Wavyzz/dolibarr-fork
2
0
Fork 0
forked from Wavyzz/dolibarr
Code Pull Requests Activity

Sec: If conf.php file is write protected, then all first install process is locked.

Browse Source
This commit is contained in:
Laurent Destailleur
2010-09-29 08:09:17 +00:00
parent cec9a65b0c
commit a690a6a59c
10 changed files with 340 additions and 298 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
htdocs/core/class/conf.class.php
View File

@@ -207,8 +207,9 @@ class Conf
if (! $this->global->MAIN_MENUFRONT_BARRETOP) $this->global->MAIN_MENUFRONT_BARRETOP="eldy_backoffice.php";
if (! $this->global->MAIN_MENU_BARRELEFT) $this->global->MAIN_MENU_BARRELEFT="eldy_backoffice.php";
if (! $this->global->MAIN_MENUFRONT_BARRELEFT) $this->global->MAIN_MENUFRONT_BARRELEFT="eldy_backoffice.php";
if (! $this->global->MAIN_MENU_SMARTPHONE) $this->global->MAIN_MENU_SMARTPHONE="iphone_backoffice.php";
if (! $this->global->MAIN_MENUFRONT_SMARTPHONE) $this->global->MAIN_MENUFRONT_SMARTPHONE="iphone_backoffice.php";
if (empty($this->global->MAIN_MENU_SMARTPHONE)) $this->global->MAIN_MENU_SMARTPHONE="iphone_backoffice.php";
if (empty($this->global->MAIN_MENUFRONT_SMARTPHONE)) $this->global->MAIN_MENUFRONT_SMARTPHONE="iphone_backoffice.php";
// Variable globales LDAP
if (empty($this->global->LDAP_FIELD_FULLNAME)) $this->global->LDAP_FIELD_FULLNAME='';

2
htdocs/install/check.php
View File

@@ -159,7 +159,7 @@ if (is_readable($conffile) && filesize($conffile) > 8)
$confexists=1;
include_once($conffile);
$databaseok=1; // TODO Check if database is ok
$databaseok=1;
if ($databaseok)
{
// Already installed for all parts (config and database). We can propose upgrade.

10
htdocs/install/etape0.php
View File

@@ -1,6 +1,6 @@
<?php
/* Copyright (C) 2007 Cyrille de Lambert <cyrille.delambert@auguria.net>
* Copyright (C) 2007-2009 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2007-2010 Laurent Destailleur <eldy@users.sourceforge.net>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -59,6 +59,14 @@ dolibarr_install_syslog("etape0: Entering etape0.php page");
pHeader($langs->trans("ConfigurationFile"),"etape1");
// Test if we can run a first install process
if (is_writable($conffile))
{
print $langs->trans("ConfFileIsNotWritable",'htdocs/conf/conf.php');
pFooter(1,$setuplang,'jscheckparam');
exit;
}
// On reporte champ formulaire precedent pour propagation
if ($_POST["action"] == "set")
{

16
htdocs/install/etape1.php
View File

@@ -48,6 +48,14 @@ dolibarr_install_syslog("etape1: Entering etape1.php page");
pHeader($langs->trans("ConfigurationFile"),"etape2");
// Test if we can run a first install process
if (! is_writable($conffile))
{
print $langs->trans("ConfFileIsNotWritable",'htdocs/conf/conf.php');
pFooter(1,$setuplang,'jscheckparam');
exit;
}
$error = 0;
// Repertoire des pages dolibarr
@@ -70,11 +78,6 @@ $main_data_dir=isset($_POST["main_data_dir"])?$_POST["main_data_dir"]:'';
if (! $main_data_dir) { $main_data_dir="$main_dir/documents"; }
/*
* Actions
*/
if ($_POST["action"] == "set")
{
umask(0);
@@ -499,7 +502,8 @@ pFooter($error,$setuplang,'jsinfo');
/**
* Save configuration file
* Save configuration file. No particular permissions are set by installer.
* @param conffile Path to conf file
*/
function write_conf_file($conffile)
{

7
htdocs/install/etape2.php
View File

@@ -64,6 +64,13 @@ dolibarr_install_syslog("etape2: Entering etape2.php page");
pHeader($langs->trans("CreateDatabaseObjects"),"etape4");
// Test if we can run a first install process
if (! is_writable($conffile))
{
print $langs->trans("ConfFileIsNotWritable",'htdocs/conf/conf.php');
pFooter(1,$setuplang,'jscheckparam');
exit;
}
if ($_POST["action"] == "set")
{

8
htdocs/install/etape4.php
View File

@@ -56,6 +56,14 @@ $ok = 0;
pHeader($langs->trans("AdminAccountCreation"),"etape5");
// Test if we can run a first install process
if (! is_writable($conffile))
{
print $langs->trans("ConfFileIsNotWritable",'htdocs/conf/conf.php');
pFooter(1,$setuplang,'jscheckparam');
exit;
}
print '<table cellspacing="0" cellpadding="2" width="100%">';
$db = new DoliDb($conf->db->type,$conf->db->host,$conf->db->user,$conf->db->pass,$conf->db->name,$conf->db->port);

8
htdocs/install/etape5.php
View File

@@ -102,6 +102,14 @@ if ($_POST["action"] == "set")
pHeader($langs->trans("SetupEnd"),"etape5");
// Test if we can run a first install process
if (! is_writable($conffile))
{
print $langs->trans("ConfFileIsNotWritable",'htdocs/conf/conf.php');
pFooter(1,$setuplang,'jscheckparam');
exit;
}
if ($_POST["action"] == "set" || preg_match('/upgrade/i',$_POST["action"]))
{
print '<table cellspacing="0" cellpadding="2" width="100%">';

196
htdocs/install/fileconf.php
View File

@@ -56,12 +56,22 @@ if (file_exists("./install.forced.php")) include_once("./install.forced.php");
dolibarr_install_syslog("Fileconf: Entering fileconf.php page");
/*
* View
*/
pHeader($langs->trans("ConfigurationFile"),"etape0");
// Test if we can run a first install process
if (! is_writable($conffile))
{
print $langs->trans("ConfFileIsNotWritable",'htdocs/conf/conf.php');
pFooter(1,$setuplang,'jscheckparam');
exit;
}
if (! empty($force_install_message))
{
print '<b>'.$langs->trans($force_install_message).'</b><br>';
@@ -71,9 +81,10 @@ if (! empty($force_install_message))
<table border="0" cellpadding="1" cellspacing="0">
<tr>
<td colspan="3" class="label" align="center"><h3>
<?php echo $langs->trans("WebServer"); ?>
</h3></td></tr>
<td colspan="3" class="label" align="center">
<h3><?php echo $langs->trans("WebServer"); ?></h3>
</td>
</tr>
<tr>
<?php
@@ -109,9 +120,10 @@ if(! isset($dolibarr_main_url_root) || dol_strlen($dolibarr_main_url_root) == 0)
}
//echo $PMA_MYSQL_INT_VERSION;
?>
<td class="label" valign="top"><input type="text" size="60" value="<?php print $dolibarr_main_document_root; ?>" name="main_dir">
</td><td class="comment">
<?php
<td class="label" valign="top"><input type="text" size="60"
value="<?php print $dolibarr_main_document_root; ?>" name="main_dir">
</td>
<td class="comment"><?php
print $langs->trans("WithNoSlashAtTheEnd")."<br>";
print $langs->trans("Examples").":<br>";
?>
@@ -123,8 +135,7 @@ print $langs->trans("Examples").":<br>";
</tr>
<tr>
<td valign="top" class="label"><b>
<?php print $langs->trans("DocumentsDirectory"); ?>
<td valign="top" class="label"><b> <?php print $langs->trans("DocumentsDirectory"); ?>
</b></td>
<?php
if (empty($dolibarr_main_data_root))
@@ -141,9 +152,10 @@ if (empty($dolibarr_main_data_root))
}
}
?>
<td class="label" valign="top"><input type="text" size="60" value="<?php print $dolibarr_main_data_root; ?>" name="main_data_dir">
</td><td class="comment">
<?php
<td class="label" valign="top"><input type="text" size="60"
value="<?php print $dolibarr_main_data_root; ?>" name="main_data_dir">
</td>
<td class="comment"><?php
print $langs->trans("WithNoSlashAtTheEnd")."<br>";
print $langs->trans("DirectoryRecommendation")."<br>";
print $langs->trans("Examples").":<br>";
@@ -156,9 +168,11 @@ print $langs->trans("Examples").":<br>";
</tr>
<tr>
<td valign="top" class="label"><b>
<?php echo $langs->trans("URLRoot"); ?>
</b></td><td valign="top" class="label"><input type="text" size="60" name="main_url" value="
<td valign="top" class="label"><b> <?php echo $langs->trans("URLRoot"); ?>
</b></td>
<td valign="top" class="label"><input type="text" size="60"
name="main_url"
value="
<?php
if (! empty($main_url)) $dolibarr_main_url_root=$main_url;
if (empty($dolibarr_main_url_root))
@@ -187,32 +201,33 @@ if (empty($dolibarr_main_url_root))
}
print $dolibarr_main_url_root;
?>">
</td><td class="comment">
<?php
?>"></td>
<td class="comment"><?php
print $langs->trans("Examples").":<br>";
?>
<ul>
<li>http://localhost/</li>
<li>http://www.myserver.com:8180/dolibarr</li>
</ul>
</tr>
<tr>
<td valign="top" class="label">
<?php echo $langs->trans("ForceHttps"); ?>
<td class="label" valign="top"><input type="checkbox" name="main_force_https"<?php if (! empty($force_install_mainforcehttps)) print ' checked="on"'; ?>></td>
<td class="comment">
<?php echo $langs->trans("CheckToForceHttps"); ?>
<td valign="top" class="label"><?php echo $langs->trans("ForceHttps"); ?>
<td class="label" valign="top"><input type="checkbox"
name="main_force_https"
<?php if (! empty($force_install_mainforcehttps)) print ' checked="on"'; ?>></td>
<td class="comment"><?php echo $langs->trans("CheckToForceHttps"); ?>
</td>
</tr>
<!-- Dolibarr database -->
<tr>
<td colspan="3" class="label" align="center"><br><h3>
<?php echo $langs->trans("DolibarrDatabase"); ?>
</h3></td>
<td colspan="3" class="label" align="center"><br>
<h3><?php echo $langs->trans("DolibarrDatabase"); ?></h3>
</td>
</tr>
<?php
if (!isset($dolibarr_main_db_host))
@@ -222,12 +237,10 @@ $dolibarr_main_db_host = "localhost";
?>
<tr>
<!-- moi-->
<td valign="top" class="label"><b>
<?php echo $langs->trans("DriverType"); ?>
<td valign="top" class="label"><b> <?php echo $langs->trans("DriverType"); ?>
</b></td>
<td class="label">
<?php
<td class="label"><?php
$defaultype=! empty($dolibarr_main_db_type)?$dolibarr_main_db_type:($force_install_type?$force_install_type:'mysqli');
@@ -276,95 +289,79 @@ while (($file = readdir($handle))!==false)
}
}
?>
<select name='db_type'>
?> <select name='db_type'>
<?php echo $option ?>
</select>
&nbsp;
</td>
</select> &nbsp;</td>
<td class="comment">
<?php echo $langs->trans("DatabaseType"); ?>
</td>
<td class="comment"><?php echo $langs->trans("DatabaseType"); ?></td>
</tr>
<tr>
<td valign="top" class="label"><b>
<?php echo $langs->trans("Server"); ?>
<td valign="top" class="label"><b> <?php echo $langs->trans("Server"); ?>
</b></td>
<td valign="top" class="label"><input type="text" name="db_host" value="<?php print (! empty($dolibarr_main_db_host))?$dolibarr_main_db_host:'localhost'; ?>">
<input type="hidden" name="base" value="">
</td>
<td class="comment">
<?php echo $langs->trans("ServerAddressDescription"); ?>
<td valign="top" class="label"><input type="text" name="db_host"
value="<?php print (! empty($dolibarr_main_db_host))?$dolibarr_main_db_host:'localhost'; ?>">
<input type="hidden" name="base" value=""></td>
<td class="comment"><?php echo $langs->trans("ServerAddressDescription"); ?>
</td>
</tr>
<tr>
<td valign="top" class="label">
<?php echo $langs->trans("Port"); ?>
</td>
<td valign="top" class="label"><input type="text" name="db_port" value="<?php print (! empty($dolibarr_main_db_port))?$dolibarr_main_db_port:$force_install_port; ?>">
<input type="hidden" name="base" value="">
</td>
<td class="comment">
<?php echo $langs->trans("ServerPortDescription"); ?>
<td valign="top" class="label"><?php echo $langs->trans("Port"); ?></td>
<td valign="top" class="label"><input type="text" name="db_port"
value="<?php print (! empty($dolibarr_main_db_port))?$dolibarr_main_db_port:$force_install_port; ?>">
<input type="hidden" name="base" value=""></td>
<td class="comment"><?php echo $langs->trans("ServerPortDescription"); ?>
</td>
</tr>
<tr>
<td class="label" valign="top"><b>
<?php echo $langs->trans("DatabaseName"); ?>
<td class="label" valign="top"><b> <?php echo $langs->trans("DatabaseName"); ?>
</b></td>
<td class="label" valign="top"><input type="text" name="db_name" value="<?php echo (! empty($dolibarr_main_db_name))?$dolibarr_main_db_name:$force_install_database; ?>"></td>
<td class="comment">
<?php echo $langs->trans("DatabaseName"); ?>
<td class="label" valign="top"><input type="text" name="db_name"
value="<?php echo (! empty($dolibarr_main_db_name))?$dolibarr_main_db_name:$force_install_database; ?>"></td>
<td class="comment"><?php echo $langs->trans("DatabaseName"); ?></td>
</tr>
<tr>
<td class="label" valign="top"><?php echo $langs->trans("CreateDatabase"); ?>
</td>
<td class="label" valign="top"><input type="checkbox"
name="db_create_database"
<?php if ($force_install_createdatabase) print ' checked="on"'; ?>></td>
<td class="comment"><?php echo $langs->trans("CheckToCreateDatabase"); ?>
</td>
</tr>
<tr>
<td class="label" valign="top">
<?php echo $langs->trans("CreateDatabase"); ?>
</td>
<td class="label" valign="top"><input type="checkbox" name="db_create_database"<?php if ($force_install_createdatabase) print ' checked="on"'; ?>></td>
<td class="comment">
<?php echo $langs->trans("CheckToCreateDatabase"); ?>
<td class="label" valign="top"><b><?php echo $langs->trans("Login"); ?></b>
</td>
<td class="label" valign="top"><input type="text" name="db_user"
value="<?php print (! empty($dolibarr_main_db_user))?$dolibarr_main_db_user:$force_install_databaselogin; ?>"></td>
<td class="comment"><?php echo $langs->trans("AdminLogin"); ?></td>
</tr>
<tr>
<td class="label" valign="top">
<b><?php echo $langs->trans("Login"); ?></b>
</td>
<td class="label" valign="top"><input type="text" name="db_user" value="<?php print (! empty($dolibarr_main_db_user))?$dolibarr_main_db_user:$force_install_databaselogin; ?>"></td>
<td class="comment">
<?php echo $langs->trans("AdminLogin"); ?>
<td class="label" valign="top"><b><?php echo $langs->trans("Password"); ?></b>
</td>
<td class="label" valign="top"><input type="password" name="db_pass"
value="<?php print (! empty($dolibarr_main_db_pass))?$dolibarr_main_db_pass:$force_install_databasepass; ?>"></td>
<td class="comment"><?php echo $langs->trans("AdminPassword"); ?></td>
</tr>
<tr>
<td class="label" valign="top">
<b><?php echo $langs->trans("Password"); ?></b>
</td>
<td class="label" valign="top"><input type="password" name="db_pass" value="<?php print (! empty($dolibarr_main_db_pass))?$dolibarr_main_db_pass:$force_install_databasepass; ?>"></td>
<td class="comment">
<?php echo $langs->trans("AdminPassword"); ?>
</td>
</tr>
<tr>
<td class="label" valign="top">
<?php echo $langs->trans("CreateUser"); ?>
<td class="label" valign="top"><?php echo $langs->trans("CreateUser"); ?>
</td>
<td class="label" valign="top"><input type="checkbox" name="db_create_user"<?php if (! empty($force_install_createuser)) print ' checked="on"'; ?>></td>
<td class="comment">
<?php echo $langs->trans("CheckToCreateUser"); ?>
<td class="label" valign="top"><input type="checkbox"
name="db_create_user"
<?php if (! empty($force_install_createuser)) print ' checked="on"'; ?>></td>
<td class="comment"><?php echo $langs->trans("CheckToCreateUser"); ?>
</td>
</tr>
@@ -372,28 +369,29 @@ while (($file = readdir($handle))!==false)
<!-- Super access -->
<tr>
<td colspan="3" class="label" align="center"><br><h3>
<?php echo $langs->trans("DatabaseSuperUserAccess"); ?>
</h3></td></tr>
<td colspan="3" class="label" align="center"><br>
<h3><?php echo $langs->trans("DatabaseSuperUserAccess"); ?></h3>
</td>
</tr>
<tr>
<td class="label" valign="top">
<?php echo $langs->trans("Login"); ?>
</td>
<td class="label" valign="top"><input type="text" name="db_user_root" value="<?php print (! empty($db_user_root))?$db_user_root:$force_install_databaserootlogin; ?>"></td>
<td class="label"><div class="comment">
<?php echo $langs->trans("DatabaseRootLoginDescription"); ?>
<td class="label" valign="top"><?php echo $langs->trans("Login"); ?></td>
<td class="label" valign="top"><input type="text" name="db_user_root"
value="<?php print (! empty($db_user_root))?$db_user_root:$force_install_databaserootlogin; ?>"></td>
<td class="label">
<div class="comment"><?php echo $langs->trans("DatabaseRootLoginDescription"); ?>
</div>
</td>
</tr>
<tr>
<td class="label" valign="top">
<?php echo $langs->trans("Password"); ?>
<td class="label" valign="top"><?php echo $langs->trans("Password"); ?>
</td>
<td class="label" valign="top"><input type="password" name="db_pass_root" value="<?php print (! empty($db_pass_root))?$db_pass_root:$force_install_databaserootpass; ?>"></td>
<td class="label"><div class="comment">
<?php echo $langs->trans("KeepEmptyIfNoPassword"); ?>
<td class="label" valign="top"><input type="password"
name="db_pass_root"
value="<?php print (! empty($db_pass_root))?$db_pass_root:$force_install_databaserootpass; ?>"></td>
<td class="label">
<div class="comment"><?php echo $langs->trans("KeepEmptyIfNoPassword"); ?>
</div>
</td>
</tr>

17
htdocs/install/licence.php
View File

@@ -1,6 +1,6 @@
<?php
/* Copyright (C) 2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2005-2009 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2010 Laurent Destailleur <eldy@users.sourceforge.net>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -18,10 +18,10 @@
*/
/**
\file htdocs/install/licence.php
\ingroup install
\brief Page affichage license
\version $Id$
* \file htdocs/install/licence.php
* \ingroup install
* \brief Page affichage license
* \version $Id$
*/
include_once("./inc.php");
@@ -44,6 +44,13 @@ dolibarr_install_syslog("Licence: Entering licence.php page");
pHeader($langs->trans("License"),"fileconf");
// Test if we can run a first install process
if (! is_writable($conffile))
{
print $langs->trans("ConfFileIsNotWritable",'htdocs/conf/conf.php');
pFooter(1,$setuplang,'jscheckparam');
exit;
}
//print '<pre style="align: center; font-size: 12px">';
$result=dol_print_file($langs,"html/gpl.html",1);

17
htdocs/lib/functions2.lib.php
View File

@@ -27,10 +27,11 @@
/**
* \brief Renvoi le fichier $filename dans la version de la langue courante, sinon alternative
* \param filename nom du fichier a rechercher
* \param searchalt cherche aussi dans langue alternative
* \return boolean
* Output content of a file $filename in version of current language (otherwise may use an alternate language)
* @param langs Object language to use for output
* @param filename Relative filename to output
* @param searchalt 1=Search also in alternative languages
* @return boolean
*/
function dol_print_file($langs,$filename,$searchalt=0)
{
@@ -40,7 +41,7 @@ function dol_print_file($langs,$filename,$searchalt=0)
foreach($langs->dir as $searchdir)
{
$htmlfile=($searchdir."/langs/".$langs->defaultlang."/".$filename);
dol_syslog('Translate::print_file search file '.$htmlfile, LOG_DEBUG);
dol_syslog('functions2::dol_print_file search file '.$htmlfile, LOG_DEBUG);
if (is_readable($htmlfile))
{
$content=file_get_contents($htmlfile);
@@ -50,13 +51,13 @@ function dol_print_file($langs,$filename,$searchalt=0)
else print $content;
return true;
}
else dol_syslog('Translate::print_file not found', LOG_DEBUG);
else dol_syslog('functions2::dol_print_file not found', LOG_DEBUG);
if ($searchalt) {
// Test si fichier dans repertoire de la langue alternative
if ($langs->defaultlang != "en_US") $htmlfilealt = $searchdir."/langs/en_US/".$filename;
else $htmlfilealt = $searchdir."/langs/fr_FR/".$filename;
dol_syslog('Translate::print_file search alt file '.$htmlfilealt, LOG_DEBUG);
dol_syslog('functions2::dol_print_file search alt file '.$htmlfilealt, LOG_DEBUG);
//print 'getcwd='.getcwd().' htmlfilealt='.$htmlfilealt.' X '.file_exists(getcwd().'/'.$htmlfilealt);
if (is_readable($htmlfilealt))
{
@@ -67,7 +68,7 @@ function dol_print_file($langs,$filename,$searchalt=0)
else print $content;
return true;
}
else dol_syslog('Translate::print_file not found', LOG_DEBUG);
else dol_syslog('functions2::dol_print_file not found', LOG_DEBUG);
}
}