diff options
| author | Meik Sievertsen <acydburn@phpbb.com> | 2004-08-04 18:14:29 +0000 |
|---|---|---|
| committer | Meik Sievertsen <acydburn@phpbb.com> | 2004-08-04 18:14:29 +0000 |
| commit | eba921b51158152203a0d3b454a4ed6b342810d7 (patch) | |
| tree | 5b0e83c55f1343e7aff3599e9d7ab71b59191811 /phpBB/install/install.php | |
| parent | bf629e7e3ed48b2f639678eeb97ae6fb89d08d32 (diff) | |
| download | forums-eba921b51158152203a0d3b454a4ed6b342810d7.tar forums-eba921b51158152203a0d3b454a4ed6b342810d7.tar.gz forums-eba921b51158152203a0d3b454a4ed6b342810d7.tar.bz2 forums-eba921b51158152203a0d3b454a4ed6b342810d7.tar.xz forums-eba921b51158152203a0d3b454a4ed6b342810d7.zip | |
- updated installer (only small fixes)
git-svn-id: file:///svn/phpbb/trunk@4955 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/install/install.php')
| -rw-r--r-- | phpBB/install/install.php | 59 |
1 files changed, 27 insertions, 32 deletions
diff --git a/phpBB/install/install.php b/phpBB/install/install.php index 6d31ceeb59..ab8ad4341c 100644 --- a/phpBB/install/install.php +++ b/phpBB/install/install.php @@ -14,7 +14,8 @@ define('IN_PHPBB', true); // Error reporting level and runtime escaping -//error_reporting (E_ERROR | E_WARNING | E_PARSE); +//error_reporting(E_ERROR | E_WARNING | E_PARSE); +error_reporting(E_ALL); set_magic_quotes_runtime(0); @set_time_limit(120); @@ -27,14 +28,17 @@ include($phpbb_root_path . 'includes/session.'.$phpEx); include($phpbb_root_path . 'includes/acm/acm_file.'.$phpEx); include($phpbb_root_path . 'includes/functions_admin.'.$phpEx); -// Slash data if necessary -if (!get_magic_quotes_gpc()) +// Be paranoid with passed vars +if (@ini_get('register_globals')) { - $_GET = slash_input_data($_GET); - $_POST = slash_input_data($_POST); - $_COOKIE = slash_input_data($_POST); + foreach ($_REQUEST as $var_name => $void) + { + unset(${$var_name}); + } } +define('STRIP', (get_magic_quotes_gpc()) ? true : false); + // Instantiate classes for future use $user = new user(); $auth = new auth(); @@ -54,17 +58,16 @@ if (@file_exists($phpbb_root_path . 'config.'.$phpEx)) // Obtain various vars -$stage = (isset($_POST['stage'])) ? intval($_POST['stage']) : 0; +$stage = request_var('stage', 0); //, 'acm_type' // These are all strings so we'll just traverse an array $var_ary = array('language', 'dbms', 'dbhost', 'dbport', 'dbuser', 'dbpasswd', 'dbname', 'table_prefix', 'admin_name', 'admin_pass1', 'admin_pass2', 'board_email1', 'board_email2', 'server_name', 'server_port', 'script_path', 'img_imagick', 'ftp_path', 'ftp_user', 'ftp_pass'); foreach ($var_ary as $var) { - $$var = (isset($_POST[$var])) ? htmlspecialchars($_POST[$var]) : false; + $$var = request_var($var, ''); } - // Set some vars define('ANONYMOUS', 1); @@ -429,7 +432,7 @@ if ($stage == 0) <h1><?php echo $lang['DIRECTORIES_AND_FILES']; ?></h2> -<h2><? echo $lang['REQUIRED']; ?></h2> +<h2><? echo $lang['INSTALL_REQUIRED']; ?></h2> <p><?php echo $lang['INSTALL_REQUIRED_FILES']; ?></p> @@ -638,7 +641,7 @@ if ($stage == 1) </tr> <?php - if (sizeof($error['admin'])) + if (isset($error['admin']) && sizeof($error['admin'])) { ?> <tr> @@ -685,7 +688,7 @@ if ($stage == 1) </tr> <?php - if (sizeof($error['db'])) + if (isset($error['db']) && sizeof($error['db'])) { ?> <tr> @@ -736,7 +739,7 @@ if ($stage == 1) </tr> <?php - if (sizeof($error['server'])) + if (isset($error['server']) && sizeof($error['server'])) { ?> <tr> @@ -1021,7 +1024,7 @@ if ($stage == 2) // Everything should now be in place so we'll go ahead with the actual // setup of the database. Hopefully nothing will go wrong from this -// point on ... it really shouldn""""""ttttttt +// point on ... it really shouldn't if ($stage == 3) { // If we get here and the extension isn't loaded we know that we @@ -1053,7 +1056,6 @@ if ($stage == 3) // How should we treat this schema? $remove_remarks = $available_dbms[$dbms]['COMMENTS'];; $delimiter = $available_dbms[$dbms]['DELIM']; - $delimiter_basic = $available_dbms[$dbms]['DELIM_BASIC']; $sql_query = @fread(@fopen($dbms_schema, 'r'), @filesize($dbms_schema)); $sql_query = preg_replace('#phpbb_#is', $table_prefix, $sql_query); @@ -1149,7 +1151,7 @@ if ($stage == 3) WHERE config_name = 'newest_username'", 'UPDATE ' . $table_prefix . "users - SET username = '" . $db->sql_escape($admin_name) . "', user_password='" . $db->sql_escape(md5($admin_pass1)) . "', user_lang = '" . $db->sql_escape($language) . "', user_email='" . $db->sql_escape($board_email) . "' + SET username = '" . $db->sql_escape($admin_name) . "', user_password='" . $db->sql_escape(md5($admin_pass1)) . "', user_lang = '" . $db->sql_escape($language) . "', user_email='" . $db->sql_escape($board_email1) . "' WHERE username = 'Admin'", 'UPDATE ' . $table_prefix . "moderator_cache @@ -1201,6 +1203,12 @@ if ($stage == 4) define('USERS_TABLE', $table_prefix . 'users'); define('GROUPS_TABLE', $table_prefix . 'groups'); define('BANLIST_TABLE', $table_prefix . 'banlist'); + define('CONFIG_TABLE', $table_prefix . 'config'); + define('USER_NORMAL', 0); + define('USER_INACTIVE', 1); + define('USER_IGNORE', 2); + define('USER_FOUNDER', 3); + $sql = "SELECT * FROM {$table_prefix}config"; @@ -1242,20 +1250,6 @@ exit; // FUNCTIONS // -// addslashes to vars if magic_quotes_gpc is off this is a security precaution -// to prevent someone trying to break out of a SQL statement. -function slash_input_data(&$data) -{ - if (is_array($data)) - { - foreach ($data as $k => $v) - { - $data[$k] = (is_array($v)) ? slash_input_data($v) : addslashes($v); - } - } - return $data; -} - // Output page -> header function inst_page_header() { @@ -1362,6 +1356,7 @@ function inst_language_select($default = '') @asort($lang); @reset($lang); + $user_select = ''; foreach ($lang as $displayname => $filename) { $selected = (strtolower($default) == strtolower($filename)) ? ' selected="selected"' : ''; @@ -1460,7 +1455,7 @@ function connect_check_db($error_connect, &$error, &$dbms, &$table_prefix, &$dbh $db->sql_close(); } - if ($error_connect && !sizeof($error['db'])) + if ($error_connect && (!isset($error['db']) || !sizeof($error['db']))) { $error['db'][] = $lang['INSTALL_DB_CONNECT']; } @@ -1469,4 +1464,4 @@ function connect_check_db($error_connect, &$error, &$dbms, &$table_prefix, &$dbh // FUNCTIONS // --------- -?> +?>
\ No newline at end of file |