X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FModule%2FInstall.php;h=2e0f16c4e9b2260afb5a73bbf156f325652fe8cc;hb=eaea24f98bfe31ac7d0df77948b5a0ff86d51eb0;hp=2ef2c32299d1ba2a4033dcc4b8e7944c1efe3f96;hpb=f7147fae960db05d75ec86479803e56dbf4f835b;p=friendica.git diff --git a/src/Module/Install.php b/src/Module/Install.php index 2ef2c32299..2e0f16c4e9 100644 --- a/src/Module/Install.php +++ b/src/Module/Install.php @@ -8,6 +8,8 @@ use Friendica\Database\DBA; use Friendica\Database\DBStructure; use Friendica\Core; use Friendica\Core\L10n; +use Friendica\Core\Renderer; +use Friendica\Util\Strings; use Friendica\Util\Temporal; class Install extends BaseModule @@ -52,7 +54,7 @@ class Install extends BaseModule // We overwrite current theme css, because during install we may not have a working mod_rewrite // so we may not have a css at all. Here we set a static css file for the install procedure pages - $a->theme['stylesheet'] = $a->getBaseURL() . '/view/install/style.css'; + Renderer::$theme['stylesheet'] = $a->getBaseURL() . '/view/install/style.css'; self::$installer = new Core\Installer(); self::$currentWizardStep = defaults($_POST, 'pass', self::SYSTEM_CHECK); @@ -69,10 +71,10 @@ class Install extends BaseModule break; case self::SITE_SETTINGS: - $dbhost = notags(trim(defaults($_POST, 'dbhost', Core\Installer::DEFAULT_HOST))); - $dbuser = notags(trim(defaults($_POST, 'dbuser', ''))); - $dbpass = notags(trim(defaults($_POST, 'dbpass', ''))); - $dbdata = notags(trim(defaults($_POST, 'dbdata', ''))); + $dbhost = Strings::escapeTags(trim(defaults($_POST, 'dbhost', Core\Installer::DEFAULT_HOST))); + $dbuser = Strings::escapeTags(trim(defaults($_POST, 'dbuser', ''))); + $dbpass = Strings::escapeTags(trim(defaults($_POST, 'dbpass', ''))); + $dbdata = Strings::escapeTags(trim(defaults($_POST, 'dbdata', ''))); // If we cannot connect to the database, return to the previous step if (!self::$installer->checkDB($dbhost, $dbuser, $dbpass, $dbdata)) { @@ -83,13 +85,13 @@ class Install extends BaseModule case self::FINISHED: $urlpath = $a->getURLPath(); - $dbhost = notags(trim(defaults($_POST, 'dbhost', Core\Installer::DEFAULT_HOST))); - $dbuser = notags(trim(defaults($_POST, 'dbuser', ''))); - $dbpass = notags(trim(defaults($_POST, 'dbpass', ''))); - $dbdata = notags(trim(defaults($_POST, 'dbdata', ''))); - $timezone = notags(trim(defaults($_POST, 'timezone', Core\Installer::DEFAULT_TZ))); - $language = notags(trim(defaults($_POST, 'language', Core\Installer::DEFAULT_LANG))); - $adminmail = notags(trim(defaults($_POST, 'adminmail', ''))); + $dbhost = Strings::escapeTags(trim(defaults($_POST, 'dbhost', Core\Installer::DEFAULT_HOST))); + $dbuser = Strings::escapeTags(trim(defaults($_POST, 'dbuser', ''))); + $dbpass = Strings::escapeTags(trim(defaults($_POST, 'dbpass', ''))); + $dbdata = Strings::escapeTags(trim(defaults($_POST, 'dbdata', ''))); + $timezone = Strings::escapeTags(trim(defaults($_POST, 'timezone', Core\Installer::DEFAULT_TZ))); + $language = Strings::escapeTags(trim(defaults($_POST, 'language', Core\Installer::DEFAULT_LANG))); + $adminmail = Strings::escapeTags(trim(defaults($_POST, 'adminmail', ''))); // If we cannot connect to the database, return to the Database config wizard if (!self::$installer->checkDB($dbhost, $dbuser, $dbpass, $dbdata)) { @@ -115,7 +117,7 @@ class Install extends BaseModule $output = ''; - $install_title = L10n::t('Friendica Communctions Server - Setup'); + $install_title = L10n::t('Friendica Communications Server - Setup'); switch (self::$currentWizardStep) { case self::SYSTEM_CHECK: @@ -123,13 +125,13 @@ class Install extends BaseModule $status = self::$installer->checkEnvironment($a->getBaseURL(), $phppath); - $tpl = get_markup_template('install_checks.tpl'); - $output .= replace_macros($tpl, [ + $tpl = Renderer::getMarkupTemplate('install_checks.tpl'); + $output .= Renderer::replaceMacros($tpl, [ '$title' => $install_title, '$pass' => L10n::t('System check'), '$checks' => self::$installer->getChecks(), '$passed' => $status, - '$see_install' => L10n::t('Please see the file "Install.txt".'), + '$see_install' => L10n::t('Please see the file "INSTALL.txt".'), '$next' => L10n::t('Next'), '$reload' => L10n::t('Check again'), '$phpath' => $phppath, @@ -138,15 +140,15 @@ class Install extends BaseModule break; case self::DATABASE_CONFIG: - $dbhost = notags(trim(defaults($_POST, 'dbhost' , Core\Installer::DEFAULT_HOST))); - $dbuser = notags(trim(defaults($_POST, 'dbuser' , '' ))); - $dbpass = notags(trim(defaults($_POST, 'dbpass' , '' ))); - $dbdata = notags(trim(defaults($_POST, 'dbdata' , '' ))); - $phpath = notags(trim(defaults($_POST, 'phpath' , '' ))); - $adminmail = notags(trim(defaults($_POST, 'adminmail', '' ))); - - $tpl = get_markup_template('install_db.tpl'); - $output .= replace_macros($tpl, [ + $dbhost = Strings::escapeTags(trim(defaults($_POST, 'dbhost' , Core\Installer::DEFAULT_HOST))); + $dbuser = Strings::escapeTags(trim(defaults($_POST, 'dbuser' , '' ))); + $dbpass = Strings::escapeTags(trim(defaults($_POST, 'dbpass' , '' ))); + $dbdata = Strings::escapeTags(trim(defaults($_POST, 'dbdata' , '' ))); + $phpath = Strings::escapeTags(trim(defaults($_POST, 'phpath' , '' ))); + $adminmail = Strings::escapeTags(trim(defaults($_POST, 'adminmail', '' ))); + + $tpl = Renderer::getMarkupTemplate('install_db.tpl'); + $output .= Renderer::replaceMacros($tpl, [ '$title' => $install_title, '$pass' => L10n::t('Database connection'), '$info_01' => L10n::t('In order to install Friendica we need to know how to connect to your database.'), @@ -189,20 +191,20 @@ class Install extends BaseModule break; case self::SITE_SETTINGS: - $dbhost = notags(trim(defaults($_POST, 'dbhost', Core\Installer::DEFAULT_HOST))); - $dbuser = notags(trim(defaults($_POST, 'dbuser', '' ))); - $dbpass = notags(trim(defaults($_POST, 'dbpass', '' ))); - $dbdata = notags(trim(defaults($_POST, 'dbdata', '' ))); - $phpath = notags(trim(defaults($_POST, 'phpath', '' ))); + $dbhost = Strings::escapeTags(trim(defaults($_POST, 'dbhost', Core\Installer::DEFAULT_HOST))); + $dbuser = Strings::escapeTags(trim(defaults($_POST, 'dbuser', '' ))); + $dbpass = Strings::escapeTags(trim(defaults($_POST, 'dbpass', '' ))); + $dbdata = Strings::escapeTags(trim(defaults($_POST, 'dbdata', '' ))); + $phpath = Strings::escapeTags(trim(defaults($_POST, 'phpath', '' ))); - $adminmail = notags(trim(defaults($_POST, 'adminmail', ''))); + $adminmail = Strings::escapeTags(trim(defaults($_POST, 'adminmail', ''))); $timezone = defaults($_POST, 'timezone', Core\Installer::DEFAULT_TZ); /* Installed langs */ $lang_choices = L10n::getAvailableLanguages(); - $tpl = get_markup_template('install_settings.tpl'); - $output .= replace_macros($tpl, [ + $tpl = Renderer::getMarkupTemplate('install_settings.tpl'); + $output .= Renderer::replaceMacros($tpl, [ '$title' => $install_title, '$checks' => self::$installer->getChecks(), '$pass' => L10n::t('Site settings'), @@ -232,8 +234,8 @@ class Install extends BaseModule $db_return_text .= $txt; } - $tpl = get_markup_template('install_finished.tpl'); - $output .= replace_macros($tpl, [ + $tpl = Renderer::getMarkupTemplate('install_finished.tpl'); + $output .= Renderer::replaceMacros($tpl, [ '$title' => $install_title, '$checks' => self::$installer->getChecks(), '$pass' => L10n::t('Installation finished'),