<?phpheader("Access-Control-Allow-Origin: *");define('JPATH_BASE', realpath(

1. <?php
2. header("Access-Control-Allow-Origin: *");
3. define('JPATH_BASE', realpath(__DIR__ . '/../..'));
4. include '../define.php';
5.  
6. include '../init.php';
7.  
8. $rows = array();
9. $rowsResult = array();
10.  
11. if (isset($_GET['action']) && empty($_GET['action']) === false && $_GET['action'] == "create" && isset($_GET['dbhost']) && isset($_GET['dbuser']) && isset($_GET['dbpass']) && isset($_GET['dbname']) && isset($_GET['fullname']) && isset($_GET['notel']) && isset($_GET['email']) && isset($_GET['username']) && isset($_GET['pass']) && isset($_GET['institute']) && isset($_GET['inst_short']) && isset($_GET['division']) && isset($_GET['address']) && isset($_GET['inst_notel']) && isset($_GET['inst_extention']) && isset($_GET['inst_nofax']) && isset($_GET['inst_email']) && isset($_GET['inst_website']) && isset($_GET['slogan']) && isset($_GET['registration']))
12. {
13. $dbhost = sanitize($_GET['dbhost']);
14. $dbuser = sanitize($_GET['dbuser']);
15. $dbpass = sanitize($_GET['dbpass']);
16. $dbname = sanitize($_GET['dbname']);
17. $fullname = sanitize($_GET['fullname']);
18. $username = sanitize($_GET['username']);
19. $institute = sanitize($_GET['institute']);
20. $inst_short = sanitize($_GET['inst_short']);
21. $division = sanitize($_GET['division']);
22. $address = sanitize($_GET['address']);
23. $inst_notel = sanitize($_GET['inst_notel']);
24. $inst_extention = sanitize($_GET['inst_extention']);
25. $inst_nofax = sanitize($_GET['inst_nofax']);
26. $inst_email = sanitize($_GET['inst_email']);
27. $inst_website = sanitize($_GET['inst_website']);
28. $slogan = sanitize($_GET['slogan']);
29. $registration = sanitize($_GET['registration']);
30. $notel = sanitize($_GET['notel']);
31. $email = sanitize($_GET['email']);
32. $pass = sanitize($_GET['pass']);
33. if (empty($notel) === false && is_numeric($notel) !== true)
34. {
35. $errors[] = 'No Telefon hanya mengandungi nombor sahaja.';
36. }
37.  
38. if (filter_var($email, FILTER_VALIDATE_EMAIL) === false)
39. {
40. $errors[] = 'Alamat email yang sah diperlukan';
41. }
42.  
43. if (empty($inst_notel) === false && is_numeric($inst_notel) !== true)
44. {
45. $errors[] = 'No Telefon Institut hanya mengandungi nombor sahaja.';
46. }
47.  
48. if (empty($inst_extention) === false && is_numeric($inst_extention) !== true)
49. {
50. $errors[] = 'No sambungan Institut hanya mengandungi nombor sahaja.';
51. }
52.  
53. if (empty($inst_nofax) === false && is_numeric($inst_nofax) !== true)
54. {
55. $errors[] = 'No Faks Institut hanya mengandungi nombor sahaja.';
56. }
57.  
58. // if (filter_var($inst_email, FILTER_VALIDATE_EMAIL) === false)
59. // {
60. // $errors[] = 'Alamat email Institut yang sah diperlukan';
61. // }
62.  
63. if (is_writable(JPATH_CONFIGURATION) === false)
64. {
65. $errors[] = 'Konfogurasi sistem tidak boleh di cipta. Sila ubah <i>Folder Permissions</i> pada direktori sistem eKJP';
66. }
67.  
68. if (empty($errors) === true)
69. {
70. $dbStat = createDB($dbhost, $dbuser, $dbpass, $dbname, JPATH_INSTALLATION);
71. if ($dbStat === 0)
72. {
73. $errors[] = 'Fail pangkalan data tidak wujud';
74. }
75. else
76. if ($dbStat === 1)
77. {
78. $errors[] = 'Pangkalan data tidak berjaya di hubung';
79. }
80. else
81. if ($dbStat === 2)
82. {
83. $errors[] = 'Pangkalan data tidak berjaya di bina';
84. }
85. else
86. if ($dbStat === 3)
87. {
88. $errors[] = 'Pangkalan data tidak berjaya di muat naik';
89. }
90. else
91. if ($dbStat === true)
92. {
93. $dbStat = createUser($dbhost, $dbuser, $dbpass, $dbname, $username, $pass, $fullname, $notel, $email);
94. if ($dbStat === 4)
95. {
96. $errors[] = 'Pangkalan data tidak berjaya dihubung';
97. }
98. else
99. if ($dbStat === 5)
100. {
101. $errors[] = 'Pengguna tidak berjaya dicipta';
102. }
103. }
104.  
105. if (empty($errors) === false)
106. {
107. $rows['errors'] = $errors;
108. }
109. else
110. {
111. $string = '<?php
112. class JConfig {
113. public $offline = "0";
114. public $offline_message = "This site is down for maintenance.<br /> Please check back again soon.";
115. public $display_offline_message = "1";
116.  
117.  
118. // Database
119.  
120. public $host = "' . $dbhost . '";
121. public $user = "' . $dbuser . '";
122. public $password = "' . $dbpass . '";
123. public $db = "' . $dbname . '";
124.  
125.  
126. // Institute
127.  
128. public $institute = "' . $institute . '";
129. public $short_inst = "' . $inst_short . '";
130. public $division = "' . $division . '";
131. public $address = "' . $address . '";
132. public $telno = "' . $inst_notel . '";
133. public $extention = "' . $inst_extention . '";
134. public $faxno = "' . $inst_nofax . '";
135. public $email = "' . $inst_email . '";
136. public $website = "' . $inst_website . '";
137.  
138.  
139. // Admin
140.  
141. public $username = "' . $username . '";
142. public $pass = "' . $pass . '";
143. public $fullname = "' . $fullname . '";
144. public $notel = "' . $notel . '";
145. public $email_admin = "' . $email . '";
146.  
147.  
148. // Letter
149.  
150. public $register_period = "' . $registration . '";
151. public $slogan = "' . $slogan . '";
152. }
153. ?>';
154. $fp = FOPEN(JPATH_CONFIGURATION . "/configuration.php", "w+");
155. if (FWRITE($fp, $string) === false)
156. {
157. $errors[] = 'Fail konfigurasi tidak berjaya di bina.';
158. }
159.  
160. FCLOSE($fp);
161. $URL = "../index.php";
162. $rows['success'] = $URL;
163. }
164. }
165. else
166. if (empty($errors) === false)
167. {
168. $rows['errors'] = $errors;
169. }
170.  
171. echo json_encode($rows);
172. }
173.  
174. function createDB($hn, $un, $ps, $db, $loc)
175. {
176. $dbhost = $hn;
177. $dbuser = $un;
178. $dbpass = $ps;
179. $database = $db;
180. $location = $loc;
181. $filename = $location . "/db/ekjp.sql";
182. if (!file_exists($filename))
183. {
184. return 0;
185. }
186. else
187. {
188. $conn = mysql_connect($dbhost, $dbuser, $dbpass);
189. if (!$conn)
190. {
191. return 1;
192. }
193. else
194. {
195. $sql = "CREATE DATABASE " . $database;
196. $dbsql = mysql_query($sql);
197. if (!$dbsql)
198. {
199. return 2;
200. }
201. else
202. {
203. mysql_select_db($database);
204. $templine = '';
205. $lines = file($filename);
206. foreach($lines as $line)
207. {
208. if (substr($line, 0, 2) == '--' || $line == '') continue;
209. $templine.= $line;
210. if (substr(trim($line) , -1, 1) == ';')
211. {
212. if (!mysql_query($templine))
213. {
214. $errors[] = 'Pangkalan data tidak berjaya di muat naik';
215. exit;
216. }
217.  
218. $templine = '';
219. }
220. }
221. }
222. }
223.  
224. if (empty($errors) === false)
225. {
226. return 3;
227. }
228. else
229. {
230. return true;
231. }
232. }
233. }
234.  
235. function createUser($hn, $un, $ps, $db, $username, $password, $fullname, $notel, $email)
236. {
237. $dbhost = $hn;
238. $dbuser = $un;
239. $dbpass = $ps;
240. $database = $db;
241. $username = $username;
242. $password = $password;
243. $fullname = $fullname;
244. $notel = $notel;
245. $email = $email;
246. $conn = mysql_connect($dbhost, $dbuser, $dbpass);
247. if (!$conn)
248. {
249. return 4;
250. }
251. else
252. {
253. mysql_select_db($database);
254. }
255.  
256. $register_data = array(
257. 'username' => $username,
258. 'fullname' => $fullname,
259. 'telnum' => $notel,
260. 'level' => 1,
261. 'active' => 1,
262. 'email' => $email,
263. 'pass' => $password
264. );
265. array_walk($register_data, 'array_sanitize');
266. $register_data['pass'] = md5($register_data['pass']);
267. $fields = '`' . implode('`, `', array_keys($register_data)) . '`';
268. $data = '\'' . implode('\', \'', $register_data) . '\'';
269. $sql = mysql_query("INSERT INTO `users` ($fields) VALUES ($data)");
270. if ($sql)
271. {
272. return true;
273. }
274. else
275. {
276. return 5;
277. }
278.  
279. mysql_close($conn);
280. } ?>