79.96.193.101

home *** CD-ROM | disk | FTP | other *** search

/ 79.96.193.101 / 79.96.193.101.tar / 79.96.193.101 / www / setup.php < prev next >

Wrap

PHP Script | 2014-10-20 | 14KB | 447 lines

<?php //============================================ // Easy 2.0 // Copyright : .exe Evolution // Wersja : 2.0 // Uwagi : Brak //============================================ ob_start(); define("SETUP",1); error_reporting(E_ALL ^ E_NOTICE); define("BASEDIR", dirname(__FILE__)); header("Content-type: text/html; charset=UTF-8"); require_once(BASEDIR . '/system/security/security.class.php'); require_once(BASEDIR . "/inc/config.php"); require_once(BASEDIR . "/inc/functions.php"); require_once(BASEDIR . "/inc/functions_post.php"); require_once(BASEDIR . "/inc/functions_shop.php"); require_once(BASEDIR . "/inc/version.ini.php"); require_once(BASEDIR . "/class/tpl/Easy.class.php"); require_once(BASEDIR . "/data/lang/pl_install.php"); $tmpl = new Easy("data/tpl/"); $tmpl->assign("kversion", KVERSION); $tmpl->assign('pref', $pref); $tmpl->assign('la',$lang_i); $required_php = 423; $dbprefix = ($dbprefix!="") ? $dbprefix : $_REQUEST['dbprefix']; $required = array(); $required[] = "data/lang/pl_user.php"; $required[] = "data/lang/pl_admin.php"; $required[] = "data/strukture.sql"; $required[] = "data/data.sql"; $required[] = "data/eula/pl.tpl"; $required[] = "inc/config.php"; $writeable = array(); $writeable[] = "cache/"; $writeable[] = "temp/"; $writeable[] = "temp/1/"; $writeable[] = "temp/2/"; $writeable[] = "temp/3/"; $writeable[] = "temp/4/"; $writeable[] = "temp/5/"; $writeable[] = "system/security"; $writeable[] = "uploads/"; $writeable[] = "uploads/affiliates/"; $writeable[] = "uploads/attachment/"; $writeable[] = "uploads/avatars/"; $writeable[] = "uploads/download_images/"; $writeable[] = "uploads/files/"; $writeable[] = "uploads/products/"; $writeable[] = "uploads/galerie/"; $writeable[] = "uploads/inlineshots/"; $writeable[] = "uploads/mediapool/"; $writeable[] = "uploads/mediapool/user_uploads/"; $writeable[] = "uploads/newsletter_attachments/"; $writeable[] = "uploads/topnews_icons/"; $writeable[] = "uploads/shop/"; $writeable[] = "uploads/shop/icons/"; $writeable[] = "uploads/shop/files/"; $writeable[] = "uploads/cheat_files/"; $writeable[] = "uploads/cheat_images/"; $con = true; if(!@mysql_connect($dbhost, $dbuser, $dbpass)) { $con = false; } if(!@mysql_select_db($dbname)) { $con = false; } if(!$con) { $db_error = 1; $error = 1; } $error_is_required = array(); foreach ($writeable as $must_writeable){ if(!is_writeable($must_writeable)){ array_push($error_is_required, $lang_i['error_is_writeable'] . $must_writeable . $lang_i['error_is_writeable_2'] ); $error = 1; } } foreach ($required as $is_required){ if(@!is_file($is_required)){ array_push($error_is_required, $lang_i['error_is_required'] . $is_required . $lang_i['error_is_required_2'] ); $error = 1; } } $myphp = @PHP_VERSION; if($myphp){ $myphp_v = str_replace('.', '', $myphp); if($myphp_v < $required_php){ array_push($error_is_required, $lang_i['phpversion_toold'] . $required_php); } } if(count($error_is_required)>=1){ $error = 1; $tmpl->assign('error_header', $lang_i['erroro_more']); } else { $tmpl->assign('error_header', $lang_i['erroro']); } if(count($error_is_required)<1){ $error = ""; } if( ($error == 1) && ($_REQUEST['force'] != 1) ){ $tmpl->assign('error_is_required', $error_is_required); $tmpl->display('error.tpl'); exit; } if($_REQUEST['step']!='finish'){ $query = @mysql_query("SELECT uid FROM ".$dbprefix."_user limit 1"); $num = @mysql_num_rows($query); if($num>0){ echo "<pre>".$lang_i['installed']."</pre>"; exit; } } if($con) { $version_with_encoding = false; if(preg_match('/^(\d+\.\d+)/', mysql_get_server_info(), $match)) { $v = (float)$match[1]; if($v>=4.1) { $version_with_encoding = true; $charset = 'utf8'; } } if($version_with_encoding) { $query = 'SET NAMES '.$charset; @mysql_query($query); } } switch($_REQUEST['step']){ case "" : case "check" : switch($_REQUEST['subaction']){ case "newset" : if(@!is_writeable("inc/config.php")){ $tmpl->assign('step', 'no'); $tmpl->display('error.tpl'); exit; } $security =& new Security; $isSerialValid = $security->checkSerialNo($_POST['sn']); if (!$isSerialValid) { $tmpl->assign('warnnodb', $lang_i['serial']); $tmpl->assign('sn' , stripslashes(trim($_POST['sn']))); $tmpl->assign('dbhost' , stripslashes(trim($_POST['dbhost']))); $tmpl->assign('dbuser' , stripslashes(trim($_POST['dbuser']))); $tmpl->assign('dbpass' , stripslashes(trim($_POST['dbpass']))); $tmpl->assign('dbname' , stripslashes(trim($_POST['dbname']))); $tmpl->assign('dbprefix' , stripslashes(trim($_POST['dbprefix']))); $tmpl->display('step0.tpl'); break 2; } else $security->createSecureFile(); $connection = 1; if(!@mysql_connect($_POST['dbhost'], $_POST['dbuser'], $_POST['dbpass'])) $connection = 0; if(!@mysql_select_db($_POST['dbname'])) $connection = 0; @mysql_query('SET NAMES utf8'); if( ($connection == 1) && ($_POST['dbprefix'] != "") ){ $fp=@fopen("inc/config.php","w+"); @fwrite($fp,"<?php \$dbhost = \"".str_replace("\"","\\\\\"",stripslashes(trim($_POST['dbhost'])))."\"; \$dbuser = \"".str_replace("\"","\\\\\"",stripslashes(trim($_POST['dbuser'])))."\"; \$dbpass = \"".str_replace("\"","\\\\\"",stripslashes(trim($_POST['dbpass'])))."\"; \$dbname = \"".str_replace("\"","\\\\\"",stripslashes(trim($_POST['dbname'])))."\"; \$dbprefix = \"".str_replace("\"","\\\\\"",stripslashes(trim($_POST['dbprefix'])))."\"; // Do tej wielkosci (szerokosc) system jest w stanie wstawic znak wodny widoczny na zdjeciu w galerii // Uwaga! po zwiekszeniu tej wielkosci system moze zablokowac dostep do znaku wodnego z powodu np. // zbyt duzego przeciazenia serwera (zalecane max.1024 ) define(\"MAXWATERMARKED\", 1024); // MOD_REWRITE // Zmiana dynamicznych URL na URL \"statyczne\" (przyjazne dla uzytkownika). Uwaga! Nalezy sie upewnic, // ze MOD_REWRITE dziala na serwerze. 1 = wlaczone / 0 = wylaczone define(\"MRWRITE\", 0); // Funkcja SSL Tak / Nie // Polaczenie kodowane = 1. Uwaga! Nalezy sie upewnic czy Wasz certyfikat jest wa─╣┼║ny // gdy─╣┼║ w przeciwnym wypadku wasi klienci moga uznac ze serwis nie jest godny zaufania define(\"SSLMODE\", 0); ?>"); @fclose($fp); $tmpl->display('license.tpl'); $license_displayed = true; } else { $tmpl->assign('warnnodb', $lang_i['enoconn']); $tmpl->assign('sn' , stripslashes(trim($_POST['sn']))); $tmpl->assign('dbhost' , stripslashes(trim($_POST['dbhost']))); $tmpl->assign('dbuser' , stripslashes(trim($_POST['dbuser']))); $tmpl->assign('dbpass' , stripslashes(trim($_POST['dbpass']))); $tmpl->assign('dbname' , stripslashes(trim($_POST['dbname']))); $tmpl->assign('dbprefix' , stripslashes(trim($_POST['dbprefix']))); } break; } if(!isset($license_displayed)) $tmpl->display('start.tpl'); break; case 1 : $first_sql = "data/strukture.sql"; $handle = fopen($first_sql, "r"); $actdb = fread($handle, filesize($first_sql)); fclose($handle); $actdb = str_replace('easy', $dbprefix, $actdb); $m_ok = 0; $m_fail = 0; $message_ok = array(); $message_error = array(); if($version_with_encoding) { $query = 'SELECT DATABASE()'; $result = @mysql_query($query); $row = @mysql_fetch_row($result); $query = 'ALTER DATABASE `'.$row[0].'` DEFAULT CHARACTER SET '.$charset.' COLLATE '.$charset.'_general_ci'; @mysql_query($query); } $file = explode("\n", $actdb); $query = ''; foreach($file as $line) { $tmp = trim($line); if($tmp!='' && substr($tmp, 0, 2)!='--' && substr($tmp, 0, 1)!='#') { if(preg_match('/CREATE\s+TABLE\s+(IF\s+NOT\s+EXISTS\s+)?(`)?([\w\d\_]+)(\\2)?/i', $line, $matched)) { $is_create = $matched[3]; } if(preg_match('/;\s*([\#|\-\-].*?)?$/', $line)) { $line = preg_replace('/;\s*([\#|\-\-].*?)?$/', '', $line); $query.= $line; $result = mysql_query($query); if($is_create) { if($result) { if($version_with_encoding) { $query = 'ALTER TABLE `'.$is_create.'` DEFAULT CHARACTER SET '.$charset.' COLLATE '.$charset.'_general_ci'; @mysql_query($query); } $m_ok++; array_push($message_ok, $lang_i['c_table_1'] . " ' $is_create '" . $lang_i['c_table_2'] ); } else { switch(mysql_errno()){ case 1050 : $mysql_e = $lang_i['table_error_exists_2']; break; default: $mysql_e = mysql_error(); break; } array_push($message_error, $lang_i['table_error_exists'] . " ' $is_create ' $mysql_e"); $m_fail++; } $is_create = false; } $query = ''; } else $query.= $line; } } $tmpl->assign('header_title', $lang_i['step1_table_status']); $tmpl->assign('message_ok', $message_ok); $tmpl->assign('message_error', $message_error); $tmpl->display('step1.tpl'); break; case 2 : $message_error = array(); $message_ok = array(); $klang = array(); include("data/lang/pl_user.php"); $code = array_keys($klang); $lang = $klang[$code[0]]; foreach($lang as $key => $value){ $sql = "INSERT INTO " . $dbprefix . "_languages ( code, name, value, value_original ) VALUES ( '".$code[0]."', '$key', '$value', '$value' ) "; @mysql_query($sql); if(mysql_errno() == 1062){ array_push($message_error, $lang_i['eimport'] . ' "'.$key.'" ' . $lang_i['eimport_2']); } else { array_push($message_ok, $lang_i['oimport'] . ' "'.$key.'" ' . $lang_i['oimport_2']); } } $klang_admin = array(); include("data/lang/pl_admin.php"); $code = array_keys($klang_admin); $lang = $klang_admin[$code[0]]; foreach($lang as $key => $value){ $sql = "INSERT INTO " . $dbprefix . "_languages_admin ( code, name, value, value_original ) VALUES ( '".$code[0]."', '$key', '$value', '$value' ) "; @mysql_query($sql); if(mysql_errno() == 1062){ array_push($message_error, $lang_i['eimport'] . ' "'.$key.'" ' . $lang_i['eimport_2']); } else { array_push($message_ok, $lang_i['oimport'] . ' "'.$key.'" ' . $lang_i['oimport_2']); } } $tmpl->assign('message_ok', $message_ok); $tmpl->assign('message_error', $message_error); $tmpl->assign('header_title', $lang_i['step1_table_status']); $tmpl->display('step2.tpl'); break; case 3 : if($_REQUEST['substep'] == "final"){ $errors = array(); if($_POST['email'] == "") array_push($errors, $lang_i['noemail']); if($_POST['email_confirm'] == "") array_push($errors, $lang_i['noemail_confirm']); if($_POST['email'] != $_POST['email_confirm']) array_push($errors, $lang_i['email_notsame']); if( (!ereg("^[_A-Za-z─╣┼║-─é┬û─╣┬ÿ-─é┼¢─╣┬Ö-├ï┬Ö0-9-]+(\.[_A-Za-z─╣┼║-─é┬û─╣┬ÿ-─é┼¢─╣┬Ö-├ï┬Ö0-9-]+)*@([a-zA-Z0-9-]+\.)+([a-zA-Z]{2,4})$", $_REQUEST['email'])) || (!ereg("^[_A-Za-z─╣┼║-─é┬û─╣┬ÿ-─é┼¢─╣┬Ö-├ï┬Ö0-9-]+(\.[_A-Za-z─╣┼║-─é┬û─╣┬ÿ-─é┼¢─╣┬Ö-├ï┬Ö0-9-]+)*@([a-zA-Z0-9-]+\.)+([a-zA-Z]{2,4})$", $_REQUEST['email_confirm'])) ) array_push($errors, $lang_i['email_no_specialchars']); if($_POST['pass'] == "") array_push($errors, $lang_i['nopass']); if($_POST['pass_confirm'] == "") array_push($errors, $lang_i['nopass_confirm']); if( $_POST['pass'] != $_POST['pass_confirm']) array_push($errors, $lang_i['pass_notsame']); if( (ereg("[^ _A-Za-z─╣┼║-─é┬û─╣┬ÿ-─é┼¢─╣┬Ö-├ï┬Ö0-9-]", $_POST['pass'])) || (ereg("[^ _A-Za-z─╣┼║-─é┬û─╣┬ÿ-─é┼¢─╣┬Ö-├ï┬Ö0-9-]", $_POST['pass_confirm'])) ) array_push($errors, $lang_i['pass_no_specialchars']); if($_POST['uname'] == "") array_push($errors, $lang_i['nousername']); if(ereg("[^ ._A-Za-z─╣┼║-─é┬û─╣┬ÿ-─é┼¢─╣┬Ö-├ï┬Ö0-9-]", $_POST['uname'])) array_push($errors, $lang_i['username_no_specialchars']); if($_POST['firstname'] == "" || strlen($_POST['firstname'])<2) array_push($errors, $lang_i['nofirstname']); if($_POST['lastname'] == "" || strlen($_POST['lastname'])<2) array_push($errors, $lang_i['nolastname']); if($_POST['street'] == "" || strlen($_POST['street'])<4) array_push($errors, $lang_i['nostreet']); if($_POST['zip'] == "" || strlen($_POST['zip'])<4) array_push($errors, $lang_i['nozip']); if($_POST['town'] == "" || strlen($_POST['town'])<3) array_push($errors, $lang_i['notown']); if($_POST['phone'] == "" || strlen($_POST['phone'])<8) array_push($errors, $lang_i['nophone']); if(count($errors)<1){ $first_sql = "data/data.sql"; $handle = fopen($first_sql, "r"); $dbin = fread($handle, filesize($first_sql)); fclose($handle); $dbin = str_replace('easy', $dbprefix, $dbin); $dbin = str_replace('%%USER%%', $_POST['uname'], $dbin); $dbin = str_replace('%%EMAIL%%', $_POST['email'], $dbin); $dbin = str_replace('%%PASS%%', md5($_POST['pass']), $dbin); $dbin = str_replace('%%TIME%%', time(), $dbin); $dbin = str_replace('%%FIRSTNAME%%', $_POST['firstname'], $dbin); $dbin = str_replace('%%LASTNAME%%', $_POST['lastname'], $dbin); $dbin = str_replace('%%PHONE%%', $_POST['phone'], $dbin); $dbin = str_replace('%%ZIP%%', $_POST['zip'], $dbin); $dbin = str_replace('%%TOWN%%', $_POST['town'], $dbin); $dbin = str_replace('%%STREET%%', $_POST['street'], $dbin); $dbin = str_replace('%%TITLE%%', $_POST['title'], $dbin); $m_ok = 0; $m_fail = 0; $message_ok = array(); $message_error = array(); $ar = explode(";#inst#", $dbin); while (list($key,$val) = each($ar)) { if (rtrim(ltrim($val)) != "") { $q = str_replace("\n","",$val); $q = $q . ";"; if (mysql_query($q)) { $m_ok++; } else { } } } header("Location:setup.php?step=finish"); } } if(count($errors)>0){ $tmpl->assign('errors', $errors); $tmpl->assign('uname', stripslashes(trim($_POST['uname']))); $tmpl->assign('pass', stripslashes(trim($_POST['pass']))); $tmpl->assign('pass_confirm', stripslashes(trim($_POST['pass_confirm']))); $tmpl->assign('email', stripslashes(trim($_POST['email']))); $tmpl->assign('email_confirm', stripslashes(trim($_POST['email_confirm']))); } $tmpl->display('step3.tpl'); break; case "finish" : i_tagreplace($m_ok); $tmpl->display('finish.tpl'); } ?>