Newer
Older
KmSchedule / setup.php
<!DOCTYPE html>
<?php
// get paths
// check file permissions
// create private folder structure
// make password files
// replace variables in config-template.php
// write config.php
// delete this file

require 'functions/adminFunctions.php';
require 'functions/functions.php';
// Get the current directory
$publicFolder = $_SERVER['DOCUMENT_ROOT'].'/';
$host = $_SERVER['HTTP_HOST'].'/';
// get Form variables
if(isset($_POST['save'])){$save = $_POST['save'];}else{$save = "";}
if(isset($_POST['newViewPass'])){$newViewPass = $_POST['newViewPass'];}else{$newViewPass = "";}
if(isset($_POST['newViewPassConfirm'])){$newViewPassConfirm = $_POST['newViewPassConfirm'];}else{$newViewPassConfirm = "";}
if(isset($_POST['newAdminPass'])){$newAdminPass = $_POST['newAdminPass'];}else{$newAdminPass = "";}
if(isset($_POST['newAdminPassConfirm'])){$newAdminPassConfirm = $_POST['newAdminPassConfirm'];}else{$newAdminPassConfirm = "";}
if(isset($_POST['publicFolder'])){$publicFolder = $_POST['publicFolder'];}else{$publicFolder = $publicFolder;}
if(isset($_POST['siteURL'])){$siteURL = $_POST['siteURL'];}else{$siteURL = "";}
if(isset($_POST['siteName'])){$siteName = $_POST['siteName'];}else{$siteName = "";}
if(isset($_POST['copyExampleData'])){$copyExampleData = $_POST['copyExampleData'];}else{$copyExampleData = "false";}
if(isset($_POST['privateFolder'])){
  $privateFolder = $_POST['privateFolder'];
  // Check if there's a trailing slashon privateFolder "/"
  if (substr($privateFolder, -1)!=="/"){$privateFolder = $privateFolder."/";}
}else{$privateFolder = "private/kmSchedule/";}

?>
<html lang="en" dir="ltr">
  <head>
    <meta charset="utf-8">
    <title>KmSchedule Setup</title>
  </head>
  <body>
    <style media="screen">
      table {
        width: 800px;
      }
      td{
        padding: 8px;
      }
      .errors{
        background: #ff3333;
        color: yellow;
      }
    </style>
    <h1>KmSchedule Setup</h1>

    <form class="" action="<?=$_SERVER['PHP_SELF']?>" method="post">
        <table border="0" align="" class="adminTable"  >
          <tr>
            <td colspan="3"> <h3>Site Info</h3> </td>
          </tr>
          <tr>
            <td> <b>Business Name</b> </td>
            <td colspan="2"><input type="text" required="required" name="siteName" value="<?=$siteName?>" placeholder="Your Business Name" > </td>
          </tr>
        <tr>
          <td colspan="3"> <b>Passwords</b> - Must be at least <b>6</b> characters in length</td>
        </tr>
        <tr>
          <td>View access password</td>
          <td>New Pass <input type="password" required="required" pattern=".{6,}" name="newViewPass" value="123456"> </td>
          <td>Confirm <input type="password" required="required" pattern=".{6,}" name="newViewPassConfirm" value="123456"> </td>
        </tr>

        <tr>
          <td>Admin password</td>
          <td>New Pass <input type="password" required="required" pattern=".{6,}" name="newAdminPass" value="654321"> </td>
          <td>Confirm <input type="password" required="required" pattern=".{6,}" name="newAdminPassConfirm" value="654321"> </td>
        </tr>
      </table>
      <br>
      <table border="0" align="" class="adminTable">
        <tr>
          <td colspan="2"> <h3>Locations</h3><b>Note:</b> The current server path is <b><?php echo $_SERVER['DOCUMENT_ROOT'] ?></b> </td>
        </tr>
        <tr>
          <td>Public Folder</td>
          <td>
            <input type="text" required="required" name="publicFolder" value="<?=$_SERVER['DOCUMENT_ROOT']?>">
            Recommended: Leave default value
          </td>
        </tr>
        <tr>
          <td>Private folder</td>
          <td>
            <input type="text" required="required" name="privateFolder" value="<?=$privateFolder?>">
            Recommended: Place outside of the www root
          </td>
        </tr>
        <tr>
          <td colspan="2"> <input type="checkbox" name="copyExampleData" value="true" checked>Include example schedules </td>
        </tr>
        <tr>
          <td colspan="2"> <input style="float: right;" type = "submit"  name="save" value="Save"/> </td>
        </tr>
      </table>
    </form>

    <div class="errors">

<?php
  $error = "";
  // Check for password matches
  if (checkPasswords($newViewPass, $newViewPassConfirm) == false) {
    $error = $error."The View Passwords do not match. Please enter them again <br>";
  }
  if (checkPasswords($newAdminPass, $newAdminPassConfirm) == false) {
    $error = $error."The Admin Passwords do not match. Please enter them again <br>";
  }
  if (!file_exists($publicFolder)) {
    // check if folder exists;
    $error = $error."The Public folder path is invalid, please check it.<br>";
  }elseif (!is_writable($publicFolder)) {
    //Folder exists, check if it's writeable
    $error = $error."The public folder is not writable. Please change permissions";
  }
  if(!file_exists($privateFolder)){
    // check if folder exists;
    $error = $error."The Private folder path is invalid, please check it.<br>";
  }elseif (!is_writable($privateFolder)) {
    //Folder exists, check if it's writeable
    $error = $error."The private folder is not writable. Please change permissions";
  }else {
    //Check if privateFolder is outside of www root and warn
    // TODO: Figure this out
    //$url = "URL"; //your url goes in this place instead of nabtron.com
    //if (@fopen($url,"r")) {
    //echo "<b>".$url."</b> is accessible<br />";
  }
  if ($error=="" && $save=="Save") {
    //Everything is good
    echo "All Good<br>";
    // write password files
    $options = ['cost' => 12];

    $bytes = openssl_random_pseudo_bytes(1);
    $newViewPass = password_hash($newViewPass, PASSWORD_BCRYPT, $options);
    if (file_put_contents($privateFolder.'viewPass.txt', $newViewPass)===false) {
      $error = $error."There was a problem saving the View Access Password.<br>";
    }
    $bytes = openssl_random_pseudo_bytes(1);
    $newAdminPass = password_hash($newAdminPass, PASSWORD_BCRYPT, $options);
    if (file_put_contents($privateFolder.'adminPass.txt', $newAdminPass)===false) {
      $error = $error."There was a problem saving the Admin Password.<br>";
    }
    // Create config.php
    $config = file_get_contents('./config-template.txt');
    $config = str_replace('#publicRoot', $publicFolder, $config);
    $config = str_replace('#privateRoot', $privateFolder, $config);
    $config = str_replace('#siteURL', $host, $config);
    //$config = str_replace('#siteName', $host, $config);
    $config = str_replace('#siteName', $siteName, $config);
    //$config = str_replace('#scheduleTitle', $host, $scheduleTitle);
    file_put_contents('config.php', $config);

    // if checked, copy example schedules into schedules folder
        if ($copyExampleData=='true') {
          copyr($publicFolder.'private/kmSchedule/sampleSchedules', $privateFolder.'schedules');
        }else {
          // create schedules folder if it doesn't exist
          createPath($privateFolder.'schedules');
        }
        // Remove this file
        unlink('setup.php');
        redirect($_SERVER['PHP_SELF']);
    echo $error;
  }else {
    echo $error;
  }
?>
</div>
  </body>
</html>