diff options
author | Evan Prodromou <evan@status.net> | 2010-10-15 13:46:44 -0400 |
---|---|---|
committer | Evan Prodromou <evan@status.net> | 2010-10-15 13:46:44 -0400 |
commit | 06a8de060d4f24406f9589cd463812abf318f121 (patch) | |
tree | 01b648df7265b33e91c30bd13b143fd1474815dd | |
parent | 9b9ba297913fdfa62d9e6d37afa5ec17341442e3 (diff) | |
parent | 793ec16ed4a8cacee6420629a02d3bf26344f17d (diff) |
Merge remote branch 'gitorious/0.9.x' into 0.9.x
-rw-r--r-- | README | 5 | ||||
-rw-r--r-- | install.php | 83 | ||||
-rw-r--r-- | lib/installer.php | 42 |
3 files changed, 104 insertions, 26 deletions
@@ -683,8 +683,9 @@ instructions; read to the end first before trying them. 6. Move your StatusNet directory to a backup spot, like "statusnet.bak". 7. Unpack your StatusNet 0.9.5 tarball and move it to "statusnet" or wherever your code used to be. -8. Copy the config.php file and avatar directory from your old - directory to your new directory. +8. Copy the config.php file and the contents of the avatar/, background/, + file/, and local/ subdirectories from your old directory to your new + directory. 9. Copy htaccess.sample to .htaccess in the new directory. Change the RewriteBase to use the correct path. 10. Rebuild the database. (You can safely skip this step and go to #12 diff --git a/install.php b/install.php index 158d51fa3..9b0d19882 100644 --- a/install.php +++ b/install.php @@ -45,13 +45,61 @@ require INSTALLDIR . '/lib/installer.php'; * Helper class for building form */ class Posted { + /** + * HTML-friendly escaped string for the POST param of given name, or empty. + * @param string $name + * @return string + */ function value($name) { + return htmlspecialchars($this->string($name)); + } + + /** + * The given POST parameter value, forced to a string. + * Missing value will give ''. + * + * @param string $name + * @return string + */ + function string($name) + { + return strval($this->raw($name)); + } + + /** + * The given POST parameter value, in its original form. + * Magic quotes are stripped, if provided. + * Missing value will give null. + * + * @param string $name + * @return mixed + */ + function raw($name) + { if (isset($_POST[$name])) { - return htmlspecialchars(strval($_POST[$name])); + return $this->dequote($_POST[$name]); } else { - return ''; + return null; + } + } + + /** + * If necessary, strip magic quotes from the given value. + * + * @param mixed $val + * @return mixed + */ + function dequote($val) + { + if (get_magic_quotes_gpc()) { + if (is_string($val)) { + return stripslashes($val); + } else if (is_array($val)) { + return array_map(array($this, 'dequote'), $val); + } } + return $val; } } @@ -107,11 +155,7 @@ class WebInstaller extends Installer global $dbModules; $post = new Posted(); $dbRadios = ''; - if (isset($_POST['dbtype'])) { - $dbtype = $_POST['dbtype']; - } else { - $dbtype = null; - } + $dbtype = $post->raw('dbtype'); foreach (self::$dbModules as $type => $info) { if ($this->checkExtension($info['check_module'])) { if ($dbtype == null || $dbtype == $type) { @@ -245,19 +289,20 @@ STR; */ function prepare() { - $this->host = $_POST['host']; - $this->dbtype = $_POST['dbtype']; - $this->database = $_POST['database']; - $this->username = $_POST['dbusername']; - $this->password = $_POST['dbpassword']; - $this->sitename = $_POST['sitename']; - $this->fancy = !empty($_POST['fancy']); + $post = new Posted(); + $this->host = $post->string('host'); + $this->dbtype = $post->string('dbtype'); + $this->database = $post->string('database'); + $this->username = $post->string('dbusername'); + $this->password = $post->string('dbpassword'); + $this->sitename = $post->string('sitename'); + $this->fancy = (bool)$post->string('fancy'); - $this->adminNick = strtolower($_POST['admin_nickname']); - $this->adminPass = $_POST['admin_password']; - $adminPass2 = $_POST['admin_password2']; - $this->adminEmail = $_POST['admin_email']; - $this->adminUpdates = $_POST['admin_updates']; + $this->adminNick = strtolower($post->string('admin_nickname')); + $this->adminPass = $post->string('admin_password'); + $adminPass2 = $post->string('admin_password2'); + $this->adminEmail = $post->string('admin_email'); + $this->adminUpdates = $post->string('admin_updates'); $this->server = $_SERVER['HTTP_HOST']; $this->path = substr(dirname($_SERVER['PHP_SELF']), 1); diff --git a/lib/installer.php b/lib/installer.php index c046eadea..a9d809011 100644 --- a/lib/installer.php +++ b/lib/installer.php @@ -392,6 +392,30 @@ abstract class Installer } /** + * Return a parseable PHP literal for the given value. + * This will include quotes for strings, etc. + * + * @param mixed $val + * @return string + */ + function phpVal($val) + { + return var_export($val, true); + } + + /** + * Return an array of parseable PHP literal for the given values. + * These will include quotes for strings, etc. + * + * @param mixed $val + * @return array + */ + function phpVals($map) + { + return array_map(array($this, 'phpVal'), $map); + } + + /** * Write a stock configuration file. * * @return boolean success @@ -400,24 +424,32 @@ abstract class Installer */ function writeConf() { + $vals = $this->phpVals(array( + 'sitename' => $this->sitename, + 'server' => $this->server, + 'path' => $this->path, + 'db_database' => $this->db['database'], + 'db_type' => $this->db['type'], + )); + // assemble configuration file in a string $cfg = "<?php\n". "if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); }\n\n". // site name - "\$config['site']['name'] = '{$this->sitename}';\n\n". + "\$config['site']['name'] = {$vals['sitename']};\n\n". // site location - "\$config['site']['server'] = '{$this->server}';\n". - "\$config['site']['path'] = '{$this->path}'; \n\n". + "\$config['site']['server'] = {$vals['server']};\n". + "\$config['site']['path'] = {$vals['path']}; \n\n". // checks if fancy URLs are enabled ($this->fancy ? "\$config['site']['fancy'] = true;\n\n":''). // database - "\$config['db']['database'] = '{$this->db['database']}';\n\n". + "\$config['db']['database'] = {$vals['db_database']};\n\n". ($this->db['type'] == 'pgsql' ? "\$config['db']['quote_identifiers'] = true;\n\n":''). - "\$config['db']['type'] = '{$this->db['type']}';\n\n"; + "\$config['db']['type'] = {$vals['db_type']};\n\n"; // Normalize line endings for Windows servers $cfg = str_replace("\n", PHP_EOL, $cfg); |