aboutsummaryrefslogtreecommitdiff
path: root/install
diff options
context:
space:
mode:
Diffstat (limited to 'install')
-rw-r--r--install/ElggInstaller.php124
-rw-r--r--install/ElggRewriteTester.php10
-rw-r--r--install/css/install.css67
-rw-r--r--install/js/install.js21
-rw-r--r--install/languages/en.php4
5 files changed, 154 insertions, 72 deletions
diff --git a/install/ElggInstaller.php b/install/ElggInstaller.php
index 62d3f6567..c07839065 100644
--- a/install/ElggInstaller.php
+++ b/install/ElggInstaller.php
@@ -2,7 +2,27 @@
/**
* Elgg Installer.
- * Controller for installing Elgg.
+ * Controller for installing Elgg. Supports both web-based on CLI installation.
+ *
+ * This controller steps the user through the install process. The method for
+ * each step handles both the GET and POST requests. There is no XSS/CSRF protection
+ * on the POST processing since the installer is only run once by the administrator.
+ *
+ * The installation process can be resumed by hitting the first page. The installer
+ * will try to figure out where to pick up again.
+ *
+ * All the logic for the installation process is in this class, but it depends on
+ * the core libraries. To do this, we selectively load a subset of the core libraries
+ * for the first few steps and then load the entire engine once the database and
+ * site settings are configured. In addition, this controller does its own session
+ * handling until the database is setup.
+ *
+ * There is an aborted attempt in the code at creating the data directory for
+ * users as a subdirectory of Elgg's root. The idea was to protect this directory
+ * through a .htaccess file. The problem is that a malicious user can upload a
+ * .htaccess of his own that overrides the protection for his user directory. The
+ * best solution is server level configuration that turns off AllowOverride for the
+ * data directory. See ticket #3453 for discussion on this.
*
* @package Elgg.Core
* @subpackage Installer
@@ -32,6 +52,9 @@ class ElggInstaller {
* Constructor bootstraps the Elgg engine
*/
public function __construct() {
+ // load ElggRewriteTester as we depend on it
+ require_once(dirname(__FILE__) . "/ElggRewriteTester.php");
+
$this->isAction = $_SERVER['REQUEST_METHOD'] === 'POST';
$this->bootstrapConfig();
@@ -140,7 +163,6 @@ class ElggInstaller {
$params['password1'] = $params['password2'] = $params['password'];
if ($createHtaccess) {
- require_once(dirname(__FILE__) . "/ElggRewriteTester.php");
$rewriteTester = new ElggRewriteTester();
if (!$rewriteTester->createHtaccess($CONFIG->path)) {
throw new InstallationException(elgg_echo('install:error:htaccess'));
@@ -278,7 +300,7 @@ class ElggInstaller {
'dbpassword' => array(
'type' => 'password',
'value' => '',
- 'required' => TRUE,
+ 'required' => FALSE,
),
'dbname' => array(
'type' => 'text',
@@ -355,7 +377,6 @@ class ElggInstaller {
protected function settings($submissionVars) {
global $CONFIG;
- $languages = get_installed_translations();
$formVars = array(
'sitename' => array(
'type' => 'text',
@@ -389,8 +410,19 @@ class ElggInstaller {
),
);
+ // if Apache, we give user option of having Elgg create data directory
+ //if (ElggRewriteTester::guessWebServer() == 'apache') {
+ // $formVars['dataroot']['type'] = 'combo';
+ // $CONFIG->translations['en']['install:settings:help:dataroot'] =
+ // $CONFIG->translations['en']['install:settings:help:dataroot:apache'];
+ //}
+
if ($this->isAction) {
do {
+ //if (!$this->createDataDirectory($submissionVars, $formVars)) {
+ // break;
+ //}
+
if (!$this->validateSettingsVars($submissionVars, $formVars)) {
break;
}
@@ -448,7 +480,7 @@ class ElggInstaller {
'required' => TRUE,
),
);
-
+
if ($this->isAction) {
do {
if (!$this->validateAdminVars($submissionVars, $formVars)) {
@@ -492,6 +524,8 @@ class ElggInstaller {
$params['destination'] = 'index.php';
}
+ elgg_invalidate_simplecache();
+
$this->render('complete', $params);
}
@@ -709,6 +743,12 @@ class ElggInstaller {
session_name('Elgg');
session_start();
elgg_unregister_event_handler('boot', 'system', 'session_init');
+ } else if (!$this->isAction && $stepIndex == ($settingsIndex + 1)) {
+ // now using Elgg session handling so need to pass forward the system messages
+ // this is called on the GET of the next step
+ session_name('Elgg');
+ session_start();
+ $messages = $_SESSION['msg'];
}
if ($stepIndex > $dbIndex) {
@@ -745,12 +785,15 @@ class ElggInstaller {
}
}
- $this->initGlobals();
-
set_default_config();
elgg_trigger_event('boot', 'system');
elgg_trigger_event('init', 'system');
+
+ // @hack finish the process of pushing system messages into new session
+ if (!$this->isAction && $stepIndex == ($settingsIndex + 1)) {
+ $_SESSION['msg'] = $messages;
+ }
}
}
@@ -1025,8 +1068,6 @@ class ElggInstaller {
protected function checkRewriteRules(&$report) {
global $CONFIG;
- require_once(dirname(__FILE__) . "/ElggRewriteTester.php");
-
$tester = new ElggRewriteTester();
$url = elgg_get_site_url() . "rewrite.php";
$report['rewrite'] = array($tester->run($url, $CONFIG->path));
@@ -1221,6 +1262,39 @@ class ElggInstaller {
*/
/**
+ * Create the data directory if requested
+ *
+ * @param array $submissionVars Submitted vars
+ * @param array $formVars Variables in the form
+ * @return bool
+ */
+ protected function createDataDirectory(&$submissionVars, $formVars) {
+ // did the user have option of Elgg creating the data directory
+ if ($formVars['dataroot']['type'] != 'combo') {
+ return TRUE;
+ }
+
+ // did the user select the option
+ if ($submissionVars['dataroot'] != 'dataroot-checkbox') {
+ return TRUE;
+ }
+
+ $dir = sanitise_filepath($submissionVars['path']) . 'data';
+ if (file_exists($dir) || mkdir($dir, 0700)) {
+ $submissionVars['dataroot'] = $dir;
+ if (!file_exists("$dir/.htaccess")) {
+ $htaccess = "Order Deny,Allow\nDeny from All\n";
+ if (!file_put_contents("$dir/.htaccess", $htaccess)) {
+ return FALSE;
+ }
+ }
+ return TRUE;
+ }
+
+ return FALSE;
+ }
+
+ /**
* Validate the site settings form variables
*
* @param array $submissionVars Submitted vars
@@ -1229,6 +1303,7 @@ class ElggInstaller {
* @return bool
*/
protected function validateSettingsVars($submissionVars, $formVars) {
+ global $CONFIG;
foreach ($formVars as $field => $info) {
$submissionVars[$field] = trim($submissionVars[$field]);
@@ -1239,7 +1314,7 @@ class ElggInstaller {
}
}
- // check that data root is writable
+ // check that data root exists
if (!file_exists($submissionVars['dataroot'])) {
$msg = elgg_echo('install:error:datadirectoryexists', array($submissionVars['dataroot']));
register_error($msg);
@@ -1253,11 +1328,13 @@ class ElggInstaller {
return FALSE;
}
- // check that data root is not subdirectory of Elgg root
- if (stripos($submissionVars['dataroot'], $submissionVars['path']) !== FALSE) {
- $msg = elgg_echo('install:error:locationdatadirectory', array($submissionVars['dataroot']));
- register_error($msg);
- return FALSE;
+ if (!isset($CONFIG->data_dir_override) || !$CONFIG->data_dir_override) {
+ // check that data root is not subdirectory of Elgg root
+ if (stripos($submissionVars['dataroot'], $submissionVars['path']) === 0) {
+ $msg = elgg_echo('install:error:locationdatadirectory', array($submissionVars['dataroot']));
+ register_error($msg);
+ return FALSE;
+ }
}
// check that email address is email address
@@ -1329,8 +1406,6 @@ class ElggInstaller {
$CONFIG->dataroot = $dataroot;
$cache = new ElggFileCache($dataroot);
$cache->delete('view_paths');
- elgg_invalidate_simplecache();
- elgg_regenerate_simplecache();
return TRUE;
}
@@ -1449,19 +1524,4 @@ class ElggInstaller {
return TRUE;
}
-
- /**
- * Init globals because engine loaded within a function
- *
- * @return void
- */
- protected function initGlobals() {
- global $DB_QUERY_CACHE, $DB_DELAYED_QUERIES;
- $DB_QUERY_CACHE = array();
- $DB_DELAYED_QUERIES = array();
-
- global $METASTRINGS_CACHE, $METASTRINGS_DEADNAME_CACHE;
- $METASTRINGS_CACHE = array();
- $METASTRINGS_DEADNAME_CACHE = array();
- }
}
diff --git a/install/ElggRewriteTester.php b/install/ElggRewriteTester.php
index c8a503cb8..c01510f60 100644
--- a/install/ElggRewriteTester.php
+++ b/install/ElggRewriteTester.php
@@ -30,7 +30,7 @@ class ElggRewriteTester {
*/
public function run($url, $path) {
- $this->guessWebServer();
+ $this->webserver = ElggRewriteTester::guessWebServer();
$this->rewriteTestPassed = $this->runRewriteTest($url);
@@ -48,17 +48,17 @@ class ElggRewriteTester {
/**
* Guess the web server from $_SERVER['SERVER_SOFTWARE']
*
- * @return void
+ * @return string
*/
- protected function guessWebServer() {
+ public static function guessWebServer() {
$serverString = strtolower($_SERVER['SERVER_SOFTWARE']);
$possibleServers = array('apache', 'nginx', 'lighttpd', 'iis');
foreach ($possibleServers as $server) {
if (strpos($serverString, $server) !== FALSE) {
- $this->webserver = $server;
- return;
+ return $server;
}
}
+ return 'unknown';
}
/**
diff --git a/install/css/install.css b/install/css/install.css
index 8dba57949..e7290c130 100644
--- a/install/css/install.css
+++ b/install/css/install.css
@@ -62,13 +62,6 @@ ul {
list-style: none;
}
-.clearfloat {
- clear:both;
- height:0;
- font-size: 1px;
- line-height: 0px;
-}
-
.elgg-page {
width: 880px;
margin: auto;
@@ -88,12 +81,12 @@ ul {
.elgg-page-body:after,
.elgg-page-header:after {
- display:block;
- content:'.';
- line-height:0;
- height:0;
+ display: block;
+ content: '.';
+ line-height: 0;
+ height: 0;
visibility: hidden;
- clear:both;
+ clear: both;
}
.elgg-sidebar {
@@ -101,9 +94,9 @@ ul {
width: 250px;
}
.elgg-body {
- overflow:hidden;
+ overflow: hidden;
min-height: 320px;
- padding-bottom: 60px;
+ padding-bottom: 10px;
position: relative;
}
.elgg-page-footer {
@@ -115,7 +108,7 @@ ul {
margin-bottom: 40px;
}
-.install-nav {
+.elgg-install-nav {
width: 100%;
text-align: right;
position: absolute;
@@ -156,35 +149,33 @@ h3 {
margin: 15px 0 5px;
}
+form > div {
+ margin-bottom: 15px;
+}
label {
font-weight: bold;
- color:#333333;
+ color: #333333;
font-size: 140%;
}
+.elgg-combo-label {
+ font-size: 120%;
+}
input[type="text"],
input[type="password"] {
font: 120% Arial, Helvetica, sans-serif;
padding: 5px;
border: 1px solid #cccccc;
- color:#666666;
- width:566px;
+ color: #666666;
+ width: 96%;
}
.database-settings input[type="text"],
.database-settings input[type="password"] {
- width:220px;
-}
-textarea {
- width: 100%;
- height: 100%;
- font: 120% Arial, Helvetica, sans-serif;
- border: solid 1px #cccccc;
- padding: 5px;
- color:#666666;
+ width: 220px;
}
-textarea:focus, input[type="password"]:focus, input[type="text"]:focus {
+input[type="password"]:focus, input[type="text"]:focus {
border: solid 1px #4690d6;
background: #e4ecf5;
- color:#333333;
+ color: #333333;
}
input[type="submit"] {
font-family: Arial, Helvetica, sans-serif;
@@ -205,12 +196,10 @@ input[type="submit"] {
cursor: pointer;
float: right;
}
-
input[type="submit"]:hover {
background: #0054a7;
border: 4px solid #0054a7;
}
-
select {
display: block;
padding: 5px;
@@ -220,7 +209,11 @@ select {
font-size: 90%;
}
-.install-nav a {
+.elgg-require-database {
+ padding-bottom: 50px;
+}
+
+.elgg-install-nav a {
font-family: Arial, Helvetica, sans-serif;
font-size: 16px;
font-weight: bold;
@@ -238,12 +231,13 @@ select {
float: right;
}
-.install-nav a:hover {
+.elgg-install-nav a:hover {
text-decoration: none;
background: #0054a7;
border: 4px solid #0054a7;
}
-.install-nav .disabled, .install-nav .disabled:hover {
+.elgg-install-nav .elgg-state-disabled,
+.elgg-install-nav .elgg-state-disabled:hover {
background: #555555;
border-color: #555555;
cursor: default;
@@ -264,6 +258,11 @@ select {
background: #F7DAD8;
}
+.elgg-state-warning {
+ border: 1px solid #ded0a9;
+ background: #FEF5AA;
+}
+
.elgg-body li {
margin-top: 5px;
padding: 5px;
diff --git a/install/js/install.js b/install/js/install.js
new file mode 100644
index 000000000..49b2be10c
--- /dev/null
+++ b/install/js/install.js
@@ -0,0 +1,21 @@
+
+$(function() {
+ // prevent double-submission of forms
+ $('form').submit(function() {
+ if ($(this).data('submitted')) {
+ return false;
+ }
+ $(this).data('submitted', true);
+ return true;
+ });
+
+ // toggle the disable attribute of text box based on checkbox
+ $('.elgg-combo-checkbox').click(function() {
+ if ($(this).is(':checked')) {
+ $(this).prev().attr('disabled', true);
+ $(this).prev().val('');
+ } else {
+ $(this).prev().attr('disabled', false);
+ }
+ });
+});
diff --git a/install/languages/en.php b/install/languages/en.php
index 80716069d..3e2569669 100644
--- a/install/languages/en.php
+++ b/install/languages/en.php
@@ -70,7 +70,7 @@ If you are ready to proceed, click the Next button.",
'install:database:help:dbhost' => 'Hostname of the MySQL server (usually localhost)',
'install:database:help:dbprefix' => "The prefix given to all of Elgg's tables (usually elgg_)",
- 'install:settings:instructions' => "We need some information about the site as we configure Elgg. If you haven't created a data directory for Elgg, please do so before completing this step.",
+ 'install:settings:instructions' => 'We need some information about the site as we configure Elgg. If you haven\'t <a href="http://docs.elgg.org/wiki/Data_directory" target="_blank">created a data directory</a> for Elgg, you need to do so now.',
'install:settings:label:sitename' => 'Site Name',
'install:settings:label:siteemail' => 'Site Email Address',
@@ -79,12 +79,14 @@ If you are ready to proceed, click the Next button.",
'install:settings:label:dataroot' => 'Data Directory',
'install:settings:label:language' => 'Site Language',
'install:settings:label:siteaccess' => 'Default Site Access',
+ 'install:label:combo:dataroot' => 'Elgg creates data directory',
'install:settings:help:sitename' => 'The name of your new Elgg site',
'install:settings:help:siteemail' => 'Email address used by Elgg for communication with users',
'install:settings:help:wwwroot' => 'The address of the site (Elgg usually guesses this correctly)',
'install:settings:help:path' => 'The directory where you put the Elgg code (Elgg usually guesses this correctly)',
'install:settings:help:dataroot' => 'The directory that you created for Elgg to save files (the permissions on this directory are checked when you click Next)',
+ 'install:settings:help:dataroot:apache' => 'You have the option of Elgg creating the data directory or entering the directory that you already created for storing user files (the permissions on this directory are checked when you click Next)',
'install:settings:help:language' => 'The default language for the site',
'install:settings:help:siteaccess' => 'The default access level for new user created content',