if ($port) {
113 $string = "$string port=" . $port;
114 }
115
116 $link = pg_connect($string);
117
118 return $link;
119
120 } else if ($type == "mysql") {
121 if (function_exists("mysqli_connect")) {
122 if ($port)
123 return mysqli_connect($host, $user, $pass, $db, $port);
124 else
125 return mysqli_connect($host, $user, $pass, $db);
126
127 } else {
128 $link = mysql_connect($host, $user, $pass);
129 if ($link) {
130 $result = mysql_select_db($db, $link);
131 if ($result) return $link;
132 }
133 }
134 }
135 }
136
137 function make_config($DB_TYPE, $DB_HOST, $DB_USER, $DB_NAME, $DB_PASS,
138 $DB_PORT, $SELF_URL_PATH) {
139
140 $data = explode("\n", file_get_contents("../config.php-dist"));
141
142 $rv = "";
143
144 $finished = false;
145
146 if (function_exists("mcrypt_decrypt")) {
147 $crypt_key = make_password(24);
148 } else {
149 $crypt_key = "";
150 }
151
152 foreach ($data as $line) {
153 if (preg_match("/define\('DB_TYPE'/", $line)) {
154 $rv .= "\tdefine('DB_TYPE', '$DB_TYPE');\n";
155 } else if (preg_match("/define\('DB_HOST'/", $line)) {
156 $rv .= "\tdefine('DB_HOST', '$DB_HOST');\n";
157 } else if (preg_match("/define\('DB_USER'/", $line)) {
158 $rv .= "\tdefine('DB_USER', '$DB_USER');\n";
159 } else if (preg_match("/define\('DB_NAME'/", $line)) {
160 $rv .= "\tdefine('DB_NAME', '$DB_NAME');\n";
161 } else if (preg_match("/define\('DB_PASS'/", $line)) {
162 $rv .= "\tdefine('DB_PASS', '$DB_PASS');\n";
163 } else if (preg_match("/define\('DB_PORT'/", $line)) {
164 $rv .= "\tdefine('DB_PORT', '$DB_PORT');\n";
165 } else if (preg_match("/define\('SELF_URL_PATH'/", $line)) {
166 $rv .= "\tdefine('SELF_URL_PATH', '$SELF_URL_PATH');\n";
167 } else if (preg_match("/define\('FEED_CRYPT_KEY'/", $line)) {
168 $rv .= "\tdefine('FEED_CRYPT_KEY', '$crypt_key');\n";
169 } else if (!$finished) {
170 $rv .= "$line\n";
171 }
172
173 if (preg_match("/\?\>/", $line)) {
174 $finished = true;
175 }
176 }
177
178 return $rv;
179 }
180
181 function db_query($link, $query, $type, $die_on_error = true) {
182 if ($type == "pgsql") {
183 $result = pg_query($link, $query);
184 if (!$result) {
185 $query = htmlspecialchars($query); // just in case
186 if ($die_on_error) {
187 die("Query <i>$query</i> failed [$result]: " . ($link ? pg_last_error($link) : "No connection"));
188 }
189 }
190 return $result;
191 } else if ($type == "mysql") {
192
193 if (function_exists("mysqli_connect")) {
194 $result = mysqli_query($link, $query);
195 } else {
196 $result = mysql_query($query, $link);
197 }
198 if (!$result) {
199 $query = htmlspecialchars($query);
200 if ($die_on_error) {
201 die("Query <i>$query</i> failed: " . ($link ? function_exists("mysqli_connect") ? mysqli_error($link) : mysql_error($link) : "No connection"));
202 }
203 }
204 return $result;
205 }
206 }
207
208 function make_self_url_path() {
209 $url_path = ((!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != "on") ? 'http://' : 'https://') . $_SERVER["HTTP_HOST"] . parse_url($_SERVER["REQUEST_URI"], PHP_URL_PATH);
210
211 return $url_path;
212 }
213
214 ?>
215
216 <div class="floatingLogo"><img src="../images/logo_small.png"></div>
217
218 <h1>Tiny Tiny RSS Installer</h1>
219
220 <div class='content'>
221
222 <?php
223
224 if (file_exists("../config.php")) {
225 require "../config.php";
226
227 if (!defined('_INSTALLER_IGNORE_CONFIG_CHECK')) {
228 print_error("Error: config.php already exists in tt-rss directory; aborting.");
229 exit;
230 }
231 }
232
233 @$op = $_REQUEST['op'];
234
235 @$DB_HOST = strip_tags($_POST['DB_HOST']);
236 @$DB_TYPE = strip_tags($_POST['DB_TYPE']);
237 @$DB_USER = strip_tags($_POST['DB_USER']);
238 @$DB_NAME = strip_tags($_POST['DB_NAME']);
239 @$DB_PASS = strip_tags($_POST['DB_PASS']);
240 @$DB_PORT = strip_tags($_POST['DB_PORT']);
241 @$SELF_URL_PATH = strip_tags($_POST['SELF_URL_PATH']);
242
243 if (!$SELF_URL_PATH) {
244 $SELF_URL_PATH = preg_replace("/\/install\/$/", "/", make_self_url_path());
245 }
246 ?>
247
248 <form action="" method="post">
249 <input type="hidden" name="op" value="testconfig">
250
251 <h2>Database settings</h2>
252
253 <?php
254 $issel_pgsql = $DB_TYPE == "pgsql" ? "selected" : "";
255 $issel_mysql = $DB_TYPE == "mysql" ? "selected" : "";
256 ?>
257
258 <fieldset>
259 <label>Database type</label>
260 <select name="DB_TYPE">
261 <option <?php echo $issel_pgsql ?> value="pgsql">PostgreSQL</option>
262 <option <?php echo $issel_mysql ?> value="mysql">MySQL</option>
263 </select>
264 </fieldset>
265
266 <fieldset>
267 <label>Username</label>
268 <input required name="DB_USER" size="20" value="<?php echo $DB_USER ?>"/>
269 </fieldset>
270
271 <fieldset>
272 <label>Password</label>
273 <input name="DB_PASS" size="20" type="password" value="<?php echo $DB_PASS ?>"/>
274 </fieldset>
275
276 <fieldset>
277 <label>Database name</label>
278 <input required name="DB_NAME" size="20" value="<?php echo $DB_NAME ?>"/>
279 </fieldset>
280
281 <fieldset>
282 <label>Host name</label>
283 <input name="DB_HOST" size="20" value="<?php echo $DB_HOST ?>"/>
284 <span class="hint">If needed</span>
285 </fieldset>
286
287 <fieldset>
288 <label>Port</label>
289 <input name="DB_PORT" type="number" size="20" value="<?php echo $DB_PORT ?>"/>
290 <span class="hint">Usually 3306 for MySQL or 5432 for PostgreSQL</span>
291 </fieldset>
292
293 <h2>Other settings</h2>
294
295 <p>This should be set to the location your Tiny Tiny RSS will be available on.</p>
296
297 <fieldset>
298 <label>Tiny Tiny RSS URL</label>
299 <input type="url" name="SELF_URL_PATH" placeholder="<?php echo $SELF_URL_PATH; ?>" size="60" value="<?php echo $SELF_URL_PATH ?>"/>
300 </fieldset>
301
302
303 <p><input type="submit" value="Test configuration"></p>
304
305 </form>
306
307 <?php if ($op == 'testconfig') { ?>
308
309 <h2>Checking configuration</h2>
310
311 <?php
312 $errors = sanity_check($DB_TYPE);
313
314 if (count($errors) > 0) {
315 print "<p>Some configuration tests failed. Please correct them before continuing.</p>";
316
317 print "<ul>";
318
319 foreach ($errors as $error) {
320 print "<li style='color : red'>$error</li>";
321 }
322
323 print "</ul>";
324
325 exit;
326 }
327
328 $notices = array();
329
330 if (!function_exists("curl_init")) {
331 array_push($notices, "It is highly recommended to enable support for CURL in PHP.");
332 }
333
334 if (count($notices) > 0) {
335 print_notice("Configuration check succeeded with minor problems:");
336
337 print "<ul>";
338
339 foreach ($notices as $notice) {
340 print "<li>$notice</li>";
341 }
342
343 print "</ul>";
344 } else {
345 print_notice("Configuration check succeeded.");
346 }
347
348 ?>
349
350 <h2>Checking database</h2>
351
352 <?php
353 $link = db_connect($DB_HOST, $DB_USER, $DB_PASS, $DB_NAME, $DB_TYPE, $DB_PORT);
354
355 if (!$link) {
356 print_error("Unable to connect to database using specified parameters.");
357 exit;
358 }
359
360 print_notice("Database test succeeded."); ?>
361
362 <h2>Initialize database</h2>
363
364 <p>Before you can start using tt-rss, database needs to be initialized. Click on the button below to do that now.</p>
365
366 <?php
367 $result = @db_query($link, "SELECT true FROM ttrss_feeds", $DB_TYPE, false);
368
369 if ($result) {
370 print_error("Existing tt-rss tables will be removed from the database. If you would like to keep your data, skip database initialization.");
371 $need_confirm = true;
372 } else {
373 $need_confirm = false;
374 }
375 ?>
376
377 <table><tr><td>
378 <form method="post">
379 <input type="hidden" name="op" value="installschema">
380
381 <input type="hidden" name="DB_USER" value="<?php echo $DB_USER ?>"/>
382 <input type="hidden" name="DB_PASS" value="<?php echo $DB_PASS ?>"/>
383 <input type="hidden" name="DB_NAME" value="<?php echo $DB_NAME ?>"/>
384 <input type="hidden" name="DB_HOST" value="<?php echo $DB_HOST ?>"/>
385 <input type="hidden" name="DB_PORT" value="<?php echo $DB_PORT ?>"/>
386 <input type="hidden" name="DB_TYPE" value="<?php echo $DB_TYPE ?>"/>
387 <input type="hidden" name="SELF_URL_PATH" value="<?php echo $SELF_URL_PATH ?>"/>
388
389 <?php if ($need_confirm) { ?>
390 <p><input onclick="return confirm('Please read the warning above. Continue?')" type="submit" value="Initialize database" style="color : red"></p>
391 <?php } else { ?>
392 <p><input type="submit" value="Initialize database" style="color : red"></p>
393 <?php } ?>
394 </form>
395
396 </td><td>
397 <form method="post">
398 <input type="hidden" name="DB_USER" value="<?php echo $DB_USER ?>"/>
399 <input type="hidden" name="DB_PASS" value="<?php echo $DB_PASS ?>"/>
400 <input type="hidden" name="DB_NAME" value="<?php echo $DB_NAME ?>"/>
401 <input type="hidden" name="DB_HOST" value="<?php echo $DB_HOST ?>"/>
402 <input type="hidden" name="DB_PORT" value="<?php echo $DB_PORT ?>"/>
403 <input type="hidden" name="DB_TYPE" value="<?php echo $DB_TYPE ?>"/>
404 <input type="hidden" name="SELF_URL_PATH" value="<?php echo $SELF_URL_PATH ?>"/>
405
406 <input type="hidden" name="op" value="skipschema">
407 <p><input type="submit" value="Skip initialization"></p>
408 </form>
409
410 </td></tr></table>
411
412 <?php
413
414 } else if ($op == 'installschema' || $op == 'skipschema') {
415
416 $link = db_connect($DB_HOST, $DB_USER, $DB_PASS, $DB_NAME, $DB_TYPE, $DB_PORT);
417
418 if (!$link) {
419 print_error("Unable to connect to database using specified parameters.");
420 exit;
421 }
422
423 if ($op == 'installschema') {
424
425 print "<h2>Initializing database...</h2>";
426
427 $lines = explode(";", preg_replace("/[\r\n]/", "", file_get_contents("../schema/ttrss_schema_".basename($DB_TYPE).".sql")));
428
429 foreach ($lines as $line) {
430 if (strpos($line, "--") !== 0 && $line) {
431 db_query($link, $line, $DB_TYPE);
432 }
433 }
434
435 print_notice("Database initialization completed.");
436
437 } else {
438 print_notice("Database initialization skipped.");
439 }
440
441 print "<h2>Generated configuration file</h2>";
442
443 print "<p>Copy following text and save as <code>config.php</code> in tt-rss main directory. It is suggested to read through the file to the end in case you need any options changed fom default values.</p>";
444
445 print "<p>After copying the file, you will be able to login with default username and password combination: <code>admin</code> and <code>password</code>. Don't forget to change the password immediately!</p>"; ?>
446
447 <form action="" method="post">
448 <input type="hidden" name="op" value="saveconfig">
449 <input type="hidden" name="DB_USER" value="<?php echo $DB_USER ?>"/>
450 <input type="hidden" name="DB_PASS" value="<?php echo $DB_PASS ?>"/>
451 <input type="hidden" name="DB_NAME" value="<?php echo $DB_NAME ?>"/>
452 <input type="hidden" name="DB_HOST" value="<?php echo $DB_HOST ?>"/>
453 <input type="hidden" name="DB_PORT" value="<?php echo $DB_PORT ?>"/>
454 <input type="hidden" name="DB_TYPE" value="<?php echo $DB_TYPE ?>"/>
455 <input type="hidden" name="SELF_URL_PATH" value="<?php echo $SELF_URL_PATH ?>"/>
456 <?php print "<textarea cols=\"80\" rows=\"20\">";
457 echo make_config($DB_TYPE, $DB_HOST, $DB_USER, $DB_NAME, $DB_PASS,
458 $DB_PORT, $SELF_URL_PATH);
459 print "</textarea>"; ?>
460
461 <?php if (is_writable("..")) { ?>
462 <p>We can also try saving the file automatically now.</p>
463
464 <p><input type="submit" value="Save configuration"></p>
465 </form>
466 <?php } else {
467 print_error("Unfortunately, parent directory is not writable, so we're unable to save config.php automatically.");
468 }
469
470 print_notice("You can generate the file again by changing the form above.");
471
472 } else if ($op == "saveconfig") {
473
474 print "<h2>Saving configuration file to parent directory...</h2>";
475
476 if (!file_exists("../config.php")) {
477
478 $fp = fopen("../config.php", "w");
479
480 if ($fp) {
481 $written = fwrite($fp, make_config($DB_TYPE, $DB_HOST,
482 $DB_USER, $DB_NAME, $DB_PASS,
483 $DB_PORT, $SELF_URL_PATH));
484
485 if ($written > 0) {
486 print_notice("Successfully saved config.php. You can try <a href=\"..\">loading tt-rss now</a>.");
487
488 } else {
489 print_notice("Unable to write into config.php in tt-rss directory.");
490 }
491
492 fclose($fp);
493 } else {
494 print_error("Unable to open config.php in tt-rss directory for writing.");
495 }
496 } else {
497 print_error("config.php already present in tt-rss directory, refusing to overwrite.");
498 }
499 }
500 ?>
501
502 </div>
503
504 </body>
505 </html>
web-based news feed (RSS/Atom) reader and aggregator; see https://tt-rss.org/