SHARE
TWEET

Untitled

a guest Oct 23rd, 2017 68 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2. require_once '/usr/local/lib/php/Smarty/Smarty.class.php';
  3. require_once 'generic.php';
  4. $body='';
  5. $status='';
  6. $user_id='';
  7.  
  8.  
  9. session_start();
  10.  
  11. $_SESSION['lastpage']= $_SERVER['PHP_SELF'];
  12. if (    !empty($_POST['dbname']) &&
  13.         !empty($_POST['user']) &&
  14.         !empty($_POST['pass']) &&
  15.         !empty($_POST['hostname']) &&
  16.         !empty($_POST['port']) &&
  17.         !empty($_POST['rpass']) &&
  18.         !empty($_POST['check']) &&
  19.         !empty($_POST['submit']))
  20.    
  21. {
  22.     $status="<p>SETUP FAILED!</p>";
  23.  
  24.     $hostname = sanitizeString($_POST['hostname']);
  25.     $port = sanitizeString($_POST['port']);
  26.     $r_pass = sanitizeString($_POST['rpass']);
  27.    
  28.     $db_server = mysql_connect($hostname .":".$port, 'root', $r_pass);
  29.     if (!$db_server) die("Unable to connect to MySQL: " . mysql_error());
  30.    
  31.     $hostname = sanitizeMySQL($hostname);
  32.     $port = sanitizeMySQL($port);    
  33.     $db_name = sanitizeMySQL($_POST['dbname']);
  34.     $db_user = sanitizeMySQL($_POST['user']);
  35.     $db_pass = sanitizeMySQL($_POST['pass']);
  36.     $db_pass = hash('sha512', DB_SALT1.$db_pass.DB_SALT2);
  37.     $a_pass = sanitizeMySQL($_POST['a_pass']);
  38.     $a_pass = hash('sha512', DB_SALT1.$a_pass.DB_SALT2);
  39.    
  40.     $safe_file_text= <<< _END
  41. <?php // login.php
  42. \$db_hostname = '$hostname:$port';
  43. \$db_database = '$db_name';
  44. \$db_username = '$db_user';
  45. \$db_password = '$db_pass';
  46. ?>
  47.  
  48. _END;
  49.  
  50.     $query = 'DROP DATABASE IF EXISTS '.$db_name;
  51.     mysql_query($query, $db_server) or
  52.             die ('Error deleting database: ' . mysql_error() . "\n");
  53.    
  54.     $query = 'CREATE DATABASE IF NOT EXISTS '.$db_name;
  55.     mysql_query($query, $db_server) or
  56.             die ('Error creating database: ' . mysql_error() . "\n");
  57.  
  58.     $query = 'GRANT USAGE ON *.* TO  \''.$db_user.'\'@\'%\'';
  59.     mysql_query($query, $db_server) or
  60.             die ('Error creating temp user: ' . mysql_error() . "\n");
  61.    
  62.     $query = 'DROP USER \''.$db_user.'\'@\'%\'';
  63.     mysql_query($query, $db_server) or
  64.             die ('Error deleting user: ' . mysql_error() . "\n");
  65.    
  66.     $query = 'CREATE USER \''.$db_user.'\'@\'%\' IDENTIFIED BY \''.$db_pass.'\'';
  67.     mysql_query($query, $db_server) or
  68.             die ('Error creating user: ' . mysql_error() . "\n");
  69.    
  70.     $query = 'GRANT ALL PRIVILEGES ON '.$db_name.'.* TO \''.$db_user.'\'@\'%\'';
  71.     mysql_query($query, $db_server) or
  72.             die ('Error granting privileges: ' . mysql_error() . "\n");
  73.    
  74.     mysql_select_db($db_name) or
  75.             die('Could not connect to the database: '. mysql_error() . "\n");
  76.    
  77.     $query = 'CREATE  TABLE IF NOT EXISTS Users (
  78.         id INT UNSIGNED NOT NULL AUTO_INCREMENT ,
  79.         password CHAR(128) NOT NULL ,
  80.         PRIMARY KEY (id) )
  81.         ENGINE = MyISAM';
  82.     mysql_query($query, $db_server) or
  83.             die ('Error creating initial table: ' . mysql_error() . "\n");
  84.    
  85.     $query= "INSERT INTO Users VALUES (NULL, '". $a_pass ."')";
  86.     mysql_query($query, $db_server) or
  87.             die ('Error creating admin: ' . mysql_error() . "\n");
  88.     $user_id=mysql_insert_id();
  89.     mysql_close($db_server);
  90.    
  91.     $file=fopen(SAFE_FOLDER . 'login.php',"w") or
  92.         die("File does not exist or you lack permission to open it");
  93.     fwrite($file, $safe_file_text) or
  94.             die("Could not write to file");
  95.     fclose($file);
  96.  
  97.     copy('setup.php', SAFE_FOLDER.'savedsetup.php') or
  98.             die('Could note move setup.php. Remove the file manually.\n');
  99.     unlink('setup.php');
  100.        
  101.     $status="<p>Setup completed successfuly!</p>\n<p>Admin user id is $user_id";
  102.     echo '<META HTTP-EQUIV="Refresh" Content="1; URL=index.php">';
  103.     $body= $status;
  104.    
  105. }
  106.  
  107. $smarty = new Smarty;
  108. $smarty->assign('title','SchoolAdmin');
  109. $smarty->assign('body',$body);
  110. $smarty->display('setup.tpl');
  111. ?>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top