From 781d8a717f315525807bfd702cb740248b6087ea Mon Sep 17 00:00:00 2001
From: Alexandre Alapetite <alexandre@alapetite.fr>
Date: Sat, 18 Jan 2014 00:17:03 +0100
Subject: Choix du type de connexion dans l'installeur

+ diverses corrections dans l'installeur
Adresse une partie de
https://github.com/marienfressinaud/FreshRSS/issues/355
---
 p/i/install.php | 75 +++++++++++++++++++++++++++++++++++++++++++++------------
 1 file changed, 60 insertions(+), 15 deletions(-)

(limited to 'p/i')

diff --git a/p/i/install.php b/p/i/install.php
index 08ed9ccb9..294231fc0 100644
--- a/p/i/install.php
+++ b/p/i/install.php
@@ -1,5 +1,11 @@
 <?php
+if (function_exists('opcache_reset')) {
+	opcache_reset();
+}
+
 require('../../constants.php');
+const BCRYPT_COST = 9;
+
 include(LIB_PATH . '/lib_rss.php');
 
 session_name('FreshRSS');
@@ -149,6 +155,7 @@ function saveStep2 () {
 	if (!empty ($_POST)) {
 		if (empty ($_POST['title']) ||
 		    empty ($_POST['old_entries']) ||
+		    empty ($_POST['auth_type']) ||
 		    empty ($_POST['default_user'])) {
 			return false;
 		}
@@ -161,6 +168,12 @@ function saveStep2 () {
 		}
 		$_SESSION['mail_login'] = filter_var($_POST['mail_login'], FILTER_VALIDATE_EMAIL);
 		$_SESSION['default_user'] = substr(preg_replace('/[^a-zA-Z0-9]/', '', $_POST['default_user']), 0, 16);
+		$_SESSION['auth_type'] = $_POST['auth_type'];
+		if (!empty($_POST['passwordPlain'])) {
+			$passwordHash = password_hash($_POST['passwordPlain'], PASSWORD_BCRYPT, array('cost' => BCRYPT_COST));
+			$passwordHash = preg_replace('/^\$2[xy]\$/', '\$2a\$', $passwordHash);	//Compatibility with bcrypt.js
+			$_SESSION['passwordHash'] = $passwordHash;
+		}
 
 		$token = '';
 		if ($_SESSION['mail_login']) {
@@ -169,8 +182,10 @@ function saveStep2 () {
 
 		$config_array = array (
 			'language' => $_SESSION['language'],
+			'theme' => $_SESSION['theme'],
 			'old_entries' => $_SESSION['old_entries'],
 			'mail_login' => $_SESSION['mail_login'],
+			'passwordHash' => $_SESSION['passwordHash'],
 			'token' => $token,
 		);
 
@@ -214,7 +229,7 @@ function saveStep3 () {
 				'title' => $_SESSION['title'],
 				'default_user' => $_SESSION['default_user'],
 				'auth_type' => $_SESSION['auth_type'],
-				'allow_anonymous' => $_SESSION['allow_anonymous'],
+				'allow_anonymous' => isset($_SESSION['allow_anonymous']) ? $_SESSION['allow_anonymous'] : false,
 			),
 			'db' => array(
 				'type' => $_SESSION['bd_type'],
@@ -466,21 +481,11 @@ function checkStep0 () {
 	} else {
 		$userConfig = array();
 	}
-	if (isset($userConfig['theme'])) {
-		switch (strtolower($userConfig['theme'])) {
-			case 'default':	//v0.6
-				$userConfig['theme'] = 'Origine';
-				break;
-			case 'flat-design':	//v0.6
-				$userConfig['theme'] = 'Flat';
-				break;
-			case 'default_dark':	//v0.6
-				$userConfig['theme'] = 'Dark';
-				break;
-		}
+	if (empty($_SESSION['auth_type'])) {	//v0.7b
+		$_SESSION['auth_type'] = '';
 	}
 
-	$keys = array('language', 'old_entries', 'mail_login');
+	$keys = array('language', 'theme', 'old_entries', 'mail_login', 'passwordHash');
 	foreach ($keys as $key) {
 		if ((!isset($_SESSION[$key])) && isset($userConfig[$key])) {
 			$_SESSION[$key] = $userConfig[$key];
@@ -491,6 +496,25 @@ function checkStep0 () {
 	$language = isset ($_SESSION['language']) &&
 	            isset ($languages[$_SESSION['language']]);
 
+	if (empty($_SESSION['passwordHash'])) {	//v0.7b
+		$_SESSION['passwordHash'] = '';
+	}
+	if (empty($_SESSION['theme'])) {
+		$_SESSION['theme'] = 'Origine';
+	} else {
+		switch (strtolower($_SESSION['theme'])) {
+			case 'default':	//v0.7b
+				$_SESSION['theme'] = 'Origine';
+				break;
+			case 'flat-design':	//v0.7b
+				$_SESSION['theme'] = 'Flat';
+				break;
+			case 'default_dark':	//v0.7b
+				$_SESSION['theme'] = 'Dark';
+				break;
+		}
+	}
+
 	return array (
 		'language' => $language ? 'ok' : 'ko',
 		'all' => $language ? 'ok' : 'ko'
@@ -777,10 +801,31 @@ function printStep2 () {
 			</div>
 		</div>
 
+		<div class="form-group">
+			<label class="group-name" for="auth_type"><?php echo _t('auth_type'); ?></label>
+			<div class="group-controls">
+				<select id="auth_type" name="auth_type" required="required">
+					<option value=""></option>
+					<option value="form"<?php echo $_SESSION['auth_type'] === 'form' ? ' selected="selected"' : ''; ?>><?php echo _t('auth_form'); ?></option>
+					<option value="persona"<?php echo $_SESSION['auth_type'] === 'persona' ? ' selected="selected"' : ''; ?>><?php echo _t('auth_persona'); ?></option>
+					<option value="http_auth"<?php echo $_SESSION['auth_type'] === 'http_auth' ? ' selected="selected"' : '', httpAuthUser() == '' ? ' disabled="disabled"' : ''; ?>><?php echo _t('http_auth'); ?> (REMOTE_USER = '<?php echo httpAuthUser(); ?>')</option>
+					<option value="none"<?php echo $_SESSION['auth_type'] === 'none' ? ' selected="selected"' : ''; ?>><?php echo _t('auth_none'); ?></option>
+				</select>
+			</div>
+		</div>
+
+		<div class="form-group">
+			<label class="group-name" for="passwordPlain"><?php echo _t('password_form'); ?></label>
+			<div class="group-controls">
+				<input type="password" id="passwordPlain" name="passwordPlain" pattern=".{7,}" />
+				<noscript><b><?php echo _t('javascript_should_be_activated'); ?></b></noscript>
+			</div>
+		</div>
+
 		<div class="form-group">
 			<label class="group-name" for="mail_login"><?php echo _t ('persona_connection_email'); ?></label>
 			<div class="group-controls">
-				<input type="email" id="mail_login" name="mail_login" value="<?php echo isset ($_SESSION['mail_login']) ? $_SESSION['mail_login'] : ''; ?>" placeholder="<?php echo _t ('blank_to_disable'); ?>" />
+				<input type="email" id="mail_login" name="mail_login" value="<?php echo isset ($_SESSION['mail_login']) ? $_SESSION['mail_login'] : ''; ?>" placeholder="alice@example.net" />
 				<noscript><b><?php echo _t ('javascript_should_be_activated'); ?></b></noscript>
 			</div>
 		</div>
-- 
cgit v1.2.3