More fixes for admin password hashing
[mailer.git] / inc / mysql-connect.php
1 <?php
2 /************************************************************************
3  * MXChange v0.2.1                                    Start: 11/16/2003 *
4  * ===============                              Last change: 12/13/2004 *
5  *                                                                      *
6  * -------------------------------------------------------------------- *
7  * File              : mysql-connect.php                                *
8  * -------------------------------------------------------------------- *
9  * Short description : Connects to your database                        *
10  * -------------------------------------------------------------------- *
11  * Kurzbeschreibung  : Verbindet zu Ihrer Datenbank                     *
12  * -------------------------------------------------------------------- *
13  *                                                                      *
14  * -------------------------------------------------------------------- *
15  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
16  * For more information visit: http://www.mxchange.org                  *
17  *                                                                      *
18  * This program is free software; you can redistribute it and/or modify *
19  * it under the terms of the GNU General Public License as published by *
20  * the Free Software Foundation; either version 2 of the License, or    *
21  * (at your option) any later version.                                  *
22  *                                                                      *
23  * This program is distributed in the hope that it will be useful,      *
24  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
25  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
26  * GNU General Public License for more details.                         *
27  *                                                                      *
28  * You should have received a copy of the GNU General Public License    *
29  * along with this program; if not, write to the Free Software          *
30  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
31  * MA  02110-1301  USA                                                  *
32  ************************************************************************/
33
34 // Some security stuff...
35 if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
36         $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
37         require($INC);
38 }
39
40 // CFG: DEBUG-SQL (if enabled and DEBUG_MODE is enabled all SQL queries will be logged to debug.log)
41 define('DEBUG_SQL', false);
42
43 // Load library
44 require_once(PATH."inc/db/lib.php");
45
46 // Load general functions
47 require_once(PATH."inc/functions.php");  // Non-database functions
48 require_once(PATH."inc/extensions.php");
49 require_once(PATH."inc/language.php");
50
51 // Check if the user setups his MySQL stuff...
52 if ((empty($MySQL['login'])) && (!isBooleanConstantAndTrue('mxchange_installing')) && (!isset($_GET['installing'])) && (isBooleanConstantAndTrue('mxchange_installed'))) {
53         // No login entered and outside installation mode
54         echo "<STRONG>".LANG_WARNING.":</STRONG> ";
55         if (isBooleanConstantAndTrue('mxchange_installed')) {
56                 // You have changed my configuration file!
57                 die(DIE_CONFIG_CHANGED_YOU);
58         } else {
59                 // Please run the installation script (maybe again)
60                 die(DIE_RUN_INSTALL_MYSQL);
61         }
62 } elseif ((!isBooleanConstantAndTrue('mxchange_installing')) && (!isset($_GET['installing'])) && (empty($MySQL['password'])) && (isBooleanConstantAndTrue('warn_no_pass'))) {
63         // No database password entered!!!
64         echo "<STRONG>".LANG_WARNING.":</STRONG> ".WARN_NULL_PASSWORD;
65 }
66
67 // Init configuration arrays
68 $_CONFIG = array(
69         'code_length' => 0
70 );
71
72 // Check if this file is writeable or read-only and warn the user
73 if ((!isBooleanConstantAndTrue('mxchange_installing')) && (isBooleanConstantAndTrue('mxchange_installed'))) {
74         // Check for write-permission for config.php and inc directory
75         if (empty($GLOBALS['module'])) $GLOBALS['module'] = "index";
76         if (($GLOBALS['module'] != "admin") && (isBooleanConstantAndTrue('admin_registered')) && (!isset($_SERVER['WINDIR']))) {
77                 if (is_INCWritable("config"))     ADD_FATAL(FATAL_CONFIG_WRITABLE);
78                 if (is_INCWritable("dummy"))      ADD_FATAL(FATAL_INC_WRITABLE);
79         }
80         $EXT_CSS_FILES = array();
81
82         // Load "databases" aka static arrays
83         require_once(PATH."inc/databases.php");     // Several hard-coded databases (arrays, constants)
84
85         if ((!empty($MySQL['host'])) && (!empty($MySQL['login'])) && (!empty($MySQL['password'])) && (!empty($MySQL['dbase']))) {
86                 // Connect to DB
87                 global $link;
88                 $link = SQL_CONNECT($MySQL['host'], $MySQL['login'], $MySQL['password'], __FILE__, __LINE__);
89
90                 // Is the link valid?
91                 if (is_resource($link)) {
92                         // Choose the database
93                         global $db;
94                         $db = SQL_SELECT_DB($MySQL['dbase'], $link, __FILE__, __LINE__);
95
96                         // Is it a valid resource?
97                         if ($db === true) {
98                                 // Load more include files
99                                 require_once(PATH."inc/mysql-manager.php"); // Functions which interact with the database
100
101                                 // Load configuration stuff
102                                 $result = SQL_QUERY("SELECT pass_len, points_register, points_ref, least_cats, check_double_email, check_double_pass, admin_notify, url_tlock, test_text, max_tlength, test_subj, autosend_active, max_send, url_blacklist, auto_purge, auto_purge_active, last_update, unconfirmed, profile_lock, online_timeout, mad_timestamp, mad_count, profile_update, send_prof_update, resend_profile_update, code_length, patch_level, patch_ctime, guest_stats, ref_payout, activate_xchange, order_multi_page, display_refid, ip_timeout, allow_direct_pay, config
103 FROM "._MYSQL_PREFIX."_config
104 WHERE config=0
105 LIMIT 1", __FILE__, __LINE__);
106
107                                 if (SQL_NUMROWS($result) == 1) {
108                                         // Load data when previous SQL query did not fail
109                                         if (!is_resource($result)) {
110                                                 // Something went wrong
111                                                 ADD_FATAL(FATAL_CANNOT_LOAD_CONFIG);
112                                                 return;
113                                         }
114
115                                         // Load the configuration
116                                         $_CONFIG = array_merge($_CONFIG, SQL_FETCHARRAY($result));
117
118                                         // Initialize include-file-pool
119                                         $INC_POOL = array();
120
121                                         // Run daily reset
122                                         if ((date("d", $_CONFIG['last_update']) != date("d", time()) || ((isBooleanConstantAndTrue('DEBUG_MODE')))) && (!isBooleanConstantAndTrue('mxchange_installing')) && (isBooleanConstantAndTrue('mxchange_installed')) && (isBooleanConstantAndTrue('admin_registered')) && (!isset($_GET['register'])) && ($CSS != 1)) {
123                                                 // Do daily things in external PHP file but only when script is completely setup
124                                                 $INC_POOL[] = PATH."inc/reset/reset_daily.php";
125
126                                                 // Daily reset was run!
127                                                 define('__DAILY_RESET', "1");
128                                         }
129
130                                         // Load all extensions
131                                         require_once(PATH."inc/load_extensions.php");
132
133                                         // Loading patching system is required here...
134                                         require_once(PATH."inc/patch-system.php"); // Initialize patch system
135
136                                         // Functions which are related to themes
137                                         require_once(PATH."inc/theme-manager.php");
138
139                                         // Initialize session management
140                                         require_once(PATH."inc/session.php");
141
142                                         // Load admin include file if he is admin
143                                         if (IS_ADMIN()) {
144                                                 // Administrative functions
145                                                 require_once(PATH."inc/modules/admin/admin-inc.php");
146                                         }
147
148                                         // Get all values
149                                         if (($CSS != 1) && ($CSS != -1)) {
150                                                 if (empty($GLOBALS['module']))  $GLOBALS['module'] = "empty";
151                                                 if (empty($GLOBALS['what']))    $GLOBALS['what']   = GET_WHAT($GLOBALS['module']);
152                                                 if (empty($GLOBALS['action']))  $GLOBALS['action'] = GET_ACTION($GLOBALS['module'], $GLOBALS['what']);
153                                         } else {
154                                                 // Set action/what to empty
155                                                 $GLOBALS['action'] = "";
156                                                 $GLOBALS['what']   = "";
157                                         }
158
159                                         // Secure and validate user ID from cookie
160                                         UPDATE_LOGIN_DATA();
161
162                                         // Update online list
163                                         UPDATE_ONLINE_LIST(get_session('PHPSESSID'), $GLOBALS['module'], $GLOBALS['action'], $GLOBALS['what']);
164
165                                         // Load theme name
166                                         $CurrTheme = GET_CURR_THEME();
167
168                                         // Set default 'what' value
169                                         //* DEBUG */ echo "-".$GLOBALS['module']."/".$GLOBALS['what']."-<br />\n";
170                                         if ((empty($GLOBALS['what'])) && (empty($GLOBALS['action'])) && ($CSS != 1) && ($CSS != -1)) {
171                                                 if ($GLOBALS['module'] == "admin") {
172                                                         // Set 'action' value to 'login' in admin menu
173                                                         $GLOBALS['action'] = GET_ACTION($GLOBALS['module'], $GLOBALS['what']);
174                                                 } elseif (($GLOBALS['module'] == "index") || ($GLOBALS['module'] == "login")) {
175                                                         // Set 'what' value to 'welcome' in guest and member menu
176                                                         $GLOBALS['what'] = "welcome";
177                                                         if (!empty($_CONFIG['index_home'])) $GLOBALS['what'] = $_CONFIG['index_home'];
178                                                 } else {
179                                                         // Anything else like begging link
180                                                         $GLOBALS['what'] = "";
181                                                 }
182                                         }
183
184                                         // Update sending pool
185                                         if (($CSS != "1") && ($CSS != "-1")) require_once(PATH."inc/pool-update.php"); // Sends out mails in configureable steps
186
187                                         // Load all active extension including language files when not upgrading.
188                                         // Check module for testing and count one click
189                                         $dummy = CHECK_MODULE($GLOBALS['module']);
190                                         if ($dummy == "done") COUNT_MODULE($GLOBALS['module']);
191                                         unset($dummy);
192
193                                         // Shall we activate the exchange?
194                                         if ($_CONFIG['activate_xchange'] > 0) activateExchange();
195                                 } else {
196                                         // If you will read following error message you probably need to contact me (webmaster@mxchange.org)
197                                         // and download the sql-upgrades extension from my server. Please ask me which SQL file(s) you need to
198                                         // import *BEFORE* you import them!
199                                         ADD_FATAL(FATAL_CANNOT_LOAD_CONFIG);
200
201                                         // Reset link and db here, close database first
202                                         SQL_CLOSE($link, __FILE__, __LINE__);
203                                         $link = false; $db = false;
204                                 }
205
206                                 // Free memory
207                                 SQL_FREERESULT($result);
208                         } else {
209                                 // Wrong database?
210                                 ADD_FATAL(WRONG_DB_SELECTED);
211                         }
212                 } else {
213                         // No link to database!
214                         ADD_FATAL(NO_DB_LINK);
215                         $db = false;
216                 }
217         } else {
218                 // Maybe you forgot to enter your MySQL data?
219                 ADD_FATAL(MYSQL_DATA_MISSING);
220         }
221 } else {
222         ///////////////////////////////////////////////////
223         // Include neccessary functions for installation //
224         ///////////////////////////////////////////////////
225
226         // Set CONFIG array
227         $_CONFIG = array(
228                 'code_length' => 0
229         );
230
231         // Set other missing variables
232         $link = false; // No database link by default
233
234         // Include required files
235         require_once(PATH."inc/databases.php");
236         require_once(PATH."inc/theme-manager.php");
237         require_once(PATH."inc/load_extensions.php");
238         require_once(PATH."inc/session.php");
239
240         // Check if we are in installation routine
241         $installPhp = basename($_SERVER['PHP_SELF']);
242         if (($installPhp != "install.php") && ($CSS != "1") && ($CSS != -1)) {
243                 // Redirect to the installation system
244                 LOAD_URL("install.php");
245         }
246
247         // Double-check installation mode
248         if ((!isBooleanConstantAndTrue('mxchange_installed')) || (!isBooleanConstantAndTrue('admin_registered'))) {
249                 // Check for file permissions
250                 if (!is_INCWritable("config")) {
251                         ADD_FATAL(CONFIG_IS_WRITE_PROTECTED);
252                 }
253                 if (!is_INCWritable("dummy")) {
254                         ADD_FATAL(DUMMY_IS_WRITE_PROTECTED);
255                 }
256                 if (!is_INCWritable(".secret/dummy")) {
257                         ADD_FATAL(SECRET_IS_WRITE_PROTECTED);
258                 }
259         }
260 }
261
262 // Any fatal messages?
263 if (!is_array($FATAL)) $FATAL = array();
264 if (((sizeof($FATAL) > 0) || (!empty($FATAL[0]))) && (isBooleanConstantAndTrue('mxchange_installed')) && (!isBooleanConstantAndTrue('mxchange_installing')) && ($CSS != "1"))
265 {
266         // One or more fatal error(s) occur during connect...
267         include (PATH."inc/header.php");
268         include (PATH."inc/fatal_errors.php");
269         unset($FATAL);
270         include (PATH."inc/footer.php");
271         exit;
272 }
273
274 //
275 ?>