index.php 15 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510
  1. <?php
  2. function stylesheet_tag($filename, $id = false) {
  3. $timestamp = filemtime($filename);
  4. $id_part = $id ? "id=\"$id\"" : "";
  5. return "<link rel=\"stylesheet\" $id_part type=\"text/css\" href=\"$filename?$timestamp\"/>\n";
  6. }
  7. function javascript_tag($filename) {
  8. $query = "";
  9. if (!(strpos($filename, "?") === FALSE)) {
  10. $query = substr($filename, strpos($filename, "?")+1);
  11. $filename = substr($filename, 0, strpos($filename, "?"));
  12. }
  13. $timestamp = filemtime($filename);
  14. if ($query) $timestamp .= "&$query";
  15. return "<script type=\"text/javascript\" charset=\"utf-8\" src=\"$filename?$timestamp\"></script>\n";
  16. }
  17. ?>
  18. <!DOCTYPE html>
  19. <html>
  20. <head>
  21. <title>Tiny Tiny RSS - Installer</title>
  22. <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
  23. <style type="text/css">
  24. textarea { font-size : 12px; }
  25. </style>
  26. <?php
  27. echo stylesheet_tag("../css/default.css");
  28. echo javascript_tag("../lib/prototype.js");
  29. echo javascript_tag("../lib/dojo/dojo.js");
  30. echo javascript_tag("../lib/dojo/tt-rss-layer.js");
  31. ?>
  32. </head>
  33. <body class="flat ttrss_utility installer">
  34. <script type="text/javascript">
  35. require(['dojo/parser', "dojo/ready", 'dijit/form/Button','dijit/form/CheckBox', 'dijit/form/Form',
  36. 'dijit/form/Select','dijit/form/TextBox','dijit/form/ValidationTextBox'],function(parser, ready){
  37. ready(function() {
  38. parser.parse();
  39. });
  40. });
  41. </script>
  42. <?php
  43. // could be needed because of existing config.php
  44. function define_default($param, $value) {
  45. //
  46. }
  47. function make_password($length = 8) {
  48. $password = "";
  49. $possible = "0123456789abcdfghjkmnpqrstvwxyzABCDFGHJKMNPQRSTVWXYZ*%+^";
  50. $i = 0;
  51. while ($i < $length) {
  52. $char = substr($possible, mt_rand(0, strlen($possible)-1), 1);
  53. if (!strstr($password, $char)) {
  54. $password .= $char;
  55. $i++;
  56. }
  57. }
  58. return $password;
  59. }
  60. function sanity_check($db_type) {
  61. $errors = array();
  62. if (version_compare(PHP_VERSION, '5.6.0', '<')) {
  63. array_push($errors, "PHP version 5.6.0 or newer required. You're using " . PHP_VERSION . ".");
  64. }
  65. if (!function_exists("curl_init") && !ini_get("allow_url_fopen")) {
  66. array_push($errors, "PHP configuration option allow_url_fopen is disabled, and CURL functions are not present. Either enable allow_url_fopen or install PHP extension for CURL.");
  67. }
  68. if (!function_exists("json_encode")) {
  69. array_push($errors, "PHP support for JSON is required, but was not found.");
  70. }
  71. if (!class_exists("PDO")) {
  72. array_push($errors, "PHP support for PDO is required but was not found.");
  73. }
  74. if (!function_exists("mb_strlen")) {
  75. array_push($errors, "PHP support for mbstring functions is required but was not found.");
  76. }
  77. if (!function_exists("hash")) {
  78. array_push($errors, "PHP support for hash() function is required but was not found.");
  79. }
  80. if (!function_exists("iconv")) {
  81. array_push($errors, "PHP support for iconv is required to handle multiple charsets.");
  82. }
  83. if (ini_get("safe_mode")) {
  84. array_push($errors, "PHP safe mode setting is obsolete and not supported by tt-rss.");
  85. }
  86. if (!class_exists("DOMDocument")) {
  87. array_push($errors, "PHP support for DOMDocument is required, but was not found.");
  88. }
  89. return $errors;
  90. }
  91. function print_error($msg) {
  92. print "<div class='alert alert-error'>$msg</div>";
  93. }
  94. function print_notice($msg) {
  95. print "<div class=\"alert alert-info\">$msg</div>";
  96. }
  97. function pdo_connect($host, $user, $pass, $db, $type, $port = false) {
  98. $db_port = $port ? ';port=' . $port : '';
  99. $db_host = $host ? ';host=' . $host : '';
  100. try {
  101. $pdo = new PDO($type . ':dbname=' . $db . $db_host . $db_port,
  102. $user,
  103. $pass);
  104. return $pdo;
  105. } catch (Exception $e) {
  106. print "<div class='alert alert-danger'>" . $e->getMessage() . "</div>";
  107. return null;
  108. }
  109. }
  110. function make_config($DB_TYPE, $DB_HOST, $DB_USER, $DB_NAME, $DB_PASS,
  111. $DB_PORT, $SELF_URL_PATH) {
  112. $data = explode("\n", file_get_contents("../config.php-dist"));
  113. $rv = "";
  114. $finished = false;
  115. foreach ($data as $line) {
  116. if (preg_match("/define\('DB_TYPE'/", $line)) {
  117. $rv .= "\tdefine('DB_TYPE', '$DB_TYPE');\n";
  118. } else if (preg_match("/define\('DB_HOST'/", $line)) {
  119. $rv .= "\tdefine('DB_HOST', '$DB_HOST');\n";
  120. } else if (preg_match("/define\('DB_USER'/", $line)) {
  121. $rv .= "\tdefine('DB_USER', '$DB_USER');\n";
  122. } else if (preg_match("/define\('DB_NAME'/", $line)) {
  123. $rv .= "\tdefine('DB_NAME', '$DB_NAME');\n";
  124. } else if (preg_match("/define\('DB_PASS'/", $line)) {
  125. $rv .= "\tdefine('DB_PASS', '$DB_PASS');\n";
  126. } else if (preg_match("/define\('DB_PORT'/", $line)) {
  127. $rv .= "\tdefine('DB_PORT', '$DB_PORT');\n";
  128. } else if (preg_match("/define\('SELF_URL_PATH'/", $line)) {
  129. $rv .= "\tdefine('SELF_URL_PATH', '$SELF_URL_PATH');\n";
  130. } else if (!$finished) {
  131. $rv .= "$line\n";
  132. }
  133. if (preg_match("/\?\>/", $line)) {
  134. $finished = true;
  135. }
  136. }
  137. return $rv;
  138. }
  139. function is_server_https() {
  140. return (!empty($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] != 'off')) || (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https');
  141. }
  142. function make_self_url_path() {
  143. $url_path = (is_server_https() ? 'https://' : 'http://') . $_SERVER["HTTP_HOST"] . parse_url($_SERVER["REQUEST_URI"], PHP_URL_PATH);
  144. return $url_path;
  145. }
  146. ?>
  147. <h1>Tiny Tiny RSS Installer</h1>
  148. <div class='content'>
  149. <?php
  150. if (file_exists("../config.php")) {
  151. require "../config.php";
  152. if (!defined('_INSTALLER_IGNORE_CONFIG_CHECK')) {
  153. print_error("Error: config.php already exists in tt-rss directory; aborting.");
  154. print "<form method='GET' action='../index.php'>
  155. <button type='submit' dojoType='dijit.form.Button' class='alt-primary'>Return to Tiny Tiny RSS</button>
  156. </form>";
  157. exit;
  158. }
  159. }
  160. @$op = $_REQUEST['op'];
  161. @$DB_HOST = strip_tags($_POST['DB_HOST']);
  162. @$DB_TYPE = strip_tags($_POST['DB_TYPE']);
  163. @$DB_USER = strip_tags($_POST['DB_USER']);
  164. @$DB_NAME = strip_tags($_POST['DB_NAME']);
  165. @$DB_PASS = strip_tags($_POST['DB_PASS']);
  166. @$DB_PORT = strip_tags($_POST['DB_PORT']);
  167. @$SELF_URL_PATH = strip_tags($_POST['SELF_URL_PATH']);
  168. if (!$SELF_URL_PATH) {
  169. $SELF_URL_PATH = preg_replace("/\/install\/$/", "/", make_self_url_path());
  170. }
  171. ?>
  172. <form action="" method="post">
  173. <input type="hidden" name="op" value="testconfig">
  174. <h2>Database settings</h2>
  175. <?php
  176. $issel_pgsql = $DB_TYPE == "pgsql" ? "selected='selected'" : "";
  177. $issel_mysql = $DB_TYPE == "mysql" ? "selected='selected'" : "";
  178. ?>
  179. <fieldset>
  180. <label>Database type:</label>
  181. <select name="DB_TYPE" dojoType="dijit.form.Select">
  182. <option <?php echo $issel_pgsql ?> value="pgsql">PostgreSQL</option>
  183. <option <?php echo $issel_mysql ?> value="mysql">MySQL</option>
  184. </select>
  185. </fieldset>
  186. <fieldset>
  187. <label>Username:</label>
  188. <input dojoType="dijit.form.TextBox" required name="DB_USER" size="20" value="<?php echo $DB_USER ?>"/>
  189. </fieldset>
  190. <fieldset>
  191. <label>Password:</label>
  192. <input dojoType="dijit.form.TextBox" name="DB_PASS" size="20" type="password" value="<?php echo $DB_PASS ?>"/>
  193. </fieldset>
  194. <fieldset>
  195. <label>Database name:</label>
  196. <input dojoType="dijit.form.TextBox" required name="DB_NAME" size="20" value="<?php echo $DB_NAME ?>"/>
  197. </fieldset>
  198. <fieldset>
  199. <label>Host name:</label>
  200. <input dojoType="dijit.form.TextBox" name="DB_HOST" size="20" value="<?php echo $DB_HOST ?>"/>
  201. <span class="hint">If needed</span>
  202. </fieldset>
  203. <fieldset>
  204. <label>Port:</label>
  205. <input dojoType="dijit.form.TextBox" name="DB_PORT" type="number" size="20" value="<?php echo $DB_PORT ?>"/>
  206. <span class="hint">Usually 3306 for MySQL or 5432 for PostgreSQL</span>
  207. </fieldset>
  208. <h2>Other settings</h2>
  209. <p>This should be set to the location your Tiny Tiny RSS will be available on.</p>
  210. <fieldset>
  211. <label>Tiny Tiny RSS URL:</label>
  212. <input dojoType="dijit.form.TextBox" type="url" name="SELF_URL_PATH" placeholder="<?php echo $SELF_URL_PATH; ?>" value="<?php echo $SELF_URL_PATH ?>"/>
  213. </fieldset>
  214. <p><button type="submit" dojoType="dijit.form.Button" class="alt-primary">Test configuration</button></p>
  215. </form>
  216. <?php if ($op == 'testconfig') { ?>
  217. <h2>Checking configuration</h2>
  218. <?php
  219. $errors = sanity_check($DB_TYPE);
  220. if (count($errors) > 0) {
  221. print "<p>Some configuration tests failed. Please correct them before continuing.</p>";
  222. print "<ul>";
  223. foreach ($errors as $error) {
  224. print "<li style='color : red'>$error</li>";
  225. }
  226. print "</ul>";
  227. exit;
  228. }
  229. $notices = array();
  230. if (!function_exists("curl_init")) {
  231. array_push($notices, "It is highly recommended to enable support for CURL in PHP.");
  232. }
  233. if (function_exists("curl_init") && ini_get("open_basedir")) {
  234. array_push($notices, "CURL and open_basedir combination breaks support for HTTP redirects. See the FAQ for more information.");
  235. }
  236. if (!function_exists("idn_to_ascii")) {
  237. array_push($notices, "PHP support for Internationalization Functions is required to handle Internationalized Domain Names.");
  238. }
  239. if ($DB_TYPE == "mysql" && !function_exists("mysqli_connect")) {
  240. array_push($notices, "PHP extension for MySQL (mysqli) is missing. This may prevent legacy plugins from working.");
  241. }
  242. if ($DB_TYPE == "pgsql" && !function_exists("pg_connect")) {
  243. array_push($notices, "PHP extension for PostgreSQL is missing. This may prevent legacy plugins from working.");
  244. }
  245. if (count($notices) > 0) {
  246. print_notice("Configuration check succeeded with minor problems:");
  247. print "<ul>";
  248. foreach ($notices as $notice) {
  249. print "<li>$notice</li>";
  250. }
  251. print "</ul>";
  252. } else {
  253. print_notice("Configuration check succeeded.");
  254. }
  255. ?>
  256. <h2>Checking database</h2>
  257. <?php
  258. $pdo = pdo_connect($DB_HOST, $DB_USER, $DB_PASS, $DB_NAME, $DB_TYPE, $DB_PORT);
  259. if (!$pdo) {
  260. print_error("Unable to connect to database using specified parameters (driver: $DB_TYPE).");
  261. exit;
  262. }
  263. print_notice("Database test succeeded.");
  264. ?>
  265. <h2>Initialize database</h2>
  266. <p>Before you can start using tt-rss, database needs to be initialized. Click on the button below to do that now.</p>
  267. <?php
  268. $res = $pdo->query("SELECT true FROM ttrss_feeds");
  269. if ($res && $res->fetch()) {
  270. print_error("Some tt-rss data already exists in this database. If you continue with database initialization your current data <b>WILL BE LOST</b>.");
  271. $need_confirm = true;
  272. } else {
  273. $need_confirm = false;
  274. }
  275. ?>
  276. <table><tr><td>
  277. <form method="post">
  278. <input type="hidden" name="op" value="installschema">
  279. <input type="hidden" name="DB_USER" value="<?php echo $DB_USER ?>"/>
  280. <input type="hidden" name="DB_PASS" value="<?php echo $DB_PASS ?>"/>
  281. <input type="hidden" name="DB_NAME" value="<?php echo $DB_NAME ?>"/>
  282. <input type="hidden" name="DB_HOST" value="<?php echo $DB_HOST ?>"/>
  283. <input type="hidden" name="DB_PORT" value="<?php echo $DB_PORT ?>"/>
  284. <input type="hidden" name="DB_TYPE" value="<?php echo $DB_TYPE ?>"/>
  285. <input type="hidden" name="SELF_URL_PATH" value="<?php echo $SELF_URL_PATH ?>"/>
  286. <p>
  287. <?php if ($need_confirm) { ?>
  288. <button onclick="return confirm('Please read the warning above. Continue?')" type="submit"
  289. class="alt-danger" dojoType="dijit.form.Button">Initialize database</button>
  290. <?php } else { ?>
  291. <button type="submit" class="alt-danger" dojoType="dijit.form.Button">Initialize database</button>
  292. <?php } ?>
  293. </p>
  294. </form>
  295. </td><td>
  296. <form method="post">
  297. <input type="hidden" name="DB_USER" value="<?php echo $DB_USER ?>"/>
  298. <input type="hidden" name="DB_PASS" value="<?php echo $DB_PASS ?>"/>
  299. <input type="hidden" name="DB_NAME" value="<?php echo $DB_NAME ?>"/>
  300. <input type="hidden" name="DB_HOST" value="<?php echo $DB_HOST ?>"/>
  301. <input type="hidden" name="DB_PORT" value="<?php echo $DB_PORT ?>"/>
  302. <input type="hidden" name="DB_TYPE" value="<?php echo $DB_TYPE ?>"/>
  303. <input type="hidden" name="SELF_URL_PATH" value="<?php echo $SELF_URL_PATH ?>"/>
  304. <input type="hidden" name="op" value="skipschema">
  305. <p><button type="submit" dojoType="dijit.form.Button">Skip initialization</button></p>
  306. </form>
  307. </td></tr></table>
  308. <?php
  309. } else if ($op == 'installschema' || $op == 'skipschema') {
  310. $pdo = pdo_connect($DB_HOST, $DB_USER, $DB_PASS, $DB_NAME, $DB_TYPE, $DB_PORT);
  311. if (!$pdo) {
  312. print_error("Unable to connect to database using specified parameters.");
  313. exit;
  314. }
  315. if ($op == 'installschema') {
  316. print "<h2>Initializing database...</h2>";
  317. $lines = explode(";", preg_replace("/[\r\n]/", "",
  318. file_get_contents("../schema/ttrss_schema_".basename($DB_TYPE).".sql")));
  319. foreach ($lines as $line) {
  320. if (strpos($line, "--") !== 0 && $line) {
  321. $res = $pdo->query($line);
  322. if (!$res) {
  323. print_notice("Query: $line");
  324. print_error("Error: " . implode(", ", $this->pdo->errorInfo()));
  325. }
  326. }
  327. }
  328. print_notice("Database initialization completed.");
  329. } else {
  330. print_notice("Database initialization skipped.");
  331. }
  332. print "<h2>Generated configuration file</h2>";
  333. print "<p>Copy following text and save as <code>config.php</code> in tt-rss main directory. It is suggested to read through the file to the end in case you need any options changed fom default values.</p>";
  334. print "<p>After copying the file, you will be able to login with default username and password combination: <code>admin</code> and <code>password</code>. Don't forget to change the password immediately!</p>"; ?>
  335. <form action="" method="post">
  336. <input type="hidden" name="op" value="saveconfig">
  337. <input type="hidden" name="DB_USER" value="<?php echo $DB_USER ?>"/>
  338. <input type="hidden" name="DB_PASS" value="<?php echo $DB_PASS ?>"/>
  339. <input type="hidden" name="DB_NAME" value="<?php echo $DB_NAME ?>"/>
  340. <input type="hidden" name="DB_HOST" value="<?php echo $DB_HOST ?>"/>
  341. <input type="hidden" name="DB_PORT" value="<?php echo $DB_PORT ?>"/>
  342. <input type="hidden" name="DB_TYPE" value="<?php echo $DB_TYPE ?>"/>
  343. <input type="hidden" name="SELF_URL_PATH" value="<?php echo $SELF_URL_PATH ?>"/>
  344. <?php print "<textarea rows='20' style='width : 100%'>";
  345. echo make_config($DB_TYPE, $DB_HOST, $DB_USER, $DB_NAME, $DB_PASS,
  346. $DB_PORT, $SELF_URL_PATH);
  347. print "</textarea>"; ?>
  348. <hr/>
  349. <?php if (is_writable("..")) { ?>
  350. <p>We can also try saving the file automatically now.</p>
  351. <p><button type="submit" dojoType='dijit.form.Button' class='alt-primary'>Save configuration</button></p>
  352. </form>
  353. <?php } else {
  354. print_error("Unfortunately, parent directory is not writable, so we're unable to save config.php automatically.");
  355. }
  356. print_notice("You can generate the file again by changing the form above.");
  357. } else if ($op == "saveconfig") {
  358. print "<h2>Saving configuration file to parent directory...</h2>";
  359. if (!file_exists("../config.php")) {
  360. $fp = fopen("../config.php", "w");
  361. if ($fp) {
  362. $written = fwrite($fp, make_config($DB_TYPE, $DB_HOST,
  363. $DB_USER, $DB_NAME, $DB_PASS,
  364. $DB_PORT, $SELF_URL_PATH));
  365. if ($written > 0) {
  366. print_notice("Successfully saved config.php. You can try <a href=\"..\">loading tt-rss now</a>.");
  367. } else {
  368. print_notice("Unable to write into config.php in tt-rss directory.");
  369. }
  370. fclose($fp);
  371. } else {
  372. print_error("Unable to open config.php in tt-rss directory for writing.");
  373. }
  374. } else {
  375. print_error("config.php already present in tt-rss directory, refusing to overwrite.");
  376. }
  377. }
  378. ?>
  379. </div>
  380. </body>
  381. </html>