<?php echo _t ('freshrss_installation'); ?>

From 8a5050289ef695dc4d388eecee692ad9d83e00ce Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Thu, 3 Jul 2014 21:20:11 +0200 Subject: New install logic Now the install.php is kept in ./app/ and the trigger is ./data/do-install.php There is no need anymore to have write access in ./p/i/ --- app/install.php | 1115 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 1115 insertions(+) create mode 100644 app/install.php (limited to 'app/install.php') diff --git a/app/install.php b/app/install.php new file mode 100644 index 000000000..9863dd556 --- /dev/null +++ b/app/install.php @@ -0,0 +1,1115 @@ + +define('SQL_BACKUP006', 'RENAME TABLE `%1$scategory` TO `%1$scategory006`, `%1$sfeed` TO `%1$sfeed006`, `%1$sentry` TO `%1$sentry006`;'); + +define('SQL_SHOW_COLUMNS_UPDATEv006', 'SHOW columns FROM `%1$sentry006` LIKE "id2";'); + +define('SQL_UPDATEv006', ' +ALTER TABLE `%1$scategory006` ADD id2 SMALLINT; + +SET @i = 0; +UPDATE `%1$scategory006` SET id2=(@i:=@i+1) ORDER BY id; + +ALTER TABLE `%1$sfeed006` ADD id2 SMALLINT, ADD category2 SMALLINT; + +SET @i = 0; +UPDATE `%1$sfeed006` SET id2=(@i:=@i+1) ORDER BY name; + +UPDATE `%1$sfeed006` f +INNER JOIN `%1$scategory006` c ON f.category = c.id +SET f.category2 = c.id2; + +INSERT IGNORE INTO `%2$scategory` (name) +SELECT name +FROM `%1$scategory006` +ORDER BY id2; + +INSERT IGNORE INTO `%2$sfeed` (url, category, name, website, description, priority, pathEntries, httpAuth, keep_history) +SELECT url, category2, name, website, description, priority, pathEntries, httpAuth, IF(keep_history = 1, -1, -2) +FROM `%1$sfeed006` +ORDER BY id2; + +ALTER TABLE `%1$sentry006` ADD id2 bigint; + +UPDATE `%1$sentry006` SET id2 = ((date * 1000000) + (rand() * 100000000)); + +INSERT IGNORE INTO `%2$sentry` (id, guid, title, author, link, date, is_read, is_favorite, id_feed, tags) +SELECT e0.id2, e0.guid, e0.title, e0.author, e0.link, e0.date, e0.is_read, e0.is_favorite, f0.id2, e0.tags +FROM `%1$sentry006` e0 +INNER JOIN `%1$sfeed006` f0 ON e0.id_feed = f0.id; +'); + +define('SQL_CONVERT_SELECTv006', ' +SELECT e0.id2, e0.content +FROM `%1$sentry006` e0 +INNER JOIN `%2$sentry` e1 ON e0.id2 = e1.id +WHERE e1.content_bin IS NULL'); + +define('SQL_CONVERT_UPDATEv006', 'UPDATE `%1$sentry` SET ' + . (isset($_SESSION['bd_type']) && $_SESSION['bd_type'] === 'mysql' ? 'content_bin=COMPRESS(?)' : 'content=?') + . ' WHERE id=?;'); + +define('SQL_DROP_BACKUPv006', 'DROP TABLE IF EXISTS `%1$sentry006`, `%1$sfeed006`, `%1$scategory006`;'); + +define('SQL_UPDATE_CACHED_VALUES', ' +UPDATE `%1$sfeed` f +INNER JOIN ( + SELECT e.id_feed, + COUNT(CASE WHEN e.is_read = 0 THEN 1 END) AS nbUnreads, + COUNT(e.id) AS nbEntries + FROM `%1$sentry` e + GROUP BY e.id_feed +) x ON x.id_feed=f.id +SET f.cache_nbEntries=x.nbEntries, f.cache_nbUnreads=x.nbUnreads +'); + +define('SQL_UPDATE_HISTORYv007b', 'UPDATE `%1$sfeed` SET keep_history = CASE WHEN keep_history = 0 THEN -2 WHEN keep_history = 1 THEN -1 ELSE keep_history END;'); + +define('SQL_GET_FEEDS', 'SELECT id, url, website FROM `%1$sfeed`;'); +// + +// gestion internationalisation +$translates = array (); +$actual = 'en'; +function initTranslate () { + global $translates; + global $actual; + + $actual = isset($_SESSION['language']) ? $_SESSION['language'] : getBetterLanguage('en'); + + $file = APP_PATH . '/i18n/' . $actual . '.php'; + if (file_exists($file)) { + $translates = array_merge($translates, include($file)); + } + + $file = APP_PATH . '/i18n/install.' . $actual . '.php'; + if (file_exists($file)) { + $translates = array_merge($translates, include($file)); + } +} + +function getBetterLanguage ($fallback) { + $available = availableLanguages (); + $accept = $_SERVER['HTTP_ACCEPT_LANGUAGE']; + $language = strtolower (substr ($accept, 0, 2)); + + if (isset ($available[$language])) { + return $language; + } else { + return $fallback; + } +} +function availableLanguages () { + return array ( + 'en' => 'English', + 'fr' => 'Français' + ); +} +function _t ($key) { + global $translates; + $translate = $key; + if (isset ($translates[$key])) { + $translate = $translates[$key]; + } + + $args = func_get_args (); + unset($args[0]); + + return vsprintf ($translate, $args); +} + +/*** SAUVEGARDES ***/ +function saveLanguage () { + if (!empty ($_POST)) { + if (!isset ($_POST['language'])) { + return false; + } + + $_SESSION['language'] = $_POST['language']; + + header ('Location: index.php?step=1'); + } +} +function saveStep2 () { + if (!empty ($_POST)) { + if (empty ($_POST['title']) || + empty ($_POST['old_entries']) || + empty ($_POST['auth_type']) || + empty ($_POST['default_user'])) { + return false; + } + + $_SESSION['salt'] = sha1(uniqid(mt_rand(), true).implode('', stat(__FILE__))); + $_SESSION['title'] = substr(trim($_POST['title']), 0, 25); + $_SESSION['old_entries'] = $_POST['old_entries']; + if ((!ctype_digit($_SESSION['old_entries'])) || ($_SESSION['old_entries'] < 1)) { + $_SESSION['old_entries'] = 3; + } + $_SESSION['mail_login'] = filter_var($_POST['mail_login'], FILTER_VALIDATE_EMAIL); + $_SESSION['default_user'] = substr(preg_replace('/[^a-zA-Z0-9]/', '', $_POST['default_user']), 0, 16); + $_SESSION['auth_type'] = $_POST['auth_type']; + if (!empty($_POST['passwordPlain'])) { + if (!function_exists('password_hash')) { + include_once(LIB_PATH . '/password_compat.php'); + } + $passwordHash = password_hash($_POST['passwordPlain'], PASSWORD_BCRYPT, array('cost' => BCRYPT_COST)); + $passwordHash = preg_replace('/^\$2[xy]\$/', '\$2a\$', $passwordHash); //Compatibility with bcrypt.js + $_SESSION['passwordHash'] = $passwordHash; + } + + $token = ''; + if ($_SESSION['mail_login']) { + $token = sha1($_SESSION['salt'] . $_SESSION['mail_login']); + } + + $config_array = array ( + 'language' => $_SESSION['language'], + 'theme' => $_SESSION['theme'], + 'old_entries' => $_SESSION['old_entries'], + 'mail_login' => $_SESSION['mail_login'], + 'passwordHash' => $_SESSION['passwordHash'], + 'token' => $token, + ); + + $configPath = DATA_PATH . '/' . $_SESSION['default_user'] . '_user.php'; + @unlink($configPath); //To avoid access-rights problems + file_put_contents($configPath, " array( + 'environment' => empty($_SESSION['environment']) ? 'production' : $_SESSION['environment'], + 'salt' => $_SESSION['salt'], + 'base_url' => '', + 'title' => $_SESSION['title'], + 'default_user' => $_SESSION['default_user'], + 'auth_type' => $_SESSION['auth_type'], + 'allow_anonymous' => isset($_SESSION['allow_anonymous']) ? $_SESSION['allow_anonymous'] : false, + 'allow_anonymous_refresh' => false, + 'unsafe_autologin_enabled' => false, + 'api_enabled' => false, + ), + 'db' => array( + 'type' => $_SESSION['bd_type'], + 'host' => $_SESSION['bd_host'], + 'user' => $_SESSION['bd_user'], + 'password' => $_SESSION['bd_password'], + 'base' => $_SESSION['bd_base'], + 'prefix' => $_SESSION['bd_prefix'], + ), + ); + + @unlink(DATA_PATH . '/config.php'); //To avoid access-rights problems + file_put_contents(DATA_PATH . '/config.php', " 'SET NAMES utf8', + ); + break; + case 'sqlite': + return false; //No update for SQLite needed so far + default: + return false; + } + + $c = new PDO($str, $_SESSION['bd_user'], $_SESSION['bd_password'], $driver_options); + + $stm = $c->prepare(SQL_SHOW_TABLES); + $stm->execute(); + $res = $stm->fetchAll(PDO::FETCH_COLUMN, 0); + if (!in_array($_SESSION['bd_prefix'] . 'entry006', $res)) { + return false; + } + + $sql = sprintf(SQL_SHOW_COLUMNS_UPDATEv006, $_SESSION['bd_prefix']); + $stm = $c->prepare($sql); + $stm->execute(); + $res = $stm->fetchAll(PDO::FETCH_COLUMN, 0); + if (!in_array('id2', $res)) { + if (!$perform) { + return true; + } + $sql = sprintf(SQL_UPDATEv006, $_SESSION['bd_prefix'], $_SESSION['bd_prefix_user']); + $stm = $c->prepare($sql, array(PDO::ATTR_EMULATE_PREPARES => true)); + $stm->execute(); + } + + $sql = sprintf(SQL_CONVERT_SELECTv006, $_SESSION['bd_prefix'], $_SESSION['bd_prefix_user']); + if (!$perform) { + $sql .= ' LIMIT 1'; + } + $stm = $c->prepare($sql); + $stm->execute(); + if (!$perform) { + $res = $stm->fetchAll(PDO::FETCH_COLUMN, 0); + return count($res) > 0; + } else { + @set_time_limit(300); + } + + $c2 = new PDO($str, $_SESSION['bd_user'], $_SESSION['bd_password'], $driver_options); + $sql = sprintf(SQL_CONVERT_UPDATEv006, $_SESSION['bd_prefix_user']); + $stm2 = $c2->prepare($sql); + while ($row = $stm->fetch(PDO::FETCH_ASSOC)) { + $id = $row['id2']; + $content = unserialize(gzinflate(base64_decode($row['content']))); + $stm2->execute(array($content, $id)); + } + + return true; + } catch (PDOException $e) { + return false; + } + return false; +} + +function newPdo() { + switch ($_SESSION['bd_type']) { + case 'mysql': + $str = 'mysql:host=' . $_SESSION['bd_host'] . ';dbname=' . $_SESSION['bd_base']; + $driver_options = array( + PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8', + ); + break; + case 'sqlite': + $str = 'sqlite:' . DATA_PATH . '/' . $_SESSION['bd_base'] . '.sqlite'; + $driver_options = array( + PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, + ); + break; + default: + return false; + } + return new PDO($str, $_SESSION['bd_user'], $_SESSION['bd_password'], $driver_options); +} + +function postUpdate() { + $c = newPdo(); + + if ($_SESSION['bd_type'] !== 'sqlite') { //No update for SQLite needed yet + $sql = sprintf(SQL_UPDATE_HISTORYv007b, $_SESSION['bd_prefix_user']); + $stm = $c->prepare($sql); + $stm->execute(); + + $sql = sprintf(SQL_UPDATE_CACHED_VALUES, $_SESSION['bd_prefix_user']); + $stm = $c->prepare($sql); + $stm->execute(); + } + + // + $sql = sprintf(SQL_GET_FEEDS, $_SESSION['bd_prefix_user']); + $stm = $c->prepare($sql); + $stm->execute(); + $res = $stm->fetchAll(PDO::FETCH_ASSOC); + foreach ($res as $feed) { + if (empty($feed['url'])) { + continue; + } + $hash = hash('crc32b', $_SESSION['salt'] . $feed['url']); + @file_put_contents(DATA_PATH . '/favicons/' . $hash . '.txt', + empty($feed['website']) ? $feed['url'] : $feed['website']); + } + // +} + +function deleteInstall () { + $res = unlink (DATA_PATH . 'do-install.txt'); + if ($res) { + header ('Location: index.php'); + } + + $needs = array('bd_type', 'bd_host', 'bd_base', 'bd_user', 'bd_password', 'bd_prefix'); + foreach ($needs as $need) { + if (!isset($_SESSION[$need])) { + return false; + } + } + + try { + $c = newPdo(); + $sql = sprintf(SQL_DROP_BACKUPv006, $_SESSION['bd_prefix']); + $stm = $c->prepare($sql); + $stm->execute(); + + return true; + } catch (PDOException $e) { + return false; + } + return false; +} + +function moveOldFiles() { + $mvs = array( + '/app/configuration/application.ini' => '/data/application.ini', //v0.6 + '/public/data/Configuration.array.php' => '/data/Configuration.array.php', //v0.6 + ); + $ok = true; + foreach ($mvs as $fFrom => $fTo) { + if (file_exists(FRESHRSS_PATH . $fFrom)) { + if (copy(FRESHRSS_PATH . $fFrom, FRESHRSS_PATH . $fTo)) { + @unlink(FRESHRSS_PATH . $fFrom); + } else { + $ok = false; + } + } + } + return $ok; +} + +function delTree($dir) { //http://php.net/rmdir#110489 + if (!is_dir($dir)) { + return true; + } + $files = array_diff(scandir($dir), array('.', '..')); + foreach ($files as $file) { + $f = $dir . '/' . $file; + if (is_dir($f)) { + @chmod($f, 0777); + delTree($f); + } + else unlink($f); + } + return rmdir($dir); +} + +/*** VÉRIFICATIONS ***/ +function checkStep () { + $s0 = checkStep0 (); + $s1 = checkStep1 (); + $s2 = checkStep2 (); + $s3 = checkStep3 (); + if (STEP > 0 && $s0['all'] != 'ok') { + header ('Location: index.php?step=0'); + } elseif (STEP > 1 && $s1['all'] != 'ok') { + header ('Location: index.php?step=1'); + } elseif (STEP > 2 && $s2['all'] != 'ok') { + header ('Location: index.php?step=2'); + } elseif (STEP > 3 && $s3['all'] != 'ok') { + header ('Location: index.php?step=3'); + } + $_SESSION['actualize_feeds'] = true; +} +function checkStep0 () { + moveOldFiles(); + + if (file_exists(DATA_PATH . '/config.php')) { + $ini_array = include(DATA_PATH . '/config.php'); + } elseif (file_exists(DATA_PATH . '/application.ini')) { //v0.6 + $ini_array = parse_ini_file(DATA_PATH . '/application.ini', true); + $ini_array['general']['title'] = empty($ini_array['general']['title']) ? '' : stripslashes($ini_array['general']['title']); + } else { + $ini_array = null; + } + + if ($ini_array) { + $ini_general = isset($ini_array['general']) ? $ini_array['general'] : null; + if ($ini_general) { + $keys = array('environment', 'salt', 'title', 'default_user', 'allow_anonymous', 'auth_type'); + foreach ($keys as $key) { + if ((empty($_SESSION[$key])) && isset($ini_general[$key])) { + $_SESSION[$key] = $ini_general[$key]; + } + } + } + $ini_db = isset($ini_array['db']) ? $ini_array['db'] : null; + if ($ini_db) { + $keys = array('type', 'host', 'user', 'password', 'base', 'prefix'); + foreach ($keys as $key) { + if ((!isset($_SESSION['bd_' . $key])) && isset($ini_db[$key])) { + $_SESSION['bd_' . $key] = $ini_db[$key]; + } + } + } + } + + if (isset($_SESSION['default_user']) && file_exists(DATA_PATH . '/' . $_SESSION['default_user'] . '_user.php')) { + $userConfig = include(DATA_PATH . '/' . $_SESSION['default_user'] . '_user.php'); + } elseif (file_exists(DATA_PATH . '/Configuration.array.php')) { + $userConfig = include(DATA_PATH . '/Configuration.array.php'); //v0.6 + if (empty($_SESSION['auth_type'])) { + $_SESSION['auth_type'] = empty($userConfig['mail_login']) ? 'none' : 'persona'; + } + if (!isset($_SESSION['allow_anonymous'])) { + $_SESSION['allow_anonymous'] = empty($userConfig['anon_access']) ? false : ($userConfig['anon_access'] === 'yes'); + } + } else { + $userConfig = array(); + } + if (empty($_SESSION['auth_type'])) { //v0.7b + $_SESSION['auth_type'] = ''; + } + + $keys = array('language', 'theme', 'old_entries', 'mail_login', 'passwordHash'); + foreach ($keys as $key) { + if ((!isset($_SESSION[$key])) && isset($userConfig[$key])) { + $_SESSION[$key] = $userConfig[$key]; + } + } + + $languages = availableLanguages (); + $language = isset ($_SESSION['language']) && + isset ($languages[$_SESSION['language']]); + + if (empty($_SESSION['passwordHash'])) { //v0.7b + $_SESSION['passwordHash'] = ''; + } + if (empty($_SESSION['theme'])) { + $_SESSION['theme'] = 'Origine'; + } else { + switch (strtolower($_SESSION['theme'])) { + case 'default': //v0.7b + $_SESSION['theme'] = 'Origine'; + break; + case 'flat-design': //v0.7b + $_SESSION['theme'] = 'Flat'; + break; + case 'default_dark': //v0.7b + $_SESSION['theme'] = 'Dark'; + break; + } + } + + return array ( + 'language' => $language ? 'ok' : 'ko', + 'all' => $language ? 'ok' : 'ko' + ); +} + +function checkStep1 () { + $php = version_compare (PHP_VERSION, '5.2.1') >= 0; + $minz = file_exists (LIB_PATH . '/Minz'); + $curl = extension_loaded ('curl'); + $pdo = extension_loaded ('pdo_mysql'); + $pcre = extension_loaded ('pcre'); + $ctype = extension_loaded ('ctype'); + $dom = class_exists('DOMDocument'); + $data = DATA_PATH && is_writable (DATA_PATH); + $cache = CACHE_PATH && is_writable (CACHE_PATH); + $log = LOG_PATH && is_writable (LOG_PATH); + $favicons = is_writable (DATA_PATH . '/favicons'); + $persona = is_writable (DATA_PATH . '/persona'); + + return array ( + 'php' => $php ? 'ok' : 'ko', + 'minz' => $minz ? 'ok' : 'ko', + 'curl' => $curl ? 'ok' : 'ko', + 'pdo-mysql' => $pdo ? 'ok' : 'ko', + 'pcre' => $pcre ? 'ok' : 'ko', + 'ctype' => $ctype ? 'ok' : 'ko', + 'dom' => $dom ? 'ok' : 'ko', + 'data' => $data ? 'ok' : 'ko', + 'cache' => $cache ? 'ok' : 'ko', + 'log' => $log ? 'ok' : 'ko', + 'favicons' => $favicons ? 'ok' : 'ko', + 'persona' => $persona ? 'ok' : 'ko', + 'all' => $php && $minz && $curl && $pdo && $pcre && $ctype && $dom && $data && $cache && $log && $favicons && $persona ? 'ok' : 'ko' + ); +} + +function checkStep2 () { + $conf = !empty($_SESSION['salt']) && + !empty($_SESSION['title']) && + !empty($_SESSION['old_entries']) && + isset($_SESSION['mail_login']) && + !empty($_SESSION['default_user']); + $defaultUser = empty($_POST['default_user']) ? null : $_POST['default_user']; + if ($defaultUser === null) { + $defaultUser = empty($_SESSION['default_user']) ? '' : $_SESSION['default_user']; + } + $data = is_writable(DATA_PATH . '/' . $defaultUser . '_user.php'); + if ($data) { + @unlink(DATA_PATH . '/Configuration.array.php'); //v0.6 + } + + return array ( + 'conf' => $conf ? 'ok' : 'ko', + 'data' => $data ? 'ok' : 'ko', + 'all' => $conf && $data ? 'ok' : 'ko' + ); +} +function checkStep3 () { + $conf = is_writable(DATA_PATH . '/config.php'); + + $bd = isset ($_SESSION['bd_type']) && + isset ($_SESSION['bd_host']) && + isset ($_SESSION['bd_user']) && + isset ($_SESSION['bd_password']) && + isset ($_SESSION['bd_base']) && + isset ($_SESSION['bd_prefix']) && + isset ($_SESSION['bd_error']); + $conn = empty($_SESSION['bd_error']); + + return array ( + 'bd' => $bd ? 'ok' : 'ko', + 'conn' => $conn ? 'ok' : 'ko', + 'conf' => $conf ? 'ok' : 'ko', + 'all' => $bd && $conn && $conf ? 'ok' : 'ko' + ); +} + +function checkBD () { + $ok = false; + + try { + $str = ''; + $driver_options = null; + switch ($_SESSION['bd_type']) { + case 'mysql': + $driver_options = array( + PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8' + ); + + try { // on ouvre une connexion juste pour créer la base si elle n'existe pas + $str = 'mysql:host=' . $_SESSION['bd_host'] . ';'; + $c = new PDO ($str, $_SESSION['bd_user'], $_SESSION['bd_password'], $driver_options); + $sql = sprintf (SQL_CREATE_DB, $_SESSION['bd_base']); + $res = $c->query ($sql); + } catch (PDOException $e) { + } + + // on écrase la précédente connexion en sélectionnant la nouvelle BDD + $str = 'mysql:host=' . $_SESSION['bd_host'] . ';dbname=' . $_SESSION['bd_base']; + break; + case 'sqlite': + $str = 'sqlite:' . DATA_PATH . '/' . $_SESSION['bd_base'] . '.sqlite'; + $driver_options = array( + PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, + ); + break; + default: + return false; + } + + $c = new PDO ($str, $_SESSION['bd_user'], $_SESSION['bd_password'], $driver_options); + + if ($_SESSION['bd_type'] !== 'sqlite') { //No SQL backup for SQLite + $stm = $c->prepare(SQL_SHOW_TABLES); + $stm->execute(); + $res = $stm->fetchAll(PDO::FETCH_COLUMN, 0); + if (in_array($_SESSION['bd_prefix'] . 'entry', $res) && !in_array($_SESSION['bd_prefix'] . 'entry006', $res)) { + $sql = sprintf(SQL_BACKUP006, $_SESSION['bd_prefix']); //v0.6 + $res = $c->query($sql); //Backup tables + } + } + + if (defined('SQL_CREATE_TABLES')) { + $sql = sprintf(SQL_CREATE_TABLES, $_SESSION['bd_prefix_user'], _t('default_category')); + $stm = $c->prepare($sql); + $ok = $stm->execute(); + } else { + global $SQL_CREATE_TABLES; + if (is_array($SQL_CREATE_TABLES)) { + $ok = true; + foreach ($SQL_CREATE_TABLES as $instruction) { + $sql = sprintf($instruction, $_SESSION['bd_prefix_user'], _t('default_category')); + $stm = $c->prepare($sql); + $ok &= $stm->execute(); + } + } + } + } catch (PDOException $e) { + $ok = false; + $_SESSION['bd_error'] = $e->getMessage(); + } + + if (!$ok) { + @unlink(DATA_PATH . '/config.php'); + } + + return $ok; +} + +/*** AFFICHAGE ***/ +function printStep0 () { + global $actual; +?> + +

+ + + + + + + +

+ +

+ + + +

+ +

+ + + +

+ +

+ + + + +

+ +

+ + + +

+ +

+ + + +

+ +

+ + + +

+ +

+ + + +

+ +

+ + + +

+ +

+ + + +

+ +

+ + + +

+ +

+ + + +

+ +

+ + + + + +

+ + + +

+ + + + + +

+ +

+ + + + + + +

+ + +

+ + + + + + + <?php echo _t ('freshrss_installation'); ?> + + + + + + + +

+ +

+ + -- cgit v1.2.3