Security line in all includes changed
[mailer.git] / inc / install-inc.php
index 5e0a39a..55eb350 100644 (file)
  ************************************************************************/
 
 // Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
-{
+if (!defined('__SECURITY')) {
        $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
        require($INC);
 }
 
 //
 function install_WriteData ($file, $comment, $prefix, $suffix, $DATA, $sneak=0) {
-       $done = false;  $sneak++;
-       if (file_exists($file)) {
+       // Initialize all and count up the "seak" value
+       $done = false;
+       $next = -1;
+       $sneak++;
+
+       if (FILE_READABLE($file)) {
                $search = "CFG: ".$comment;
                $tmp = $file.".tmp";
                $fp = @fopen($file, 'r') or OUTPUT_HTML("<STRONG>READ:</STRONG> ".$file."<br />");
@@ -54,18 +57,26 @@ function install_WriteData ($file, $comment, $prefix, $suffix, $DATA, $sneak=0)
                        if (is_resource($fp_tmp)) {
                                while (!feof($fp)) {
                                        $line = fgets ($fp, 10240);
-                                       if (strpos($line, $search) > -1) $next = 0;
+                                       //* DEBUG: */ echo $search."/<font color=\"red\">".htmlentities($line)."</font><br />\n";
+                                       $found = strpos($line, $search);
+                                       //* DEBUG: */ echo "FOUND: <font color=\"brown\">";
+                                       //* DEBUG: */ var_dump($found);
+                                       //* DEBUG: */ echo "</font><br />\n";
+                                       if ($found !== false) $next = 0;
                                        if ($next > -1) {
                                                if ($next == $sneak) {
                                                        $next = -1;
                                                        $line = $prefix.$DATA.$suffix."\n";
+                                                       //* DEBUG: */ echo "NEW: <font color=\"blue\">".htmlentities($line)."</font><br />\n";
                                                } else {
                                                        $next++;
                                                }
                                        }
+                                       //* DEBUG: */ echo "WRITE: <font color=\"green\">".htmlentities($line)."</font><br />\n";
                                        fputs($fp_tmp, $line);
                                }
                                fclose($fp_tmp);
+
                                // Finished writing tmp file
                                $done = true;
                        }
@@ -125,7 +136,7 @@ if ((isset($_GET['page']) && ($_GET['page'] == 5))) {
 }
 
 // Is MXChange installed or no admin registered so far?
-if ((!mxchange_installed) || (!admin_registered))
+if ((!isBooleanConstantAndTrue('mxchange_installed')) || (!isBooleanConstantAndTrue('admin_registered')))
 {
        // Set URL for FORM actions
        define('__BURL_ACTION', $burl);
@@ -155,7 +166,7 @@ if ((!mxchange_installed) || (!admin_registered))
                if (empty($mysql['prefix'])) $mysql['prefix'] = "mxchange_";
                if ((sizeof($FATAL) > 0) || (!empty($FATAL[0]))) {
                        OUTPUT_HTML("<SPAN class=\"install_fatal\">");
-                       foreach ($FATAL as $key=>$err) {
+                       foreach ($FATAL as $key => $err) {
                                OUTPUT_HTML("  <STRONG>&middot;</STRONG>&nbsp;".FATAL_NO.($key + 1).":&nbsp;".$err."<br />");
                        }
                        OUTPUT_HTML("</SPAN><br />");
@@ -261,10 +272,10 @@ if ((!mxchange_installed) || (!admin_registered))
   <TD>
     <SELECT name=\"warn_no_pass\" size=\"1\" class=\"install_select\">
       <OPTION value=\"true\"");
-               if (warn_no_pass) OUTPUT_HTML(" selected=\"selected\"");
+               if (isBooleanConstantAndTrue('warn_no_pass')) OUTPUT_HTML(" selected=\"selected\"");
                OUTPUT_HTML(">".YES."</OPTION>
       <OPTION value=\"false\"");
-               if (!warn_no_pass) OUTPUT_HTML(" selected=\"selected\"");
+               if (!isBooleanConstantAndTrue('warn_no_pass')) OUTPUT_HTML(" selected=\"selected\"");
                OUTPUT_HTML(">".NO."</OPTION>
     </SELECT>
   </TD>
@@ -275,10 +286,10 @@ if ((!mxchange_installed) || (!admin_registered))
   <TD>
     <SELECT name=\"wfooter\" size=\"1\" class=\"install_select\">
       <OPTION value=\"true\"");
-               if (WRITE_FOOTER) OUTPUT_HTML(" selected=\"selected\"");
+               if (isBooleanConstantAndTrue('WRITE_FOOTER')) OUTPUT_HTML(" selected=\"selected\"");
                OUTPUT_HTML(">".YES."</OPTION>
       <OPTION value=\"false\"");
-               if (!WRITE_FOOTER) OUTPUT_HTML(" selected=\"selected\"");
+               if (!isBooleanConstantAndTrue('WRITE_FOOTER')) OUTPUT_HTML(" selected=\"selected\"");
                OUTPUT_HTML(">".NO."</OPTION>
     </SELECT>
   </TD>
@@ -300,7 +311,7 @@ if ((!mxchange_installed) || (!admin_registered))
 <TR><TD colspan=\"2\" height=\"21\" class=\"seperator\">&nbsp;</TD></TR>
 <TR>
   <TD colspan=\"2\" align=\"center\">");
-               foreach ($mysql as $key=>$value) {
+               foreach ($mysql as $key => $value) {
                        OUTPUT_HTML("    <INPUT type=\"hidden\" name=\"mysql[".$key."]\" value=\"".$value."\">");
                }
                OUTPUT_HTML("    <INPUT type=\"hidden\" name=\"spath\" value=\"".__SPATH_VALUE."\">
@@ -320,7 +331,7 @@ if ((!mxchange_installed) || (!admin_registered))
                break;
 
        case "finalize": // Write captured data to files
-               if ((!empty($_POST['finalize'])) && (!mxchange_installed)) {
+               if ((!empty($_POST['finalize'])) && (!isBooleanConstantAndTrue('mxchange_installed'))) {
                        // You have submitted data then we have to reset the fatal messages
                        $FATAL = array(); $SQLs = array();
 
@@ -331,12 +342,12 @@ if ((!mxchange_installed) || (!admin_registered))
                                $db = SQL_SELECT_DB($mysql['dbase'], $link, __FILE__, __LINE__);
                                if ($db) {
                                        // Automatically run install.sql
-                                       if ((file_exists($_POST['spath']."install/tables.sql")) && (file_exists($_POST['spath']."install/menu-".GET_LANGUAGE().".sql"))) {
+                                       if ((FILE_READABLE($_POST['spath']."install/tables.sql")) && (FILE_READABLE($_POST['spath']."install/menu-".GET_LANGUAGE().".sql"))) {
                                                // Both exists so import them
                                                foreach (array("tables.sql", "menu-".GET_LANGUAGE().".sql") as $dump) {
                                                        // Should be save here because file_exists() is there but we check it again. :)
                                                        $file = secureString($_POST['spath']) . "install/" . $dump;
-                                                       if ((file_exists($file)) && (is_readable($file))) {
+                                                       if (FILE_READABLE($file)) {
                                                                // Load the file
                                                                $sql = implode("", file($file));
 
@@ -369,24 +380,24 @@ if ((!mxchange_installed) || (!admin_registered))
                                                }
 
                                                // Ok, all done. So we can write the config data to the php files
-                                               if ($_POST['spath'] != PATH) install_WriteData($_POST['spath']."inc/config.php", "SERVER-PATH", "define ('PATH', \"", "\");", $_POST['spath'], 0);
-                                               if ($_POST['burl']  != URL)  install_WriteData($_POST['spath']."inc/config.php", "HOST-URL", "define ('URL', \"", "\");", $_POST['burl'], 0);
-                                               install_WriteData($_POST['spath']."inc/config.php", "MAIN_TITLE", "define ('MAIN_TITLE', \"", "\");", $_POST['title'], 0);
-                                               install_WriteData($_POST['spath']."inc/config.php", "SLOGAN", "define ('SLOGAN', \"", "\");", $_POST['slogan'], 0);
-                                               install_WriteData($_POST['spath']."inc/config.php", "WEBMASTER", "define ('WEBMASTER', \"", "\");", $_POST['email'], 0);
-                                               install_WriteData($_POST['spath']."inc/config.php", "NULLPASS-WARNING", "define ('warn_no_pass', ", ");", $_POST['warn_no_pass'], 0);
-                                               install_WriteData($_POST['spath']."inc/config.php", "WRITE-FOOTER", "define ('WRITE_FOOTER', ", ");", $_POST['wfooter'], 0);
-                                               install_WriteData($_POST['spath']."inc/config.php", "BACKLINK", "define ('ENABLE_BACKLINK', ", ");", $_POST['blink'], 0);
-                                               // install_WriteData($_POST['spath']."inc/config.php", "OUTPUT-MODE", "define ('OUTPUT_MODE', \"", "\");", $_POST['omode'], 0);
+                                               if ($_POST['spath'] != PATH) install_WriteData($_POST['spath']."inc/config.php", "SERVER-PATH", "define('PATH', \"", "\");", $_POST['spath'], 0);
+                                               if ($_POST['burl']  != URL)  install_WriteData($_POST['spath']."inc/config.php", "HOST-URL", "define('URL', \"", "\");", $_POST['burl'], 0);
+                                               install_WriteData($_POST['spath']."inc/config.php", "MAIN_TITLE", "define('MAIN_TITLE', \"", "\");", $_POST['title'], 0);
+                                               install_WriteData($_POST['spath']."inc/config.php", "SLOGAN", "define('SLOGAN', \"", "\");", $_POST['slogan'], 0);
+                                               install_WriteData($_POST['spath']."inc/config.php", "WEBMASTER", "define('WEBMASTER', \"", "\");", $_POST['email'], 0);
+                                               install_WriteData($_POST['spath']."inc/config.php", "NULLPASS-WARNING", "define('warn_no_pass', ", ");", $_POST['warn_no_pass'], 0);
+                                               install_WriteData($_POST['spath']."inc/config.php", "WRITE-FOOTER", "define('WRITE_FOOTER', ", ");", $_POST['wfooter'], 0);
+                                               install_WriteData($_POST['spath']."inc/config.php", "BACKLINK", "define('ENABLE_BACKLINK', ", ");", $_POST['blink'], 0);
+                                               // install_WriteData($_POST['spath']."inc/config.php", "OUTPUT-MODE", "define('OUTPUT_MODE', \"", "\");", $_POST['omode'], 0);
                                                install_WriteData($_POST['spath']."inc/config.php", "MYSQL-HOST", "     'host'     => \"", "\",", $mysql['host'], 0);
                                                install_WriteData($_POST['spath']."inc/config.php", "MYSQL-DBASE", "    'dbase'    => \"", "\",", $mysql['dbase'], 0);
                                                install_WriteData($_POST['spath']."inc/config.php", "MYSQL-LOGIN", "    'login'    => \"", "\",", $mysql['login'], 0);
                                                install_WriteData($_POST['spath']."inc/config.php", "MYSQL-PASSWORD", " 'password' => \"", "\",", $mysql['pass1'], 0);
-                                               install_WriteData($_POST['spath']."inc/config.php", "MYSQL-PREFIX", "define ('_MYSQL_PREFIX', \"", "\");", $mysql['prefix'], 0);
-                                               install_WriteData($_POST['spath']."inc/config.php", "SMTP-HOSTNAME", "define ('SMTP_HOSTNAME', \"", "\");", $_POST['smtp_host'], 0);
-                                               install_WriteData($_POST['spath']."inc/config.php", "SMTP-USER", "define ('SMTP_USER', \"", "\");", $_POST['smtp_user'], 0);
-                                               install_WriteData($_POST['spath']."inc/config.php", "SMTP-PASSWORD", "define ('SMTP_PASSWORD', \"", "\");", $_POST['smtp_pass'], 0);
-                                               install_WriteData($_POST['spath']."inc/config.php", "INSTALLED", "define ('mxchange_installed', ", ");", "true", 0);
+                                               install_WriteData($_POST['spath']."inc/config.php", "MYSQL-PREFIX", "define('_MYSQL_PREFIX', \"", "\");", $mysql['prefix'], 0);
+                                               install_WriteData($_POST['spath']."inc/config.php", "SMTP-HOSTNAME", "define('SMTP_HOSTNAME', \"", "\");", $_POST['smtp_host'], 0);
+                                               install_WriteData($_POST['spath']."inc/config.php", "SMTP-USER", "define('SMTP_USER', \"", "\");", $_POST['smtp_user'], 0);
+                                               install_WriteData($_POST['spath']."inc/config.php", "SMTP-PASSWORD", "define('SMTP_PASSWORD', \"", "\");", $_POST['smtp_pass'], 0);
+                                               install_WriteData($_POST['spath']."inc/config.php", "INSTALLED", "define('mxchange_installed', ", ");", "true", 0);
 
                                                // Close the link
                                                SQL_CLOSE($link, __FILE__, __LINE__);
@@ -398,7 +409,7 @@ if ((!mxchange_installed) || (!admin_registered))
                                        }
                                }
                        }
-                       if ((sizeof($FATAL) > 0) || ($FATAL[0] != ""))
+                       if ((sizeof($FATAL) > 0) || ($FATAL[0] != ''))
                        {
                                $OUT = "";
                                foreach ($FATAL as $value)
@@ -407,7 +418,7 @@ if ((!mxchange_installed) || (!admin_registered))
                                }
                                define('__FATAL_ERROR_LI', $OUT);
                                $OUT = "";
-                               foreach ($mysql as $key=>$value)
+                               foreach ($mysql as $key => $value)
                                {
                                        $OUT .= "    <INPUT type=\"hidden\" name=\"mysql[".$key."]\" value=\"".$value."\">\n";
                                }
@@ -454,7 +465,7 @@ if ((!mxchange_installed) || (!admin_registered))
                                LOAD_URL($URL);
                        }
                }
-                elseif (mxchange_installed)
+                elseif (isBooleanConstantAndTrue('mxchange_installed'))
                {
                        // Redirection after writing data... :-)
                        LOAD_TEMPLATE("install_finished");