diff options
| -rw-r--r-- | core/setup.php | 73 | ||||
| -rw-r--r-- | core/setup/controller.php | 138 | ||||
| -rw-r--r-- | core/templates/installation.php | 78 | ||||
| -rw-r--r-- | lib/base.php | 3 | ||||
| -rw-r--r-- | lib/private/helper.php | 23 | ||||
| -rwxr-xr-x | lib/private/util.php | 8 |
6 files changed, 162 insertions, 161 deletions
diff --git a/core/setup.php b/core/setup.php deleted file mode 100644 index 958376b2cce..00000000000 --- a/core/setup.php +++ /dev/null @@ -1,73 +0,0 @@ -<?php - -// Check for autosetup: -$autosetup_file = OC::$SERVERROOT."/config/autoconfig.php"; -if( file_exists( $autosetup_file )) { - OC_Log::write('core', 'Autoconfig file found, setting up owncloud...', OC_Log::INFO); - include $autosetup_file; - $_POST = array_merge ($_POST, $AUTOCONFIG); - $_REQUEST = array_merge ($_REQUEST, $AUTOCONFIG); -} - -$dbIsSet = isset($_POST['dbtype']); -$directoryIsSet = isset($_POST['directory']); -$adminAccountIsSet = isset($_POST['adminlogin']); - -if ($dbIsSet AND $directoryIsSet AND $adminAccountIsSet) { - $_POST['install'] = 'true'; - if( file_exists( $autosetup_file )) { - unlink($autosetup_file); - } -} - -OC_Util::addScript( '3rdparty', 'strengthify/jquery.strengthify' ); -OC_Util::addStyle( '3rdparty', 'strengthify/strengthify' ); -OC_Util::addScript('setup'); - -$hasSQLite = class_exists('SQLite3'); -$hasMySQL = is_callable('mysql_connect'); -$hasPostgreSQL = is_callable('pg_connect'); -$hasOracle = is_callable('oci_connect'); -$hasMSSQL = is_callable('sqlsrv_connect'); -$datadir = OC_Config::getValue('datadirectory', OC::$SERVERROOT.'/data'); -$vulnerableToNullByte = false; -if(@file_exists(__FILE__."\0Nullbyte")) { // Check if the used PHP version is vulnerable to the NULL Byte attack (CVE-2006-7243) - $vulnerableToNullByte = true; -} - -// Protect data directory here, so we can test if the protection is working -OC_Setup::protectDataDirectory(); - -$opts = array( - 'hasSQLite' => $hasSQLite, - 'hasMySQL' => $hasMySQL, - 'hasPostgreSQL' => $hasPostgreSQL, - 'hasOracle' => $hasOracle, - 'hasMSSQL' => $hasMSSQL, - 'directory' => $datadir, - 'secureRNG' => OC_Util::secureRNGAvailable(), - 'htaccessWorking' => OC_Util::isHtAccessWorking(), - 'vulnerableToNullByte' => $vulnerableToNullByte, - 'errors' => array(), - 'dbIsSet' => $dbIsSet, - 'directoryIsSet' => $directoryIsSet, -); - -if(isset($_POST['install']) AND $_POST['install']=='true') { - // We have to launch the installation process : - $e = OC_Setup::install($_POST); - $errors = array('errors' => $e); - - if(count($e) > 0) { - //OC_Template::printGuestPage("", "error", array("errors" => $errors)); - $options = array_merge($_POST, $opts, $errors); - OC_Template::printGuestPage("", "installation", $options); - } - else { - header( 'Location: '.OC_Helper::linkToRoute( 'post_setup_check' )); - exit(); - } -} -else { - OC_Template::printGuestPage("", "installation", $opts); -} diff --git a/core/setup/controller.php b/core/setup/controller.php new file mode 100644 index 00000000000..c628bda609b --- /dev/null +++ b/core/setup/controller.php @@ -0,0 +1,138 @@ +<?php +/** + * Copyright (c) 2013 Bart Visscher <bartv@thisnet.nl> + * This file is licensed under the Affero General Public License version 3 or + * later. + * See the COPYING-README file. + */ + +namespace OC\Core\Setup; + +class Controller { + public function run($post) { + // Check for autosetup: + $post = $this->loadAutoConfig($post); + $opts = $this->getSystemInfo(); + + if(isset($post['install']) AND $post['install']=='true') { + // We have to launch the installation process : + $e = \OC_Setup::install($post); + $errors = array('errors' => $e); + + if(count($e) > 0) { + $options = array_merge($post, $opts, $errors); + $this->display($options); + } + else { + $this->finishSetup(); + } + } + else { + $this->display($opts); + } + } + + public function display($post) { + $defaults = array( + 'adminlogin' => '', + 'adminpass' => '', + 'dbuser' => '', + 'dbpass' => '', + 'dbname' => '', + 'dbtablespace' => '', + 'dbhost' => '', + ); + $parameters = array_merge($defaults, $post); + + \OC_Util::addScript( '3rdparty', 'strengthify/jquery.strengthify' ); + \OC_Util::addStyle( '3rdparty', 'strengthify/strengthify' ); + \OC_Util::addScript('setup'); + \OC_Template::printGuestPage('', 'installation', $parameters); + } + + public function finishSetup() { + header( 'Location: '.\OC_Helper::linkToRoute( 'post_setup_check' )); + exit(); + } + + public function loadAutoConfig($post) { + $dbIsSet = isset($post['dbtype']); + $directoryIsSet = isset($post['directory']); + $adminAccountIsSet = isset($post['adminlogin']); + + $autosetup_file = \OC::$SERVERROOT.'/config/autoconfig.php'; + if( file_exists( $autosetup_file )) { + \OC_Log::write('core', 'Autoconfig file found, setting up owncloud...', \OC_Log::INFO); + include $autosetup_file; + $post = array_merge ($post, $AUTOCONFIG); + } + + if ($dbIsSet AND $directoryIsSet AND $adminAccountIsSet) { + $post['install'] = 'true'; + if( file_exists( $autosetup_file )) { + unlink($autosetup_file); + } + } + $post['dbIsSet'] = $dbIsSet; + $post['directoryIsSet'] = $directoryIsSet; + + return $post; + } + + public function getSystemInfo() { + $hasSQLite = class_exists('SQLite3'); + $hasMySQL = is_callable('mysql_connect'); + $hasPostgreSQL = is_callable('pg_connect'); + $hasOracle = is_callable('oci_connect'); + $hasMSSQL = is_callable('sqlsrv_connect'); + $databases = array(); + if ($hasSQLite) { + $databases['sqlite'] = 'SQLite'; + } + if ($hasMySQL) { + $databases['mysql'] = 'MySQL'; + } + if ($hasPostgreSQL) { + $databases['pgsql'] = 'PostgreSQL'; + } + if ($hasOracle) { + $databases['oci'] = 'Oracle'; + } + if ($hasMSSQL) { + $databases['mssql'] = 'MS SQL'; + } + $datadir = \OC_Config::getValue('datadirectory', \OC::$SERVERROOT.'/data'); + $vulnerableToNullByte = false; + if(@file_exists(__FILE__."\0Nullbyte")) { // Check if the used PHP version is vulnerable to the NULL Byte attack (CVE-2006-7243) + $vulnerableToNullByte = true; + } + + $errors = array(); + + // Protect data directory here, so we can test if the protection is working + \OC_Setup::protectDataDirectory(); + try { + $htaccessWorking = \OC_Util::isHtAccessWorking(); + } catch (\OC\HintException $e) { + $errors[] = array( + 'error' => $e->getMessage(), + 'hint' => $e->getHint() + ); + $htaccessWorking = false; + } + + return array( + 'hasSQLite' => $hasSQLite, + 'hasMySQL' => $hasMySQL, + 'hasPostgreSQL' => $hasPostgreSQL, + 'hasOracle' => $hasOracle, + 'hasMSSQL' => $hasMSSQL, + 'databases' => $databases, + 'directory' => $datadir, + 'secureRNG' => \OC_Util::secureRNGAvailable(), + 'htaccessWorking' => $htaccessWorking, + 'vulnerableToNullByte' => $vulnerableToNullByte, + 'errors' => $errors, + ); + } +} diff --git a/core/templates/installation.php b/core/templates/installation.php index 182fc83a4d4..9670a5e9ee5 100644 --- a/core/templates/installation.php +++ b/core/templates/installation.php @@ -48,13 +48,13 @@ <legend><?php print_unescaped($l->t( 'Create an <strong>admin account</strong>' )); ?></legend> <p class="infield grouptop"> <input type="text" name="adminlogin" id="adminlogin" placeholder="" - value="<?php p(OC_Helper::init_var('adminlogin')); ?>" autocomplete="off" autofocus required /> + value="<?php p($_['adminlogin']); ?>" autocomplete="off" autofocus required /> <label for="adminlogin" class="infield"><?php p($l->t( 'Username' )); ?></label> <img class="svg" src="<?php p(image_path('', 'actions/user.svg')); ?>" alt="" /> </p> <p class="infield groupbottom"> <input type="password" name="adminpass" data-typetoggle="#show" id="adminpass" placeholder="" - value="<?php p(OC_Helper::init_var('adminpass')); ?>" required /> + value="<?php p($_['adminpass']); ?>" required /> <label for="adminpass" class="infield"><?php p($l->t( 'Password' )); ?></label> <img class="svg" id="adminpass-icon" src="<?php print_unescaped(image_path('', 'actions/password.svg')); ?>" alt="" /> <input type="checkbox" id="show" name="show" /> @@ -75,7 +75,7 @@ <label for="directory"><?php p($l->t( 'Data folder' )); ?></label> <input type="text" name="directory" id="directory" placeholder="<?php p(OC::$SERVERROOT."/data"); ?>" - value="<?php p(OC_Helper::init_var('directory', $_['directory'])); ?>" /> + value="<?php p($_['directory']); ?>" /> </div> </fieldset> <?php endif; ?> @@ -86,62 +86,16 @@ $hasOtherDB = true; else $hasOtherDB =false; //other than SQLite ?> <legend><?php p($l->t( 'Configure the database' )); ?></legend> <div id="selectDbType"> - <?php if($_['hasSQLite']): ?> - <input type='hidden' id='hasSQLite' value="true" /> - <?php if(!$hasOtherDB): ?> - <p>SQLite <?php p($l->t( 'will be used' )); ?>.</p> - <input type="hidden" id="dbtype" name="dbtype" value="sqlite" /> + <?php foreach($_['databases'] as $type => $label): ?> + <?php if(count($_['databases']) === 1): ?> + <p class="info"><?php p($label . ' ' . $l->t( 'will be used' )); ?>.</p> + <input type="hidden" id="dbtype" name="dbtype" value="<?php p($type) ?>" /> <?php else: ?> - <input type="radio" name="dbtype" value="sqlite" id="sqlite" - <?php OC_Helper::init_radio('dbtype', 'sqlite', 'sqlite'); ?>/> - <label class="sqlite" for="sqlite">SQLite</label> - <?php endif; ?> - <?php endif; ?> - - <?php if($_['hasMySQL']): ?> - <input type='hidden' id='hasMySQL' value='true'/> - <?php if(!$_['hasSQLite'] and !$_['hasPostgreSQL'] and !$_['hasOracle'] and !$_['hasMSSQL']): ?> - <p>MySQL <?php p($l->t( 'will be used' )); ?>.</p> - <input type="hidden" id="dbtype" name="dbtype" value="mysql" /> - <?php else: ?> - <input type="radio" name="dbtype" value="mysql" id="mysql" - <?php OC_Helper::init_radio('dbtype', 'mysql', 'sqlite'); ?>/> - <label class="mysql" for="mysql">MySQL</label> - <?php endif; ?> - <?php endif; ?> - - <?php if($_['hasPostgreSQL']): ?> - <?php if(!$_['hasSQLite'] and !$_['hasMySQL'] and !$_['hasOracle'] and !$_['hasMSSQL']): ?> - <p>PostgreSQL <?php p($l->t( 'will be used' )); ?>.</p> - <input type="hidden" id="dbtype" name="dbtype" value="pgsql" /> - <?php else: ?> - <label class="pgsql" for="pgsql">PostgreSQL</label> - <input type="radio" name="dbtype" value='pgsql' id="pgsql" - <?php OC_Helper::init_radio('dbtype', 'pgsql', 'sqlite'); ?>/> - <?php endif; ?> - <?php endif; ?> - - <?php if($_['hasOracle']): ?> - <?php if(!$_['hasSQLite'] and !$_['hasMySQL'] and !$_['hasPostgreSQL'] and !$_['hasMSSQL']): ?> - <p>Oracle <?php p($l->t( 'will be used' )); ?>.</p> - <input type="hidden" id="dbtype" name="dbtype" value="oci" /> - <?php else: ?> - <label class="oci" for="oci">Oracle</label> - <input type="radio" name="dbtype" value='oci' id="oci" - <?php OC_Helper::init_radio('dbtype', 'oci', 'sqlite'); ?>/> - <?php endif; ?> - <?php endif; ?> - - <?php if($_['hasMSSQL']): ?> - <input type='hidden' id='hasMSSQL' value='true'/> - <?php if(!$_['hasSQLite'] and !$_['hasMySQL'] and !$_['hasPostgreSQL'] and !$_['hasOracle']): ?> - <p>MS SQL <?php p($l->t( 'will be used' )); ?>.</p> - <input type="hidden" id="dbtype" name="dbtype" value="mssql" /> - <?php else: ?> - <label class="mssql" for="mssql">MS SQL</label> - <input type="radio" name="dbtype" value='mssql' id="mssql" <?php OC_Helper::init_radio('dbtype', 'mssql', 'sqlite'); ?>/> - <?php endif; ?> + <input type="radio" name="dbtype" value="<?php p($type) ?>" id="<?php p($type) ?>" + <?php p($_['dbtype'] === $type ? 'checked="checked" ' : '') ?>/> + <label class="<?php p($type) ?>" for="<?php p($type) ?>"><?php p($label) ?></label> <?php endif; ?> + <?php endforeach; ?> </div> <?php if($hasOtherDB): ?> @@ -149,11 +103,11 @@ <p class="infield grouptop"> <label for="dbuser" class="infield"><?php p($l->t( 'Database user' )); ?></label> <input type="text" name="dbuser" id="dbuser" placeholder="" - value="<?php p(OC_Helper::init_var('dbuser')); ?>" autocomplete="off" /> + value="<?php p($_['dbuser']); ?>" autocomplete="off" /> </p> <p class="infield groupmiddle"> <input type="password" name="dbpass" id="dbpass" placeholder="" data-typetoggle="#dbpassword" - value="<?php p(OC_Helper::init_var('dbpass')); ?>" /> + value="<?php p($_['dbpass']); ?>" /> <label for="dbpass" class="infield"><?php p($l->t( 'Database password' )); ?></label> <input type="checkbox" id="dbpassword" name="dbpassword" /> <label for="dbpassword"></label> @@ -161,7 +115,7 @@ <p class="infield groupmiddle"> <label for="dbname" class="infield"><?php p($l->t( 'Database name' )); ?></label> <input type="text" name="dbname" id="dbname" placeholder="" - value="<?php p(OC_Helper::init_var('dbname')); ?>" + value="<?php p($_['dbname']); ?>" autocomplete="off" pattern="[0-9a-zA-Z$_-]+" /> </p> <?php if($_['hasOracle']): ?> @@ -169,14 +123,14 @@ <p class="infield groupmiddle"> <label for="dbtablespace" class="infield"><?php p($l->t( 'Database tablespace' )); ?></label> <input type="text" name="dbtablespace" id="dbtablespace" placeholder="" - value="<?php p(OC_Helper::init_var('dbtablespace')); ?>" autocomplete="off" /> + value="<?php p($_['dbtablespace']); ?>" autocomplete="off" /> </p> </div> <?php endif; ?> <p class="infield groupbottom"> <label for="dbhost" class="infield"><?php p($l->t( 'Database host' )); ?></label> <input type="text" name="dbhost" id="dbhost" placeholder="" - value="<?php p(OC_Helper::init_var('dbhost')); ?>" /> + value="<?php p($_['dbhost']); ?>" /> </p> </div> <?php endif; ?> diff --git a/lib/base.php b/lib/base.php index b54b2973551..f2d9251294d 100644 --- a/lib/base.php +++ b/lib/base.php @@ -691,7 +691,8 @@ class OC { // Check if ownCloud is installed or in maintenance (update) mode if (!OC_Config::getValue('installed', false)) { - require_once 'core/setup.php'; + $controller = new OC\Core\Setup\Controller(); + $controller->run($_POST); exit(); } diff --git a/lib/private/helper.php b/lib/private/helper.php index 58bee9c6300..ce5708e2bb9 100644 --- a/lib/private/helper.php +++ b/lib/private/helper.php @@ -448,29 +448,6 @@ class OC_Helper { * */ - //FIXME: should also check for value validation (i.e. the email is an email). - public static function init_var($s, $d = "") { - $r = $d; - if (isset($_REQUEST[$s]) && !empty($_REQUEST[$s])) { - $r = OC_Util::sanitizeHTML($_REQUEST[$s]); - } - - return $r; - } - - /** - * returns "checked"-attribute if request contains selected radio element - * OR if radio element is the default one -- maybe? - * - * @param string $s Name of radio-button element name - * @param string $v Value of current radio-button element - * @param string $d Value of default radio-button element - */ - public static function init_radio($s, $v, $d) { - if ((isset($_REQUEST[$s]) && $_REQUEST[$s] == $v) || (!isset($_REQUEST[$s]) && $v == $d)) - print "checked=\"checked\" "; - } - /** * detect if a given program is found in the search PATH * diff --git a/lib/private/util.php b/lib/private/util.php index 8aa7a074d0d..0585749d615 100755 --- a/lib/private/util.php +++ b/lib/private/util.php @@ -788,8 +788,12 @@ class OC_Util { } $fp = @fopen($testFile, 'w'); - @fwrite($fp, $testContent); - @fclose($fp); + if (!$fp) { + throw new OC\HintException('Can\'t create test file to check for working .htaccess file.', + 'Make sure it is possible for the webserver to write to '.$testFile); + } + fwrite($fp, $testContent); + fclose($fp); // accessing the file via http $url = OC_Helper::makeURLAbsolute(OC::$WEBROOT.'/data'.$fileName); |