Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- require_once '/usr/local/lib/php/Smarty/Smarty.class.php';
- require_once 'generic.php';
- $body='';
- $status='';
- $user_id='';
- session_start();
- $_SESSION['lastpage']= $_SERVER['PHP_SELF'];
- if ( !empty($_POST['dbname']) &&
- !empty($_POST['user']) &&
- !empty($_POST['pass']) &&
- !empty($_POST['hostname']) &&
- !empty($_POST['port']) &&
- !empty($_POST['rpass']) &&
- !empty($_POST['check']) &&
- !empty($_POST['submit']))
- {
- $status="<p>SETUP FAILED!</p>";
- $hostname = sanitizeString($_POST['hostname']);
- $port = sanitizeString($_POST['port']);
- $r_pass = sanitizeString($_POST['rpass']);
- $db_server = mysql_connect($hostname .":".$port, 'root', $r_pass);
- if (!$db_server) die("Unable to connect to MySQL: " . mysql_error());
- $hostname = sanitizeMySQL($hostname);
- $port = sanitizeMySQL($port);
- $db_name = sanitizeMySQL($_POST['dbname']);
- $db_user = sanitizeMySQL($_POST['user']);
- $db_pass = sanitizeMySQL($_POST['pass']);
- $db_pass = hash('sha512', DB_SALT1.$db_pass.DB_SALT2);
- $a_pass = sanitizeMySQL($_POST['a_pass']);
- $a_pass = hash('sha512', DB_SALT1.$a_pass.DB_SALT2);
- $safe_file_text= <<< _END
- <?php // login.php
- \$db_hostname = '$hostname:$port';
- \$db_database = '$db_name';
- \$db_username = '$db_user';
- \$db_password = '$db_pass';
- ?>
- _END;
- $query = 'DROP DATABASE IF EXISTS '.$db_name;
- mysql_query($query, $db_server) or
- die ('Error deleting database: ' . mysql_error() . "\n");
- $query = 'CREATE DATABASE IF NOT EXISTS '.$db_name;
- mysql_query($query, $db_server) or
- die ('Error creating database: ' . mysql_error() . "\n");
- $query = 'GRANT USAGE ON *.* TO \''.$db_user.'\'@\'%\'';
- mysql_query($query, $db_server) or
- die ('Error creating temp user: ' . mysql_error() . "\n");
- $query = 'DROP USER \''.$db_user.'\'@\'%\'';
- mysql_query($query, $db_server) or
- die ('Error deleting user: ' . mysql_error() . "\n");
- $query = 'CREATE USER \''.$db_user.'\'@\'%\' IDENTIFIED BY \''.$db_pass.'\'';
- mysql_query($query, $db_server) or
- die ('Error creating user: ' . mysql_error() . "\n");
- $query = 'GRANT ALL PRIVILEGES ON '.$db_name.'.* TO \''.$db_user.'\'@\'%\'';
- mysql_query($query, $db_server) or
- die ('Error granting privileges: ' . mysql_error() . "\n");
- mysql_select_db($db_name) or
- die('Could not connect to the database: '. mysql_error() . "\n");
- $query = 'CREATE TABLE IF NOT EXISTS Users (
- id INT UNSIGNED NOT NULL AUTO_INCREMENT ,
- password CHAR(128) NOT NULL ,
- PRIMARY KEY (id) )
- ENGINE = MyISAM';
- mysql_query($query, $db_server) or
- die ('Error creating initial table: ' . mysql_error() . "\n");
- $query= "INSERT INTO Users VALUES (NULL, '". $a_pass ."')";
- mysql_query($query, $db_server) or
- die ('Error creating admin: ' . mysql_error() . "\n");
- $user_id=mysql_insert_id();
- mysql_close($db_server);
- $file=fopen(SAFE_FOLDER . 'login.php',"w") or
- die("File does not exist or you lack permission to open it");
- fwrite($file, $safe_file_text) or
- die("Could not write to file");
- fclose($file);
- copy('setup.php', SAFE_FOLDER.'savedsetup.php') or
- die('Could note move setup.php. Remove the file manually.\n');
- unlink('setup.php');
- $status="<p>Setup completed successfuly!</p>\n<p>Admin user id is $user_id";
- echo '<META HTTP-EQUIV="Refresh" Content="1; URL=index.php">';
- $body= $status;
- }
- $smarty = new Smarty;
- $smarty->assign('title','SchoolAdmin');
- $smarty->assign('body',$body);
- $smarty->display('setup.tpl');
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement