install.php
changeset 201 c26308d81882
parent 200 07cf7b0c175f
child 202 c9fd175289aa
child 204 ba28d43a6b86
equal deleted inserted replaced
200:07cf7b0c175f 201:c26308d81882
   143   ob_start();
   143   ob_start();
   144   echo '<tr><td style="width: 500px; background-color: #' . "FF{$neutral_color}{$neutral_color}{$neutral_color}{$neutral_color}" . '; padding: 0 5px;">' . htmlspecialchars($stage_name) . '</td><td style="padding: 0 5px;"><img alt="Failed" src="images/bad.gif" /></td></tr>' . "\n";
   144   echo '<tr><td style="width: 500px; background-color: #' . "FF{$neutral_color}{$neutral_color}{$neutral_color}{$neutral_color}" . '; padding: 0 5px;">' . htmlspecialchars($stage_name) . '</td><td style="padding: 0 5px;"><img alt="Failed" src="images/bad.gif" /></td></tr>' . "\n";
   145   ob_end_flush();
   145   ob_end_flush();
   146   close_install_table();
   146   close_install_table();
   147   $post_data = '';
   147   $post_data = '';
       
   148   $mysql_error = mysql_error();
   148   foreach ( $_POST as $key => $value )
   149   foreach ( $_POST as $key => $value )
   149   {
   150   {
   150     $value = htmlspecialchars($value);
   151     $value = htmlspecialchars($value);
   151     $key = htmlspecialchars($key);
   152     $key = htmlspecialchars($key);
   152     $post_data .= "          <input type=\"hidden\" name=\"$key\" value=\"$value\" />\n";
   153     $post_data .= "          <input type=\"hidden\" name=\"$key\" value=\"$value\" />\n";
   154   echo '<form action="install.php?mode=install&amp;stage=' . $stage_id . '" method="post">
   155   echo '<form action="install.php?mode=install&amp;stage=' . $stage_id . '" method="post">
   155           ' . $post_data . '
   156           ' . $post_data . '
   156           <input type="hidden" name="resume_stack" value="' . htmlspecialchars(implode('|', $resume_stack)) . '" />
   157           <input type="hidden" name="resume_stack" value="' . htmlspecialchars(implode('|', $resume_stack)) . '" />
   157           <h3>Enano installation failed.</h3>
   158           <h3>Enano installation failed.</h3>
   158            <p>' . $failure_explanation . '</p>
   159            <p>' . $failure_explanation . '</p>
       
   160            ' . ( !empty($mysql_error) ? "<p>The error returned from MySQL was: $mysql_error</p>" : '' ) . '
   159            <p>When you have corrected the error, click the button below to attempt to continue the installation.</p>
   161            <p>When you have corrected the error, click the button below to attempt to continue the installation.</p>
   160            <p style="text-align: center;"><input type="submit" value="Retry installation" /></p>
   162            <p style="text-align: center;"><input type="submit" value="Retry installation" /></p>
   161         </form>';
   163         </form>';
   162   global $template, $template_bak;
   164   global $template, $template_bak;
   163   if ( is_object($template_bak) )
   165   if ( is_object($template_bak) )
   196       {
   198       {
   197         // Couldn't connect using either set of credentials. Bail out.
   199         // Couldn't connect using either set of credentials. Bail out.
   198         return false;
   200         return false;
   199       }
   201       }
   200       // Create the user account
   202       // Create the user account
   201       $q = @mysql_query("GRANT ALL PRIVILEGES ON test.* TO '{$db_user}'@'localhost' IDENTIFIED BY '$db_pass' WITH GRANT OPTION;", $conn);
   203       $q = @mysql_query("GRANT ALL PRIVILEGES ON test.* TO '{$db_user}'@'localhost' IDENTIFIED BY '$db_pass' WITH GRANT OPTION;", $conn_root);
   202       if ( !$q )
   204       if ( !$q )
       
   205       {
   203         return false;
   206         return false;
       
   207       }
   204       // Revoke privileges from test, we don't need them
   208       // Revoke privileges from test, we don't need them
   205       $q = @mysql_query("REVOKE ALL PRIVILEGES ON test.* FROM '{$db_user}'@'localhost';", $conn);
   209       $q = @mysql_query("REVOKE ALL PRIVILEGES ON test.* FROM '{$db_user}'@'localhost';", $conn_root);
   206       if ( !$q )
   210       if ( !$q )
       
   211       {
   207         return false;
   212         return false;
       
   213       }
   208       if ( $_POST['db_host'] != 'localhost' && $_POST['db_host'] != '127.0.0.1' && $_POST['db_host'] != '::1' )
   214       if ( $_POST['db_host'] != 'localhost' && $_POST['db_host'] != '127.0.0.1' && $_POST['db_host'] != '::1' )
   209       {
   215       {
   210         // If not connecting to a server running on localhost, allow from any host
   216         // If not connecting to a server running on localhost, allow from any host
   211         // this is safer than trying to detect the hostname of the webserver, but less secure
   217         // this is safer than trying to detect the hostname of the webserver, but less secure
   212         $q = @mysql_query("GRANT ALL PRIVILEGES ON test.* TO '{$db_user}'@'%' IDENTIFIED BY '$db_pass' WITH GRANT OPTION;", $conn);
   218         $q = @mysql_query("GRANT ALL PRIVILEGES ON test.* TO '{$db_user}'@'%' IDENTIFIED BY '$db_pass' WITH GRANT OPTION;", $conn_root);
   213         if ( !$q )
   219         if ( !$q )
       
   220         {
   214           return false;
   221           return false;
       
   222         }
   215         // Revoke privileges from test, we don't need them
   223         // Revoke privileges from test, we don't need them
   216         $q = @mysql_query("REVOKE ALL PRIVILEGES ON test.* FROM '{$db_user}'@'%';", $conn);
   224         $q = @mysql_query("REVOKE ALL PRIVILEGES ON test.* FROM '{$db_user}'@'%';", $conn_root);
   217         if ( !$q )
   225         if ( !$q )
       
   226         {
   218           return false;
   227           return false;
       
   228         }
   219       }
   229       }
   220     }
   230     }
   221   }
   231   }
   222   $q = @mysql_query("USE $db_name;", $conn);
   232   $q = @mysql_query("USE $db_name;", $conn);
   223   if ( !$q )
   233   if ( !$q )
   230       {
   240       {
   231         // Couldn't connect as root; bail out
   241         // Couldn't connect as root; bail out
   232         return false;
   242         return false;
   233       }
   243       }
   234       // create the database, if it doesn't exist
   244       // create the database, if it doesn't exist
   235       $q = @mysql_query("CREATE DATABASE $db_name;", $conn);
   245       $q = @mysql_query("CREATE DATABASE IF NOT EXISTS $db_name;", $conn_root);
   236       if ( !$q )
   246       if ( !$q )
       
   247       {
   237         // this really should never fail, so don't give any tolerance to it
   248         // this really should never fail, so don't give any tolerance to it
   238         return false;
   249         return false;
       
   250       }
   239       // we're in with root rights; grant access to the database
   251       // we're in with root rights; grant access to the database
   240       $q = @mysql_query("GRANT ALL PRIVILEGES ON $db_name.* TO '{$db_user}'@'localhost';", $conn);
   252       $q = @mysql_query("GRANT ALL PRIVILEGES ON $db_name.* TO '{$db_user}'@'localhost';", $conn_root);
   241       if ( !$q )
   253       if ( !$q )
       
   254       {
   242         return false;
   255         return false;
       
   256       }
   243       if ( $_POST['db_host'] != 'localhost' && $_POST['db_host'] != '127.0.0.1' && $_POST['db_host'] != '::1' )
   257       if ( $_POST['db_host'] != 'localhost' && $_POST['db_host'] != '127.0.0.1' && $_POST['db_host'] != '::1' )
   244       {
   258       {
   245         $q = @mysql_query("GRANT ALL PRIVILEGES ON $db_name.* TO '{$db_user}'@'%';", $conn);
   259         $q = @mysql_query("GRANT ALL PRIVILEGES ON $db_name.* TO '{$db_user}'@'%';", $conn_root);
   246         if ( !$q )
   260         if ( !$q )
       
   261         {
   247           return false;
   262           return false;
       
   263         }
   248       }
   264       }
   249     }
   265     }
   250     else
   266     else
   251     {
   267     {
   252       return false;
   268       return false;
   253     }
   269     }
   254     // try again
   270     // try again
   255     $q = @mysql_query("USE '$db_name';", $conn);
   271     $q = @mysql_query("USE $db_name;", $conn);
   256     if ( !$q )
   272     if ( !$q )
       
   273     {
   257       // really failed this time; bail out
   274       // really failed this time; bail out
   258       return false;
   275       return false;
       
   276     }
   259   }
   277   }
   260   // connected and database exists
   278   // connected and database exists
   261   return true;
   279   return true;
   262 }
   280 }
   263 
   281 
  1502       err('Hacking attempt was detected in table_prefix.');
  1520       err('Hacking attempt was detected in table_prefix.');
  1503     
  1521     
  1504       start_install_table();
  1522       start_install_table();
  1505       // The stages connect, decrypt, genkey, and parse are preprocessing and don't do any actual data modification.
  1523       // The stages connect, decrypt, genkey, and parse are preprocessing and don't do any actual data modification.
  1506       // Thus, they need to be run on each retry, e.g. never skipped.
  1524       // Thus, they need to be run on each retry, e.g. never skipped.
  1507       run_installer_stage('connect', 'Connect to MySQL', 'stg_mysql_connect', 'MySQL denied our attempt to connect to the database. This is most likely because your login information was incorrect. You will most likely need to <a href="install.php?mode=license">restart the installation</a>.<br /><br />Error message returned by MySQL: ' . mysql_error(), false);
  1525       run_installer_stage('connect', 'Connect to MySQL', 'stg_mysql_connect', 'MySQL denied our attempt to connect to the database. This is most likely because your login information was incorrect. You will most likely need to <a href="install.php?mode=license">restart the installation</a>.', false);
  1508       if ( isset($_POST['drop_tables']) )
  1526       if ( isset($_POST['drop_tables']) )
  1509       {
  1527       {
  1510         // Are we supposed to drop any existing tables? If so, do it now
  1528         // Are we supposed to drop any existing tables? If so, do it now
  1511         run_installer_stage('drop', 'Drop existing Enano tables', 'stg_drop_tables', 'This step never returns failure');
  1529         run_installer_stage('drop', 'Drop existing Enano tables', 'stg_drop_tables', 'This step never returns failure');
  1512       }
  1530       }