Commit a2090ecc authored by Brion Vibber's avatar Brion Vibber

Merge branch '2828' into 0.9.x

parents fc671132 56403c4b
......@@ -45,13 +45,61 @@ require INSTALLDIR . '/lib/installer.php';
* Helper class for building form
*/
class Posted {
/**
* HTML-friendly escaped string for the POST param of given name, or empty.
* @param string $name
* @return string
*/
function value($name)
{
return htmlspecialchars($this->string($name));
}
/**
* The given POST parameter value, forced to a string.
* Missing value will give ''.
*
* @param string $name
* @return string
*/
function string($name)
{
return strval($this->raw($name));
}
/**
* The given POST parameter value, in its original form.
* Magic quotes are stripped, if provided.
* Missing value will give null.
*
* @param string $name
* @return mixed
*/
function raw($name)
{
if (isset($_POST[$name])) {
return htmlspecialchars(strval($_POST[$name]));
return $this->dequote($_POST[$name]);
} else {
return '';
return null;
}
}
/**
* If necessary, strip magic quotes from the given value.
*
* @param mixed $val
* @return mixed
*/
function dequote($val)
{
if (get_magic_quotes_gpc()) {
if (is_string($val)) {
return stripslashes($val);
} else if (is_array($val)) {
return array_map(array($this, 'dequote'), $val);
}
}
return $val;
}
}
......@@ -107,11 +155,7 @@ class WebInstaller extends Installer
global $dbModules;
$post = new Posted();
$dbRadios = '';
if (isset($_POST['dbtype'])) {
$dbtype = $_POST['dbtype'];
} else {
$dbtype = null;
}
$dbtype = $post->raw('dbtype');
foreach (self::$dbModules as $type => $info) {
if ($this->checkExtension($info['check_module'])) {
if ($dbtype == null || $dbtype == $type) {
......@@ -245,19 +289,20 @@ STR;
*/
function prepare()
{
$this->host = $_POST['host'];
$this->dbtype = $_POST['dbtype'];
$this->database = $_POST['database'];
$this->username = $_POST['dbusername'];
$this->password = $_POST['dbpassword'];
$this->sitename = $_POST['sitename'];
$this->fancy = !empty($_POST['fancy']);
$post = new Posted();
$this->host = $post->string('host');
$this->dbtype = $post->string('dbtype');
$this->database = $post->string('database');
$this->username = $post->string('dbusername');
$this->password = $post->string('dbpassword');
$this->sitename = $post->string('sitename');
$this->fancy = (bool)$post->string('fancy');
$this->adminNick = strtolower($_POST['admin_nickname']);
$this->adminPass = $_POST['admin_password'];
$adminPass2 = $_POST['admin_password2'];
$this->adminEmail = $_POST['admin_email'];
$this->adminUpdates = $_POST['admin_updates'];
$this->adminNick = strtolower($post->string('admin_nickname'));
$this->adminPass = $post->string('admin_password');
$adminPass2 = $post->string('admin_password2');
$this->adminEmail = $post->string('admin_email');
$this->adminUpdates = $post->string('admin_updates');
$this->server = $_SERVER['HTTP_HOST'];
$this->path = substr(dirname($_SERVER['PHP_SELF']), 1);
......
......@@ -391,6 +391,30 @@ abstract class Installer
return $db;
}
/**
* Return a parseable PHP literal for the given value.
* This will include quotes for strings, etc.
*
* @param mixed $val
* @return string
*/
function phpVal($val)
{
return var_export($val, true);
}
/**
* Return an array of parseable PHP literal for the given values.
* These will include quotes for strings, etc.
*
* @param mixed $val
* @return array
*/
function phpVals($map)
{
return array_map(array($this, 'phpVal'), $map);
}
/**
* Write a stock configuration file.
*
......@@ -400,24 +424,32 @@ abstract class Installer
*/
function writeConf()
{
$vals = $this->phpVals(array(
'sitename' => $this->sitename,
'server' => $this->server,
'path' => $this->path,
'db_database' => $this->db['database'],
'db_type' => $this->db['type'],
));
// assemble configuration file in a string
$cfg = "<?php\n".
"if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); }\n\n".
// site name
"\$config['site']['name'] = '{$this->sitename}';\n\n".
"\$config['site']['name'] = {$vals['sitename']};\n\n".
// site location
"\$config['site']['server'] = '{$this->server}';\n".
"\$config['site']['path'] = '{$this->path}'; \n\n".
"\$config['site']['server'] = {$vals['server']};\n".
"\$config['site']['path'] = {$vals['path']}; \n\n".
// checks if fancy URLs are enabled
($this->fancy ? "\$config['site']['fancy'] = true;\n\n":'').
// database
"\$config['db']['database'] = '{$this->db['database']}';\n\n".
"\$config['db']['database'] = {$vals['db_database']};\n\n".
($this->db['type'] == 'pgsql' ? "\$config['db']['quote_identifiers'] = true;\n\n":'').
"\$config['db']['type'] = '{$this->db['type']}';\n\n";
"\$config['db']['type'] = {$vals['db_type']};\n\n";
// Normalize line endings for Windows servers
$cfg = str_replace("\n", PHP_EOL, $cfg);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment