2 /************************************************************************/
4 /************************************************************************/
5 /* Copyright (c) 2010 */
6 /* Inclusive Design Institute */
8 /* This program is free software. You can redistribute it and/or */
9 /* modify it under the terms of the GNU General Public License */
10 /* as published by the Free Software Foundation. */
11 /************************************************************************/
13 if (!defined('TR_INCLUDE_PATH')) { exit; }
15 if(isset($_POST['submit']) && ($_POST['action'] == 'process')) {
18 $_POST['admin_username'] = trim($_POST['admin_username']);
19 $_POST['admin_email'] = trim($_POST['admin_email']);
20 $_POST['site_name'] = trim($_POST['site_name']);
21 $_POST['email'] = trim($_POST['email']);
22 $_POST['account_username'] = trim($_POST['account_username']);
23 $_POST['account_email'] = trim($_POST['account_email']);
24 $_POST['account_fname'] = trim($_POST['account_fname']);
25 $_POST['account_lname'] = trim($_POST['account_lname']);
26 $_POST['account_organization'] = trim($_POST['account_organization']);
27 $_POST['account_phone'] = trim($_POST['account_phone']);
28 $_POST['account_address'] = trim($_POST['account_address']);
29 $_POST['account_city'] = trim($_POST['account_city']);
30 $_POST['account_province'] = trim($_POST['account_province']);
31 $_POST['account_country'] = trim($_POST['account_country']);
32 $_POST['account_postal_code'] = trim($_POST['account_postal_code']);
34 /* Super Administrator Account checking: */
35 if ($_POST['admin_username'] == ''){
36 $errors[] = 'Administrator username cannot be empty.';
38 /* check for special characters */
39 if (!(preg_match("/^[a-zA-Z0-9_]([a-zA-Z0-9_])*$/", $_POST['admin_username']))){
40 $errors[] = 'Administrator username is not valid.';
43 if ($_POST['form_admin_password_hidden'] == '') {
44 $errors[] = 'Administrator password cannot be empty.';
46 if ($_POST['admin_email'] == '') {
47 $errors[] = 'Administrator email cannot be empty.';
48 } else if (!preg_match("/^[a-z0-9\._-]+@+[a-z0-9\._-]+\.+[a-z]{2,6}$/", $_POST['admin_email'])) {
49 $errors[] = 'Administrator email is not valid.';
52 /* System Preferences checking: */
53 if ($_POST['site_name'] == '') {
54 $errors[] = 'Site name cannot be empty.';
56 if ($_POST['email'] == '') {
57 $errors[] = 'Contact email cannot be empty.';
58 } else if (!preg_match("/^[a-z0-9\._-]+@+[a-z0-9\._-]+\.+[a-z]{2,6}$/", $_POST['email'])) {
59 $errors[] = 'Contact email is not valid.';
62 /* Personal Account checking: */
63 if ($_POST['account_username'] == ''){
64 $errors[] = 'Personal Account Username cannot be empty.';
66 /* check for special characters */
67 if (!(preg_match("/^[a-zA-Z0-9_]([a-zA-Z0-9_])*$/i", $_POST['account_username']))){
68 $errors[] = 'Personal Account Username is not valid.';
70 if ($_POST['account_username'] == $_POST['admin_username']) {
71 $errors[] = 'That Personal Account Username is already being used for the Administrator account, choose another.';
75 if ($_POST['form_account_password_hidden'] == '') {
76 $errors[] = 'Personal Account Password cannot be empty.';
78 if ($_POST['account_email'] == '') {
79 $errors[] = 'Personal Account email cannot be empty.';
80 } else if (!preg_match("/^[a-z0-9\._-]+@+[a-z0-9\._-]+\.+[a-z]{2,6}$/i", $_POST['account_email'])) {
81 $errors[] = 'Invalid Personal Account email is not valid.';
83 if ($_POST['account_fname'] == '') {
84 $errors[] = 'Personal Account First Name cannot be empty.';
86 if ($_POST['account_lname'] == '') {
87 $errors[] = 'Personal Account Last Name cannot be empty.';
89 if ($_POST['account_organization'] == '') {
90 $errors[] = 'Personal Account Organization cannot be empty.';
92 if ($_POST['account_phone'] == '') {
93 $errors[] = 'Personal Account Phone cannot be empty.';
95 if ($_POST['account_address'] == '') {
96 $errors[] = 'Personal Account Address cannot be empty.';
98 if ($_POST['account_city'] == '') {
99 $errors[] = 'Personal Account City cannot be empty.';
101 if ($_POST['account_province'] == '') {
102 $errors[] = 'Personal Account Province cannot be empty.';
104 if ($_POST['account_country'] == '') {
105 $errors[] = 'Personal Account Country cannot be empty.';
107 if ($_POST['account_postal_code'] == '') {
108 $errors[] = 'Personal Account Postal Code cannot be empty.';
111 if (!isset($errors)) {
112 $db = @mysql_connect($_POST['step2']['db_host'] . ':' . $_POST['step2']['db_port'], $_POST['step2']['db_login'], urldecode($_POST['step2']['db_password']));
113 @mysql_select_db($_POST['step2']['db_name'], $db);
116 $sql = "INSERT INTO ".$_POST['step2']['tb_prefix']."users
117 (login, password, user_group_id, email, web_service_id, create_date)
118 VALUES ('".$addslashes($_POST[admin_username])."',
119 '".$_POST[form_admin_password_hidden]."',
121 '".$addslashes($_POST[admin_email])."',
122 '".substr(md5(uniqid(rand(), true)),0,32)."',
124 $result= mysql_query($sql, $db);
126 // for author account
127 $sql = "INSERT INTO ".$_POST['step2']['tb_prefix']."users
128 (login, password, user_group_id, first_name, last_name, email, is_author, organization, phone,
129 address, city, province, country, postal_code, web_service_id, status, create_date)
130 VALUES ('".$addslashes($_POST['account_username'])."',
131 '".$_POST['form_account_password_hidden']."',
133 '".$addslashes($_POST['account_fname'])."',
134 '".$addslashes($_POST['account_lname'])."',
135 '".$addslashes($_POST['account_email'])."',
137 '".$addslashes($_POST['account_organization'])."',
138 '".$addslashes($_POST['account_phone'])."',
139 '".$addslashes($_POST['account_address'])."',
140 '".$addslashes($_POST['account_city'])."',
141 '".$addslashes($_POST['account_province'])."',
142 '".$addslashes($_POST['account_country'])."',
143 '".$addslashes($_POST['account_postal_code'])."',
144 '".substr(md5(uniqid(rand(), true)),0,32)."',
147 $result = mysql_query($sql ,$db);
149 $_POST['site_name'] = $addslashes($_POST['site_name']);
150 $sql = "INSERT INTO ".$_POST['step2']['tb_prefix']."config (name, value) VALUES ('site_name', '$_POST[site_name]')";
151 $result = mysql_query($sql ,$db);
153 $_POST['email'] = $addslashes($_POST['email']);
154 $sql = "INSERT INTO ".$_POST['step2']['tb_prefix']."config (name, value) VALUES ('contact_email', '$_POST[email]')";
155 $result = mysql_query($sql ,$db);
157 unset($_POST['admin_username']);
158 unset($_POST['form_admin_password_hidden']);
159 unset($_POST['admin_email']);
160 unset($_POST['email']);
161 unset($_POST['site_name']);
162 unset($_POST['account_username']);
163 unset($_POST['form_account_password_hidden']);
164 unset($_POST['account_email']);
165 unset($_POST['account_fname']);
166 unset($_POST['account_lname']);
167 unset($_POST['account_organization']);
168 unset($_POST['account_phone']);
169 unset($_POST['account_address']);
170 unset($_POST['account_city']);
171 unset($_POST['account_province']);
172 unset($_POST['account_country']);
173 unset($_POST['account_postal_code']);
176 unset($_POST['submit']);
184 print_progress($step);
186 if (isset($errors)) {
187 print_errors($errors);
190 if (isset($_POST['step1']['old_version']) && $_POST['upgrade_action']) {
191 $defaults['admin_username'] = urldecode($_POST['step1']['admin_username']);
192 $defaults['admin_email'] = urldecode($_POST['step1']['admin_email']);
194 $defaults['site_name'] = urldecode($_POST['step1']['site_name']);
195 $defaults['header_img'] = urldecode($_POST['step1']['header_img']);
196 $defaults['header_logo'] = urldecode($_POST['step1']['header_logo']);
197 $defaults['home_url'] = urldecode($_POST['step1']['home_url']);
199 $defaults = $_defaults;
203 <script language="JavaScript" src="<?php echo TR_INCLUDE_PATH; ?>../../include/jscripts/sha-1factory.js" type="text/javascript"></script>
205 <script type="text/javascript">
206 function encrypt_password()
208 if (document.form.admin_password.value != "") {
209 document.form.form_admin_password_hidden.value = hex_sha1(document.form.admin_password.value);
210 document.form.admin_password.value = "";
213 if (document.form.account_password.value != "") {
214 document.form.form_account_password_hidden.value = hex_sha1(document.form.account_password.value);
215 document.form.account_password.value = "";
220 <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" name="form">
221 <input type="hidden" name="action" value="process" />
222 <input type="hidden" name="form_admin_password_hidden" value="" />
223 <input type="hidden" name="form_account_password_hidden" value="" />
224 <input type="hidden" name="step" value="<?php echo $step; ?>" />
225 <?php print_hidden($step); ?>
228 /* detect mail settings. if sendmail_path is empty then use SMTP. */
229 if (@ini_get('sendmail_path') == '') {
230 echo '<input type="hidden" name="smtp" value="true" />';
232 echo '<input type="hidden" name="smtp" value="false" />';
236 <table width="70%" class="tableborder" cellspacing="0" cellpadding="1" align="center">
238 <th colspan="2">Super Administrator Account</th>
241 <td colspan="2" class="row1">The Super Administrator account is used for managing AContent. The Super Administrator can also create additional Administrators each with their own privileges and roles. </td>
244 <td class="row1"><div class="required" title="Required Field">*</div><b><label for="username">Administrator Username:</label></b><br />
245 May contain only letters, numbers, or underscores.</td>
246 <td class="row1"><input type="text" name="admin_username" id="username" maxlength="20" size="20" value="<?php if (!empty($_POST['admin_username'])) { echo stripslashes(htmlspecialchars($_POST['admin_username'])); } else { echo $defaults['admin_username']; } ?>" class="formfield" /></td>
249 <td class="row1"><div class="required" title="Required Field">*</div><b><label for="password">Administrator Password:</label></b></td>
250 <td class="row1"><input type="text" name="admin_password" id="password" maxlength="15" size="15" class="formfield" /></td>
253 <td class="row1"><div class="required" title="Required Field">*</div><b><label for="email">Administrator Email:</label></b></td>
254 <td class="row1"><input type="text" name="admin_email" id="email" size="40" value="<?php if (!empty($_POST['admin_email'])) { echo stripslashes(htmlspecialchars($_POST['admin_email'])); } else { echo $defaults['admin_email']; } ?>" class="formfield" /></td>
260 <table width="70%" class="tableborder" cellspacing="0" cellpadding="1" align="center">
262 <th colspan="2">System Preferences</th>
265 <td class="row1"><div class="required" title="Required Field">*</div><b><label for="sitename">Site Name:</label></b><br />
266 The name of your course server website.<br />Default: <kbd><?php echo $defaults['site_name']; ?></kbd></td>
267 <td class="row1"><input type="text" name="site_name" size="28" maxlength="60" id="sitename" value="<?php if (!empty($_POST['site_name'])) { echo stripslashes(htmlspecialchars($_POST['site_name'])); } else { echo $defaults['site_name']; } ?>" class="formfield" /></td>
270 <td class="row1"><div class="required" title="Required Field">*</div><b><label for="cemail">Contact Email:</label></b><br />
271 The email that will be used as the return email when needed.</td>
272 <td class="row1"><input type="text" name="email" id="cemail" size="40" value="<?php if (!empty($_POST['email'])) { echo stripslashes(htmlspecialchars($_POST['email'])); } else { echo $defaults['email']; } ?>" class="formfield" /></td>
278 <table width="70%" class="tableborder" cellspacing="0" cellpadding="1" align="center">
280 <th colspan="2">Author Account</th>
283 <td colspan="2" class="row1">You will need an author account to create lessons.</td>
286 <td class="row1"><div class="required" title="Required Field">*</div><b><label for="account_username">Username:</label></b><br />
287 May contain only letters, numbers, and underscores.</td>
288 <td class="row1"><input type="text" name="account_username" id="account_username" maxlength="20" size="20" value="<?php if (!empty($_POST['account_username'])) { echo stripslashes(htmlspecialchars($_POST['account_username'])); } ?>" class="formfield" /></td>
291 <td class="row1"><div class="required" title="Required Field">*</div><b><label for="account_password">Password:</label></b></td>
292 <td class="row1"><input type="text" name="account_password" id="account_password" maxlength="15" size="15" class="formfield" /></td>
295 <td class="row1"><div class="required" title="Required Field">*</div><b><label for="account_email">Email:</label></b></td>
296 <td class="row1"><input type="text" name="account_email" id="account_email" size="40" maxlength="60" value="<?php if (!empty($_POST['account_email'])) { echo stripslashes(htmlspecialchars($_POST['account_email'])); } ?>" class="formfield" /></td>
299 <td class="row1"><div class="required" title="Required Field">*</div><b><label for="account_fname">First Name:</label></b></td>
300 <td class="row1"><input type="text" name="account_fname" id="account_fname" size="40" maxlength="60" value="<?php if (!empty($_POST['account_fname'])) { echo stripslashes(htmlspecialchars($_POST['account_fname'])); } ?>" class="formfield" /></td>
303 <td class="row1"><div class="required" title="Required Field">*</div><b><label for="account_lname">Last Name:</label></b></td>
304 <td class="row1"><input type="text" name="account_lname" id="account_lname" size="40" maxlength="60" value="<?php if (!empty($_POST['account_lname'])) { echo stripslashes(htmlspecialchars($_POST['account_lname'])); } ?>" class="formfield" /></td>
307 <td class="row1"><div class="required" title="Required Field">*</div><b><label for="">Organization:</label></b></td>
308 <td class="row1"><input type="text" name="account_organization" id="account_organization" size="40" maxlength="60" value="<?php if (!empty($_POST['account_organization'])) { echo stripslashes(htmlspecialchars($_POST['account_organization'])); } ?>" class="formfield" /></td>
311 <td class="row1"><div class="required" title="Required Field">*</div><b><label for="">Phone:</label></b></td>
312 <td class="row1"><input type="text" name="account_phone" id="account_phone" size="40" maxlength="60" value="<?php if (!empty($_POST['account_phone'])) { echo stripslashes(htmlspecialchars($_POST['account_phone'])); } ?>" class="formfield" /></td>
315 <td class="row1"><div class="required" title="Required Field">*</div><b><label for="">Address:</label></b></td>
316 <td class="row1"><input type="text" name="account_address" id="account_address" size="40" maxlength="60" value="<?php if (!empty($_POST['account_address'])) { echo stripslashes(htmlspecialchars($_POST['account_address'])); } ?>" class="formfield" /></td>
319 <td class="row1"><div class="required" title="Required Field">*</div><b><label for="">City:</label></b></td>
320 <td class="row1"><input type="text" name="account_city" id="account_city" size="40" maxlength="60" value="<?php if (!empty($_POST['account_city'])) { echo stripslashes(htmlspecialchars($_POST['account_city'])); } ?>" class="formfield" /></td>
323 <td class="row1"><div class="required" title="Required Field">*</div><b><label for="">Province:</label></b></td>
324 <td class="row1"><input type="text" name="account_province" id="account_province" size="40" maxlength="60" value="<?php if (!empty($_POST['account_province'])) { echo stripslashes(htmlspecialchars($_POST['account_province'])); } ?>" class="formfield" /></td>
327 <td class="row1"><div class="required" title="Required Field">*</div><b><label for="">Country:</label></b></td>
328 <td class="row1"><input type="text" name="account_country" id="account_country" size="40" maxlength="60" value="<?php if (!empty($_POST['account_country'])) { echo stripslashes(htmlspecialchars($_POST['account_country'])); } ?>" class="formfield" /></td>
331 <td class="row1"><div class="required" title="Required Field">*</div><b><label for="">Postal Code:</label></b></td>
332 <td class="row1"><input type="text" name="account_postal_code" id="account_postal_code" size="40" maxlength="60" value="<?php if (!empty($_POST['account_postal_code'])) { echo stripslashes(htmlspecialchars($_POST['account_postal_code'])); } ?>" class="formfield" /></td>
337 <div align="center"><input type="submit" class="button" value=" Next »" name="submit" onclick="return encrypt_password();" /></div>