mirrors
/
nextcloud
mirror of https://github.com/nextcloud/server.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 1008 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8383 Commits
416 Branches
Tree: fdd667a83c
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'fdd667a83c'
${ noResults }
nextcloud/lib/setup.php

setup.php 21KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581 
  1. <?php

  2. 

  3. class OC_Setup {

  4. 	public static function install($options) {

  5. 		$error = array();

  6. 		$dbtype = $options['dbtype'];

  7. 

  8. 		if(empty($options['adminlogin'])) {

  9. 			$error[] = 'Set an admin username.';

  10. 		}

  11. 		if(empty($options['adminpass'])) {

  12. 			$error[] = 'Set an admin password.';

  13. 		}

  14. 		if(empty($options['directory'])) {

  15. 			$error[] = 'Specify a data folder.';

  16. 		}

  17. 

  18. 		if($dbtype=='mysql' or $dbtype == 'pgsql' or $dbtype == 'oci') { //mysql and postgresql needs more config options

  19. 			if($dbtype=='mysql')

  20. 				$dbprettyname = 'MySQL';

  21. 			else if($dbtype=='pgsql')

  22. 					$dbprettyname = 'PostgreSQL';

  23. 			else

  24. 					$dbprettyname = 'Oracle';

  25. 

  26. 

  27. 			if(empty($options['dbuser'])) {

  28. 				$error[] = "$dbprettyname enter the database username.";

  29. 			}

  30. 			if(empty($options['dbname'])) {

  31. 				$error[] = "$dbprettyname enter the database name.";

  32. 			}

  33. 			if(substr_count($options['dbname'], '.') >= 1) {

  34. 				$error[] = "$dbprettyname you may not use dots in the database name";

  35. 			}

  36. 			if($dbtype != 'oci' && empty($options['dbhost'])) {

  37. 				$error[] = "$dbprettyname set the database host.";

  38. 			}

  39. 		}

  40. 

  41. 		if(count($error) == 0) { //no errors, good

  42. 			$username = htmlspecialchars_decode($options['adminlogin']);

  43. 			$password = htmlspecialchars_decode($options['adminpass']);

  44. 			$datadir = htmlspecialchars_decode($options['directory']);

  45. 

  46. 			//use sqlite3 when available, otherise sqlite2 will be used.

  47. 			if($dbtype=='sqlite' and class_exists('SQLite3')) {

  48. 				$dbtype='sqlite3';

  49. 			}

  50. 

  51. 			//generate a random salt that is used to salt the local user passwords

  52. 			$salt = OC_Util::generate_random_bytes(30);

  53. 			OC_Config::setValue('passwordsalt', $salt);

  54. 

  55. 			//write the config file

  56. 			OC_Config::setValue('datadirectory', $datadir);

  57. 			OC_Config::setValue('dbtype', $dbtype);

  58. 			OC_Config::setValue('version', implode('.', OC_Util::getVersion()));

  59. 			if($dbtype == 'mysql') {

  60. 				$dbuser = $options['dbuser'];

  61. 				$dbpass = $options['dbpass'];

  62. 				$dbname = $options['dbname'];

  63. 				$dbhost = $options['dbhost'];

  64. 				$dbtableprefix = isset($options['dbtableprefix']) ? $options['dbtableprefix'] : 'oc_';

  65. 

  66. 				OC_Config::setValue('dbname', $dbname);

  67. 				OC_Config::setValue('dbhost', $dbhost);

  68. 				OC_Config::setValue('dbtableprefix', $dbtableprefix);

  69. 

  70. 				try {

  71. 					self::setupMySQLDatabase($dbhost, $dbuser, $dbpass, $dbname, $dbtableprefix, $username);

  72. 				} catch (Exception $e) {

  73. 					$error[] = array(

  74. 						'error' => 'MySQL username and/or password not valid',

  75. 						'hint' => 'You need to enter either an existing account or the administrator.'

  76. 					);

  77. 					return($error);

  78. 				}

  79. 			}

  80. 			elseif($dbtype == 'pgsql') {

  81. 				$dbuser = $options['dbuser'];

  82. 				$dbpass = $options['dbpass'];

  83. 				$dbname = $options['dbname'];

  84. 				$dbhost = $options['dbhost'];

  85. 				$dbtableprefix = isset($options['dbtableprefix']) ? $options['dbtableprefix'] : 'oc_';

  86. 

  87. 				OC_Config::setValue('dbname', $dbname);

  88. 				OC_Config::setValue('dbhost', $dbhost);

  89. 				OC_Config::setValue('dbtableprefix', $dbtableprefix);

  90. 

  91. 				try {

  92. 					self::setupPostgreSQLDatabase($dbhost, $dbuser, $dbpass, $dbname, $dbtableprefix, $username);

  93. 				} catch (Exception $e) {

  94. 					$error[] = array(

  95. 						'error' => 'PostgreSQL username and/or password not valid',

  96. 						'hint' => 'You need to enter either an existing account or the administrator.'

  97. 					);

  98. 					return $error;

  99. 				}

  100. 			}

  101. 			elseif($dbtype == 'oci') {

  102. 				$dbuser = $options['dbuser'];

  103. 				$dbpass = $options['dbpass'];

  104. 				$dbname = $options['dbname'];

  105. 				$dbtablespace = $options['dbtablespace'];

  106. 				$dbhost = isset($options['dbhost'])?$options['dbhost']:'';

  107. 				$dbtableprefix = isset($options['dbtableprefix']) ? $options['dbtableprefix'] : 'oc_';

  108. 

  109. 				OC_Config::setValue('dbname', $dbname);

  110. 				OC_Config::setValue('dbtablespace', $dbtablespace);

  111. 				OC_Config::setValue('dbhost', $dbhost);

  112. 				OC_Config::setValue('dbtableprefix', $dbtableprefix);

  113. 

  114. 				try {

  115. 					self::setupOCIDatabase($dbhost, $dbuser, $dbpass, $dbname, $dbtableprefix, $dbtablespace, $username);

  116. 				} catch (Exception $e) {

  117. 					$error[] = array(

  118. 						'error' => 'Oracle username and/or password not valid',

  119. 						'hint' => 'You need to enter either an existing account or the administrator.'

  120. 					);

  121. 					return $error;

  122. 				}

  123. 			}

  124. 			else {

  125. 				//delete the old sqlite database first, might cause infinte loops otherwise

  126. 				if(file_exists("$datadir/owncloud.db")) {

  127. 					unlink("$datadir/owncloud.db");

  128. 				}

  129. 				//in case of sqlite, we can always fill the database

  130. 				OC_DB::createDbFromStructure('db_structure.xml');

  131. 			}

  132. 

  133. 			//create the user and group

  134. 			try {

  135. 				OC_User::createUser($username, $password);

  136. 			}

  137. 			catch(Exception $exception) {

  138. 				$error[] = $exception->getMessage();

  139. 			}

  140. 

  141. 			if(count($error) == 0) {

  142. 				OC_Appconfig::setValue('core', 'installedat', microtime(true));

  143. 				OC_Appconfig::setValue('core', 'lastupdatedat', microtime(true));

  144. 

  145. 				OC_Group::createGroup('admin');

  146. 				OC_Group::addToGroup($username, 'admin');

  147. 				OC_User::login($username, $password);

  148. 

  149. 				//guess what this does

  150. 				OC_Installer::installShippedApps();

  151. 

  152. 				//create htaccess files for apache hosts

  153. 				if (isset($_SERVER['SERVER_SOFTWARE']) && strstr($_SERVER['SERVER_SOFTWARE'], 'Apache')) {

  154. 					self::createHtaccess();

  155. 				}

  156. 				

  157. 				//and we are done

  158. 				OC_Config::setValue('installed', true);

  159. 			}

  160. 		}

  161. 

  162. 		return $error;

  163. 	}

  164. 

  165. 	private static function setupMySQLDatabase($dbhost, $dbuser, $dbpass, $dbname, $dbtableprefix, $username) {

  166. 		//check if the database user has admin right

  167. 		$connection = @mysql_connect($dbhost, $dbuser, $dbpass);

  168. 		if(!$connection) {

  169. 			throw new Exception('MySQL username and/or password not valid');

  170. 		}

  171. 		$oldUser=OC_Config::getValue('dbuser', false);

  172. 

  173. 		$query="SELECT user FROM mysql.user WHERE user='$dbuser'"; //this should be enough to check for admin rights in mysql

  174. 		if(mysql_query($query, $connection)) {

  175. 			//use the admin login data for the new database user

  176. 

  177. 			//add prefix to the mysql user name to prevent collisions

  178. 			$dbusername=substr('oc_'.$username, 0, 16);

  179. 			if($dbusername!=$oldUser) {

  180. 				//hash the password so we don't need to store the admin config in the config file

  181. 				$dbpassword=md5(time().$dbpass);

  182. 

  183. 				self::createDBUser($dbusername, $dbpassword, $connection);

  184. 

  185. 				OC_Config::setValue('dbuser', $dbusername);

  186. 				OC_Config::setValue('dbpassword', $dbpassword);

  187. 			}

  188. 

  189. 			//create the database

  190. 			self::createMySQLDatabase($dbname, $dbusername, $connection);

  191. 		}

  192. 		else {

  193. 			if($dbuser!=$oldUser) {

  194. 				OC_Config::setValue('dbuser', $dbuser);

  195. 				OC_Config::setValue('dbpassword', $dbpass);

  196. 			}

  197. 

  198. 			//create the database

  199. 			self::createMySQLDatabase($dbname, $dbuser, $connection);

  200. 		}

  201. 

  202. 		//fill the database if needed

  203. 		$query="select count(*) from information_schema.tables where table_schema='$dbname' AND table_name = '{$dbtableprefix}users';";

  204. 		$result = mysql_query($query, $connection);

  205. 		if($result) {

  206. 			$row=mysql_fetch_row($result);

  207. 		}

  208. 		if(!$result or $row[0]==0) {

  209. 			OC_DB::createDbFromStructure('db_structure.xml');

  210. 		}

  211. 		mysql_close($connection);

  212. 	}

  213. 

  214. 	private static function createMySQLDatabase($name, $user, $connection) {

  215. 		//we cant use OC_BD functions here because we need to connect as the administrative user.

  216. 		$query = "CREATE DATABASE IF NOT EXISTS  `$name`";

  217. 		$result = mysql_query($query, $connection);

  218. 		if(!$result) {

  219. 			$entry='DB Error: "'.mysql_error($connection).'"<br />';

  220. 			$entry.='Offending command was: '.$query.'<br />';

  221. 			echo($entry);

  222. 		}

  223. 		$query="GRANT ALL PRIVILEGES ON  `$name` . * TO  '$user'";

  224. 		$result = mysql_query($query, $connection); //this query will fail if there aren't the right permissons, ignore the error

  225. 	}

  226. 

  227. 	private static function createDBUser($name, $password, $connection) {

  228. 		// we need to create 2 accounts, one for global use and one for local user. if we don't specify the local one,

  229. 		// the anonymous user would take precedence when there is one.

  230. 		$query = "CREATE USER '$name'@'localhost' IDENTIFIED BY '$password'";

  231. 		$result = mysql_query($query, $connection);

  232. 		$query = "CREATE USER '$name'@'%' IDENTIFIED BY '$password'";

  233. 		$result = mysql_query($query, $connection);

  234. 	}

  235. 

  236. 	private static function setupPostgreSQLDatabase($dbhost, $dbuser, $dbpass, $dbname, $dbtableprefix, $username) {

  237. 		$e_host = addslashes($dbhost);

  238. 		$e_user = addslashes($dbuser);

  239. 		$e_password = addslashes($dbpass);

  240. 

  241. 		//check if the database user has admin rights

  242. 		$connection_string = "host='$e_host' dbname=postgres user='$e_user' password='$e_password'";

  243. 		$connection = @pg_connect($connection_string);

  244. 		if(!$connection) {

  245. 			throw new Exception('PostgreSQL username and/or password not valid');

  246. 		}

  247. 		$e_user = pg_escape_string($dbuser);

  248. 		//check for roles creation rights in postgresql

  249. 		$query="SELECT 1 FROM pg_roles WHERE rolcreaterole=TRUE AND rolname='$e_user'";

  250. 		$result = pg_query($connection, $query);

  251. 		if($result and pg_num_rows($result) > 0) {

  252. 			//use the admin login data for the new database user

  253. 

  254. 			//add prefix to the postgresql user name to prevent collisions

  255. 			$dbusername='oc_'.$username;

  256. 			//create a new password so we don't need to store the admin config in the config file

  257. 			$dbpassword=md5(time());

  258. 

  259. 			self::pg_createDBUser($dbusername, $dbpassword, $connection);

  260. 

  261. 			OC_Config::setValue('dbuser', $dbusername);

  262. 			OC_Config::setValue('dbpassword', $dbpassword);

  263. 

  264. 			//create the database

  265. 			self::pg_createDatabase($dbname, $dbusername, $connection);

  266. 		}

  267. 		else {

  268. 			OC_Config::setValue('dbuser', $dbuser);

  269. 			OC_Config::setValue('dbpassword', $dbpass);

  270. 

  271. 			//create the database

  272. 			self::pg_createDatabase($dbname, $dbuser, $connection);

  273. 		}

  274. 

  275. 		// the connection to dbname=postgres is not needed anymore

  276. 		pg_close($connection);

  277. 

  278. 		// connect to the ownCloud database (dbname=$dbname) and check if it needs to be filled

  279. 		$dbuser = OC_Config::getValue('dbuser');

  280. 		$dbpass = OC_Config::getValue('dbpassword');

  281. 

  282. 		$e_host = addslashes($dbhost);

  283. 		$e_dbname = addslashes($dbname);

  284. 		$e_user = addslashes($dbuser);

  285. 		$e_password = addslashes($dbpass);

  286. 

  287. 		$connection_string = "host='$e_host' dbname='$e_dbname' user='$e_user' password='$e_password'";

  288. 		$connection = @pg_connect($connection_string);

  289. 		if(!$connection) {

  290. 			throw new Exception('PostgreSQL username and/or password not valid');

  291. 		}

  292. 		$query = "select count(*) FROM pg_class WHERE relname='{$dbtableprefix}users' limit 1";

  293. 		$result = pg_query($connection, $query);

  294. 		if($result) {

  295. 			$row = pg_fetch_row($result);

  296. 		}

  297. 		if(!$result or $row[0]==0) {

  298. 			OC_DB::createDbFromStructure('db_structure.xml');

  299. 		}

  300. 	}

  301. 

  302. 	private static function pg_createDatabase($name, $user, $connection) {

  303. 		//we cant use OC_BD functions here because we need to connect as the administrative user.

  304. 		$e_name = pg_escape_string($name);

  305. 		$e_user = pg_escape_string($user);

  306. 		$query = "select datname from pg_database where datname = '$e_name'";

  307. 		$result = pg_query($connection, $query);

  308. 		if(!$result) {

  309. 			$entry='DB Error: "'.pg_last_error($connection).'"<br />';

  310. 			$entry.='Offending command was: '.$query.'<br />';

  311. 			echo($entry);

  312. 		}

  313. 		if(! pg_fetch_row($result)) {

  314. 			//The database does not exists... let's create it

  315. 			$query = "CREATE DATABASE \"$e_name\" OWNER \"$e_user\"";

  316. 			$result = pg_query($connection, $query);

  317. 			if(!$result) {

  318. 				$entry='DB Error: "'.pg_last_error($connection).'"<br />';

  319. 				$entry.='Offending command was: '.$query.'<br />';

  320. 				echo($entry);

  321. 			}

  322. 			else {

  323. 				$query = "REVOKE ALL PRIVILEGES ON DATABASE \"$e_name\" FROM PUBLIC";

  324. 				$result = pg_query($connection, $query);

  325. 			}

  326. 		}

  327. 	}

  328. 

  329. 	private static function pg_createDBUser($name, $password, $connection) {

  330. 		$e_name = pg_escape_string($name);

  331. 		$e_password = pg_escape_string($password);

  332. 		$query = "select * from pg_roles where rolname='$e_name';";

  333. 		$result = pg_query($connection, $query);

  334. 		if(!$result) {

  335. 			$entry='DB Error: "'.pg_last_error($connection).'"<br />';

  336. 			$entry.='Offending command was: '.$query.'<br />';

  337. 			echo($entry);

  338. 		}

  339. 

  340. 		if(! pg_fetch_row($result)) {

  341. 			//user does not exists let's create it :)

  342. 			$query = "CREATE USER \"$e_name\" CREATEDB PASSWORD '$e_password';";

  343. 			$result = pg_query($connection, $query);

  344. 			if(!$result) {

  345. 				$entry='DB Error: "'.pg_last_error($connection).'"<br />';

  346. 				$entry.='Offending command was: '.$query.'<br />';

  347. 				echo($entry);

  348. 			}

  349. 		}

  350. 		else { // change password of the existing role

  351. 			$query = "ALTER ROLE \"$e_name\" WITH PASSWORD '$e_password';";

  352. 			$result = pg_query($connection, $query);

  353. 			if(!$result) {

  354. 				$entry='DB Error: "'.pg_last_error($connection).'"<br />';

  355. 				$entry.='Offending command was: '.$query.'<br />';

  356. 				echo($entry);

  357. 			}

  358. 		}

  359. 	}

  360. 

  361. 	private static function setupOCIDatabase($dbhost, $dbuser, $dbpass, $dbname, $dbtableprefix, $dbtablespace, $username) {

  362. 		$e_host = addslashes($dbhost);

  363. 		$e_dbname = addslashes($dbname);

  364. 		//check if the database user has admin right

  365. 		if ($e_host == '') {

  366. 			$easy_connect_string = $e_dbname; // use dbname as easy connect name

  367. 		} else {

  368. 			$easy_connect_string = '//'.$e_host.'/'.$e_dbname;

  369. 		}

  370. 		$connection = @oci_connect($dbuser, $dbpass, $easy_connect_string);

  371. 		if(!$connection) {

  372. 			$e = oci_error();

  373. 			throw new Exception('Oracle username and/or password not valid');

  374. 		}

  375. 		//check for roles creation rights in oracle

  376. 

  377. 		$query="SELECT count(*) FROM user_role_privs, role_sys_privs WHERE user_role_privs.granted_role = role_sys_privs.role AND privilege = 'CREATE ROLE'";

  378. 		$stmt = oci_parse($connection, $query);

  379. 		if (!$stmt) {

  380. 			$entry='DB Error: "'.oci_last_error($connection).'"<br />';

  381. 			$entry.='Offending command was: '.$query.'<br />';

  382. 			echo($entry);

  383. 		}

  384. 		$result = oci_execute($stmt);

  385. 		if($result) {

  386. 			$row = oci_fetch_row($stmt);

  387. 		}

  388. 		if($result and $row[0] > 0) {

  389. 			//use the admin login data for the new database user

  390. 

  391. 			//add prefix to the oracle user name to prevent collisions

  392. 			$dbusername='oc_'.$username;

  393. 			//create a new password so we don't need to store the admin config in the config file

  394. 			$dbpassword=md5(time().$dbpass);

  395. 

  396. 			//oracle passwords are treated as identifiers:

  397. 			//  must start with aphanumeric char

  398. 			//  needs to be shortened to 30 bytes, as the two " needed to escape the identifier count towards the identifier length.

  399. 			$dbpassword=substr($dbpassword, 0, 30);

  400. 

  401. 			self::oci_createDBUser($dbusername, $dbpassword, $dbtablespace, $connection);

  402. 

  403. 			OC_Config::setValue('dbuser', $dbusername);

  404. 			OC_Config::setValue('dbname', $dbusername);

  405. 			OC_Config::setValue('dbpassword', $dbpassword);

  406. 

  407. 			//create the database not neccessary, oracle implies user = schema

  408. 			//self::oci_createDatabase($dbname, $dbusername, $connection);

  409. 		} else {

  410. 

  411. 			OC_Config::setValue('dbuser', $dbuser);

  412. 			OC_Config::setValue('dbname', $dbname);

  413. 			OC_Config::setValue('dbpassword', $dbpass);

  414. 

  415. 			//create the database not neccessary, oracle implies user = schema

  416. 			//self::oci_createDatabase($dbname, $dbuser, $connection);

  417. 		}

  418. 

  419. 		//FIXME check tablespace exists: select * from user_tablespaces

  420. 

  421. 		// the connection to dbname=oracle is not needed anymore

  422. 		oci_close($connection);

  423. 

  424. 		// connect to the oracle database (schema=$dbuser) an check if the schema needs to be filled

  425. 		$dbuser = OC_Config::getValue('dbuser');

  426. 		//$dbname = OC_Config::getValue('dbname');

  427. 		$dbpass = OC_Config::getValue('dbpassword');

  428. 

  429. 		$e_host = addslashes($dbhost);

  430. 		$e_dbname = addslashes($dbname);

  431. 

  432. 		if ($e_host == '') {

  433. 			$easy_connect_string = $e_dbname; // use dbname as easy connect name

  434. 		} else {

  435. 			$easy_connect_string = '//'.$e_host.'/'.$e_dbname;

  436. 		}

  437. 		$connection = @oci_connect($dbuser, $dbpass, $easy_connect_string);

  438. 		if(!$connection) {

  439. 			throw new Exception('Oracle username and/or password not valid');

  440. 		}

  441. 		$query = "SELECT count(*) FROM user_tables WHERE table_name = :un";

  442. 		$stmt = oci_parse($connection, $query);

  443. 		$un = $dbtableprefix.'users';

  444. 		oci_bind_by_name($stmt, ':un', $un);

  445. 		if (!$stmt) {

  446. 			$entry='DB Error: "'.oci_last_error($connection).'"<br />';

  447. 			$entry.='Offending command was: '.$query.'<br />';

  448. 			echo($entry);

  449. 		}

  450. 		$result = oci_execute($stmt);

  451. 

  452. 		if($result) {

  453. 			$row = oci_fetch_row($stmt);

  454. 		}

  455. 		if(!$result or $row[0]==0) {

  456. 			OC_DB::createDbFromStructure('db_structure.xml');

  457. 		}

  458. 	}

  459. 

  460. 	/**

  461. 	 *

  462. 	 * @param String $name

  463. 	 * @param String $password

  464. 	 * @param String $tablespace

  465. 	 * @param resource $connection

  466. 	 */

  467. 	private static function oci_createDBUser($name, $password, $tablespace, $connection) {

  468. 

  469. 		$query = "SELECT * FROM all_users WHERE USERNAME = :un";

  470. 		$stmt = oci_parse($connection, $query);

  471. 		if (!$stmt) {

  472. 			$entry='DB Error: "'.oci_error($connection).'"<br />';

  473. 			$entry.='Offending command was: '.$query.'<br />';

  474. 			echo($entry);

  475. 		}

  476. 		oci_bind_by_name($stmt, ':un', $name);

  477. 		$result = oci_execute($stmt);

  478. 		if(!$result) {

  479. 			$entry='DB Error: "'.oci_error($connection).'"<br />';

  480. 			$entry.='Offending command was: '.$query.'<br />';

  481. 			echo($entry);

  482. 		}

  483. 

  484. 		if(! oci_fetch_row($stmt)) {

  485. 			//user does not exists let's create it :)

  486. 			//password must start with alphabetic character in oracle

  487. 			$query = 'CREATE USER '.$name.' IDENTIFIED BY "'.$password.'" DEFAULT TABLESPACE '.$tablespace; //TODO set default tablespace

  488. 			$stmt = oci_parse($connection, $query);

  489. 			if (!$stmt) {

  490. 				$entry='DB Error: "'.oci_error($connection).'"<br />';

  491. 				$entry.='Offending command was: '.$query.'<br />';

  492. 				echo($entry);

  493. 			}

  494. 			//oci_bind_by_name($stmt, ':un', $name);

  495. 			$result = oci_execute($stmt);

  496. 			if(!$result) {

  497. 				$entry='DB Error: "'.oci_error($connection).'"<br />';

  498. 				$entry.='Offending command was: '.$query.', name:'.$name.', password:'.$password.'<br />';

  499. 				echo($entry);

  500. 			}

  501. 		} else { // change password of the existing role

  502. 			$query = "ALTER USER :un IDENTIFIED BY :pw";

  503. 			$stmt = oci_parse($connection, $query);

  504. 			if (!$stmt) {

  505. 				$entry='DB Error: "'.oci_error($connection).'"<br />';

  506. 				$entry.='Offending command was: '.$query.'<br />';

  507. 				echo($entry);

  508. 			}

  509. 			oci_bind_by_name($stmt, ':un', $name);

  510. 			oci_bind_by_name($stmt, ':pw', $password);

  511. 			$result = oci_execute($stmt);

  512. 			if(!$result) {

  513. 				$entry='DB Error: "'.oci_error($connection).'"<br />';

  514. 				$entry.='Offending command was: '.$query.'<br />';

  515. 				echo($entry);

  516. 			}

  517. 		}

  518. 		// grant neccessary roles

  519. 		$query = 'GRANT CREATE SESSION, CREATE TABLE, CREATE SEQUENCE, CREATE TRIGGER, UNLIMITED TABLESPACE TO '.$name;

  520. 		$stmt = oci_parse($connection, $query);

  521. 		if (!$stmt) {

  522. 			$entry='DB Error: "'.oci_error($connection).'"<br />';

  523. 			$entry.='Offending command was: '.$query.'<br />';

  524. 			echo($entry);

  525. 		}

  526. 		$result = oci_execute($stmt);

  527. 		if(!$result) {

  528. 			$entry='DB Error: "'.oci_error($connection).'"<br />';

  529. 			$entry.='Offending command was: '.$query.', name:'.$name.', password:'.$password.'<br />';

  530. 			echo($entry);

  531. 		}

  532. 	}

  533. 

  534. 	/**

  535. 	 * create .htaccess files for apache hosts

  536. 	 */

  537. 	private static function createHtaccess() {

  538. 		$content = "<IfModule mod_fcgid.c>\n";

  539. 		$content.= "<IfModule mod_setenvif.c>\n";

  540. 		$content.= "<IfModule mod_headers.c>\n";

  541. 		$content.= "SetEnvIfNoCase ^Authorization$ \"(.+)\" XAUTHORIZATION=$1\n";

  542. 		$content.= "RequestHeader set XAuthorization %{XAUTHORIZATION}e env=XAUTHORIZATION\n";

  543. 		$content.= "</IfModule>\n";

  544. 		$content.= "</IfModule>\n";

  545. 		$content.= "</IfModule>\n";

  546. 		$content.= "ErrorDocument 403 ".OC::$WEBROOT."/core/templates/403.php\n";//custom 403 error page

  547. 		$content.= "ErrorDocument 404 ".OC::$WEBROOT."/core/templates/404.php\n";//custom 404 error page

  548. 		$content.= "<IfModule mod_php5.c>\n";

  549. 		$content.= "php_value upload_max_filesize 512M\n";//upload limit

  550. 		$content.= "php_value post_max_size 512M\n";

  551. 		$content.= "php_value memory_limit 512M\n";

  552. 		$content.= "<IfModule env_module>\n";

  553. 		$content.= "  SetEnv htaccessWorking true\n";

  554. 		$content.= "</IfModule>\n";

  555. 		$content.= "</IfModule>\n";

  556. 		$content.= "<IfModule mod_rewrite.c>\n";

  557. 		$content.= "RewriteEngine on\n";

  558. 		$content.= "RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]\n";

  559. 		$content.= "RewriteRule ^.well-known/host-meta /public.php?service=host-meta [QSA,L]\n";

  560. 		$content.= "RewriteRule ^.well-known/carddav /remote.php/carddav/ [R]\n";

  561. 		$content.= "RewriteRule ^.well-known/caldav /remote.php/caldav/ [R]\n";

  562. 		$content.= "RewriteRule ^apps/([^/]*)/(.*\.(css|php))$ index.php?app=$1&getfile=$2 [QSA,L]\n";

  563. 		$content.= "RewriteRule ^remote/(.*) remote.php [QSA,L]\n";

  564. 		$content.= "</IfModule>\n";

  565. 		$content.= "<IfModule mod_mime.c>\n";

  566. 		$content.= "AddType image/svg+xml svg svgz\n";

  567. 		$content.= "AddEncoding gzip svgz\n";

  568. 		$content.= "</IfModule>\n";

  569. 		$content.= "Options -Indexes\n";

  570. 		@file_put_contents(OC::$SERVERROOT.'/.htaccess', $content); //supress errors in case we don't have permissions for it

  571. 

  572. 		self::protectDataDirectory();

  573. 	}

  574. 

  575. 	public static function protectDataDirectory() {

  576. 		$content = "deny from all\n";

  577. 		$content.= "IndexIgnore *";

  578. 		file_put_contents(OC_Config::getValue('datadirectory', OC::$SERVERROOT.'/data').'/.htaccess', $content);

  579. 		file_put_contents(OC_Config::getValue('datadirectory', OC::$SERVERROOT.'/data').'/index.html', '');

  580. 	}

  581. }