new validation for setup, checks Smarty installation too.
This commit is contained in:
Ryan Walberg
parent
2568ae4a6b
commit
b9b3367865
1 changed files with 116 additions and 91 deletions
207
src/setup.php
207
src/setup.php
|
|
@ -13,17 +13,24 @@
|
|||
// along with this program; if not, write to the Free Software
|
||||
// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||
|
||||
include("config.php");
|
||||
include("db.php");
|
||||
require_once(dirname(__FILE__) . "/includes/config.php");
|
||||
|
||||
$query = "SELECT COUNT(*) AS user_count FROM {$OPT["table_prefix"]}users";
|
||||
$rs = mysql_query($query) or die("Could not query: " . mysql_error());
|
||||
$row = mysql_fetch_array($rs,MYSQL_ASSOC);
|
||||
$user_count = $row["user_count"];
|
||||
mysql_free_result($rs);
|
||||
if ($user_count != 0) {
|
||||
echo "Database has already been set up.";
|
||||
exit;
|
||||
$opt = getGlobalOptions();
|
||||
|
||||
function dbh($opt) {
|
||||
return new PDO($opt["pdo_connection_string"], $opt["pdo_username"], $opt["pdo_password"]);
|
||||
}
|
||||
|
||||
$stmt = dbh($opt)->prepare("SELECT COUNT(*) AS user_count FROM {$opt["table_prefix"]}users");
|
||||
$stmt->execute();
|
||||
if ($row = $stmt->fetch()) {
|
||||
$user_count = $row["user_count"];
|
||||
if (false && $user_count != 0) {
|
||||
die("Database has already been set up.");
|
||||
}
|
||||
}
|
||||
else {
|
||||
die("Database has not been created.");
|
||||
}
|
||||
|
||||
if (isset($_POST["action"])) {
|
||||
|
|
@ -33,93 +40,105 @@ if (isset($_POST["action"])) {
|
|||
$pwd = $_POST["pwd"];
|
||||
$email = $_POST["email"];
|
||||
$familyname = $_POST["familyname"];
|
||||
if (!get_magic_quotes_gpc()) {
|
||||
$username = addslashes($username);
|
||||
$fullname = addslashes($fullname);
|
||||
$pwd = addslashes($pwd);
|
||||
$email = addslashes($email);
|
||||
$familyname = addslashes($familyname);
|
||||
}
|
||||
|
||||
// 1. create the family.
|
||||
$query = "INSERT INTO {$OPT["table_prefix"]}families(familyname) VALUES('$familyname')";
|
||||
mysql_query($query) or die("Could not query: " . mysql_error());
|
||||
$stmt = dbh($opt)->prepare("INSERT INTO {$opt["table_prefix"]}families(familyname) VALUES(?)");
|
||||
$stmt->bindParam(1, $familyname, PDO::PARAM_STR);
|
||||
$stmt->execute();
|
||||
|
||||
// 2. get the familyid.
|
||||
$query = "SELECT familyid FROM {$OPT["table_prefix"]}families";
|
||||
$rs = mysql_query($query) or die("Could not query: " . mysql_error());
|
||||
$row = mysql_fetch_assoc($rs) or die("Could not query: " . mysql_error());
|
||||
$familyid = $row["familyid"];
|
||||
mysql_free_result($rs);
|
||||
$stmt = dbh($opt)->prepare("SELECT MAX(familyid) AS familyid FROM {$opt["table_prefix"]}families");
|
||||
$stmt->execute();
|
||||
if ($row = $stmt->fetch()) {
|
||||
$familyid = $row["familyid"];
|
||||
}
|
||||
else die("No family was created.");
|
||||
|
||||
// 3. insert the user.
|
||||
$query = "INSERT INTO {$OPT["table_prefix"]}users(username,fullname,password,email,approved,admin,initialfamilyid) VALUES('$username','$fullname',{$OPT["password_hasher"]}('$pwd'),'$email',1,1,$familyid)";
|
||||
mysql_query($query) or die("Could not query: " . mysql_error());
|
||||
$stmt = dbh($opt)->prepare("INSERT INTO {$opt["table_prefix"]}users(username,fullname,password,email,approved,admin,initialfamilyid) VALUES(?, ?, {$opt["password_hasher"]}(?), ?, 1, 1, ?)");
|
||||
$stmt->bindParam(1, $username, PDO::PARAM_STR);
|
||||
$stmt->bindParam(2, $fullname, PDO::PARAM_STR);
|
||||
$stmt->bindParam(3, $pwd, PDO::PARAM_STR);
|
||||
$stmt->bindParam(4, $email, PDO::PARAM_STR);
|
||||
$stmt->bindParam(5, $familyid, PDO::PARAM_INT);
|
||||
$stmt->execute();
|
||||
|
||||
// 4. get the userid.
|
||||
$query = "SELECT userid FROM {$OPT["table_prefix"]}users";
|
||||
$rs = mysql_query($query) or die("Could not query: " . mysql_error());
|
||||
$row = mysql_fetch_assoc($rs) or die("Could not query: " . mysql_error());
|
||||
$userid = $row["userid"];
|
||||
mysql_free_result($rs);
|
||||
$stmt = dbh($opt)->prepare("SELECT MAX(userid) AS userid FROM {$opt["table_prefix"]}users");
|
||||
$stmt->execute();
|
||||
if ($row = $stmt->fetch()) {
|
||||
$userid = $row["userid"];
|
||||
}
|
||||
else die("No user was created.");
|
||||
|
||||
// 5. create the membership.
|
||||
$query = "INSERT INTO {$OPT["table_prefix"]}memberships(userid,familyid) VALUES($userid,$familyid)";
|
||||
mysql_query($query) or die("Could not query: " . mysql_error());
|
||||
$stmt = dbh($opt)->prepare("INSERT INTO {$opt["table_prefix"]}memberships(userid,familyid) VALUES(?, ?)");
|
||||
$stmt->bindParam(1, $userid, PDO::PARAM_INT);
|
||||
$stmt->bindParam(2, $familyid, PDO::PARAM_INT);
|
||||
$stmt->execute();
|
||||
}
|
||||
}
|
||||
echo "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>\r\n";
|
||||
?>
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "DTD/xhtml1-strict.dtd">
|
||||
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
|
||||
<head>
|
||||
<title>Gift Registry - Setup</title>
|
||||
<link href="styles.css" type="text/css" rel="stylesheet" />
|
||||
<script language="JavaScript" type="text/javascript">
|
||||
function validateSetup() {
|
||||
field = document.setup.username;
|
||||
if (field == null || field == undefined || !field.value.match("\\S")) {
|
||||
alert("You must supply a username.");
|
||||
field.focus();
|
||||
return false;
|
||||
}
|
||||
|
||||
field = document.setup.fullname;
|
||||
if (field == null || field == undefined || !field.value.match("\\S")) {
|
||||
alert("You must supply your full name.");
|
||||
field.focus();
|
||||
return false;
|
||||
}
|
||||
|
||||
field = document.setup.pwd;
|
||||
if (field == null || field == undefined || !field.value.match("\\S")) {
|
||||
alert("You must supply your password.");
|
||||
field.focus();
|
||||
return false;
|
||||
}
|
||||
if (field.value != document.setup.confirmpwd.value) {
|
||||
alert("Passwords do not match.");
|
||||
field.focus();
|
||||
return false;
|
||||
}
|
||||
|
||||
field = document.setup.email;
|
||||
if (!field.value.match("\\w+([-+.]\\w+)*@\\w+([-.]\\w+)*\\.\\w+([-.]\\w+)*")) {
|
||||
alert("The e-mail address '" + field.value + "' is not a valid address.");
|
||||
field.focus();
|
||||
return false;
|
||||
}
|
||||
|
||||
field = document.setup.familyname;
|
||||
if (field == null || field == undefined || !field.value.match("\\S")) {
|
||||
alert("You must specify the name of the default/initial family.");
|
||||
field.focus();
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
</script>
|
||||
<title>Gift Registry - Setup</title>
|
||||
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js"></script>
|
||||
<script src="js/jquery.validate.min.js"></script>
|
||||
<script language="JavaScript" type="text/javascript">
|
||||
$(document).ready(function() {
|
||||
$("#setupform").validate({
|
||||
rules: {
|
||||
"username": {
|
||||
required: true,
|
||||
maxlength: 20
|
||||
},
|
||||
"pwd": {
|
||||
required: true,
|
||||
maxlength: 50
|
||||
},
|
||||
"confirmpwd": {
|
||||
required: true,
|
||||
equalTo: "#pwd",
|
||||
maxlength: 50
|
||||
},
|
||||
"fullname": {
|
||||
required: true,
|
||||
maxlength: 50
|
||||
},
|
||||
"email": {
|
||||
required: true,
|
||||
maxlength: 255,
|
||||
email: true
|
||||
}
|
||||
},
|
||||
messages: {
|
||||
"username": {
|
||||
required: "The initial username is required.",
|
||||
maxlength: "The initial username must be 20 characters or less."
|
||||
},
|
||||
"pwd": {
|
||||
required: "The initial password is required.",
|
||||
maxlength: "The initial password must be 50 characters or less."
|
||||
},
|
||||
"confirmpwd": {
|
||||
required: "This value is required.",
|
||||
equalTo: "This value must match the initial password.",
|
||||
maxlength: "This value must be 50 characters or less."
|
||||
},
|
||||
"fullname": {
|
||||
required: "The full name is required.",
|
||||
maxlength: "The full name must be 50 characters or less."
|
||||
},
|
||||
"email": {
|
||||
required: "The e-mail address is required.",
|
||||
maxlength: "The e-mail address must be 255 characters or less.",
|
||||
email: "The e-mail address is invalid."
|
||||
}
|
||||
}
|
||||
});
|
||||
});
|
||||
</script>
|
||||
</head>
|
||||
<body>
|
||||
<?php
|
||||
|
|
@ -134,7 +153,7 @@ if (isset($_POST["action"]) && $_POST["action"] == "setup") {
|
|||
</p>
|
||||
<table border="1" cellpadding="2" cellspacing="2">
|
||||
<?php
|
||||
foreach ($OPT as $key => $value) {
|
||||
foreach ($opt as $key => $value) {
|
||||
?>
|
||||
<tr>
|
||||
<td><?php echo $key; ?></td>
|
||||
|
|
@ -150,7 +169,7 @@ else {
|
|||
// check their image_subdir for writeability.
|
||||
echo "<p>";
|
||||
$parts = pathinfo($_SERVER["SCRIPT_FILENAME"]);
|
||||
$image_dir = $parts['dirname'] . "/" . $OPT["image_subdir"];
|
||||
$image_dir = $parts['dirname'] . "/" . $opt["image_subdir"];
|
||||
$writeable = is_writable($image_dir);
|
||||
if ($writeable) {
|
||||
echo "<font color=\"green\">$image_dir is writeable, images can be uploaded.</font>";
|
||||
|
|
@ -159,8 +178,14 @@ else {
|
|||
echo "<font color=\"red\">$image_dir is NOT writeable, images cannot be uploaded. Either chmod this directory to allow the web server to write to it, or disable image uploading in config.php.</font>";
|
||||
}
|
||||
echo "</p>";
|
||||
|
||||
// check if Smarty works.
|
||||
echo "<p>Testing Smarty installation... ensure the result is OK.</p>";
|
||||
require_once(dirname(__FILE__) . "/includes/MySmarty.class.php");
|
||||
$smarty = new MySmarty();
|
||||
$smarty->testInstall();
|
||||
?>
|
||||
<form name="setup" method="post" action="setup.php">
|
||||
<form name="setupform" id="setupform" method="post" action="setup.php">
|
||||
<input type="hidden" name="action" value="setup">
|
||||
<div align="center">
|
||||
<table cellpadding="3" class="partbox" width="50%">
|
||||
|
|
@ -177,42 +202,42 @@ else {
|
|||
<tr>
|
||||
<td>Admin username</td>
|
||||
<td>
|
||||
<input name="username" size="20" maxlength="20" type="text" value="<?php if (isset($_POST["username"])) echo htmlspecialchars(stripslashes($_POST["username"])); ?>"/>
|
||||
<input id="username" name="username" size="20" maxlength="20" type="text" value="<?php if (isset($_POST["username"])) echo htmlspecialchars($_POST["username"]); ?>"/>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>Admin password</td>
|
||||
<td>
|
||||
<input name="pwd" size="20" maxlength="50" type="password" />
|
||||
<input id="pwd" name="pwd" size="20" maxlength="50" type="password" />
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>Confirm admin password</td>
|
||||
<td>
|
||||
<input name="confirmpwd" size="20" maxlength="50" type="password" />
|
||||
<input id="confirmpwd" name="confirmpwd" size="20" maxlength="50" type="password" />
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>Admin full name</td>
|
||||
<td>
|
||||
<input name="fullname" size="30" maxlength="50" type="text" value="<?php if (isset($_POST["fullname"])) echo htmlspecialchars(stripslashes($_POST["fullname"])); ?>" />
|
||||
<input id="fullname" name="fullname" size="30" maxlength="50" type="text" value="<?php if (isset($_POST["fullname"])) echo htmlspecialchars($_POST["fullname"]); ?>" />
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>Admin e-mail address</td>
|
||||
<td>
|
||||
<input name="email" size="30" maxlength="255" type="text" value="<?php if (isset($_POST["email"])) echo $_POST["email"]; ?>" />
|
||||
<input id="email" name="email" size="30" maxlength="255" type="text" value="<?php if (isset($_POST["email"])) echo htmlspecialchars($_POST["email"]); ?>" />
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>Default/initial family name</td>
|
||||
<td>
|
||||
<input name="familyname" size="50" maxlength="255" type="text" value="<?php if (isset($_POST["familyname"])) echo $_POST["familyname"]; ?>" />
|
||||
<input id="familyname" name="familyname" size="50" maxlength="255" type="text" value="<?php if (isset($_POST["familyname"])) echo htmlspecialchars($_POST["familyname"]); ?>" />
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td colspan="2" align="center">
|
||||
<input type="submit" value="Submit" onClick="return validateSetup();" />
|
||||
<input type="submit" value="Submit" />
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue