projects / acontent.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
moved code up one level to eliminate the docs subdirectory
[acontent.git] / install / include / step3.php
1 <?php
2 /************************************************************************/
3 /* AContent                                                             */
4 /************************************************************************/
5 /* Copyright (c) 2010                                                   */
6 /* Inclusive Design Institute                                           */
7 /*                                                                      */
8 /* This program is free software. You can redistribute it and/or        */
9 /* modify it under the terms of the GNU General Public License          */
10 /* as published by the Free Software Foundation.                        */
11 /************************************************************************/
12
13 if (!defined('TR_INCLUDE_PATH')) { exit; }
14
15 if(isset($_POST['submit']) && ($_POST['action'] == 'process')) {
16         unset($errors);
17
18         $_POST['admin_username'] = trim($_POST['admin_username']);
19         $_POST['admin_email'] = trim($_POST['admin_email']);
20         $_POST['site_name'] = trim($_POST['site_name']);
21         $_POST['email'] = trim($_POST['email']);
22         $_POST['account_username'] = trim($_POST['account_username']);
23         $_POST['account_email'] = trim($_POST['account_email']);
24         $_POST['account_fname'] = trim($_POST['account_fname']);
25         $_POST['account_lname'] = trim($_POST['account_lname']);
26         $_POST['account_organization'] = trim($_POST['account_organization']);
27         $_POST['account_phone'] = trim($_POST['account_phone']);
28         $_POST['account_address'] = trim($_POST['account_address']);
29         $_POST['account_city'] = trim($_POST['account_city']);
30         $_POST['account_province'] = trim($_POST['account_province']);
31         $_POST['account_country'] = trim($_POST['account_country']);
32         $_POST['account_postal_code'] = trim($_POST['account_postal_code']);
33         
34         /* Super Administrator Account checking: */
35         if ($_POST['admin_username'] == ''){
36                 $errors[] = 'Administrator username cannot be empty.';
37         } else {
38                 /* check for special characters */
39                 if (!(preg_match("/^[a-zA-Z0-9_]([a-zA-Z0-9_])*$/", $_POST['admin_username']))){
40                         $errors[] = 'Administrator username is not valid.';
41                 }
42         }
43         if ($_POST['form_admin_password_hidden'] == '') {
44                 $errors[] = 'Administrator password cannot be empty.';
45         }
46         if ($_POST['admin_email'] == '') {
47                 $errors[] = 'Administrator email cannot be empty.';
48         } else if (!preg_match("/^[a-z0-9\._-]+@+[a-z0-9\._-]+\.+[a-z]{2,6}$/", $_POST['admin_email'])) {
49                 $errors[] = 'Administrator email is not valid.';
50         }
51
52         /* System Preferences checking: */
53         if ($_POST['site_name'] == '') {
54                 $errors[] = 'Site name cannot be empty.';
55         }
56         if ($_POST['email'] == '') {
57                 $errors[] = 'Contact email cannot be empty.';
58         } else if (!preg_match("/^[a-z0-9\._-]+@+[a-z0-9\._-]+\.+[a-z]{2,6}$/", $_POST['email'])) {
59                 $errors[] = 'Contact email is not valid.';
60         }
61
62         /* Personal Account checking: */
63         if ($_POST['account_username'] == ''){
64                 $errors[] = 'Personal Account Username cannot be empty.';
65         } else {
66                 /* check for special characters */
67                 if (!(preg_match("/^[a-zA-Z0-9_]([a-zA-Z0-9_])*$/i", $_POST['account_username']))){
68                         $errors[] = 'Personal Account Username is not valid.';
69                 } else {
70                         if ($_POST['account_username'] == $_POST['admin_username']) {
71                                 $errors[] = 'That Personal Account Username is already being used for the Administrator account, choose another.';
72                         }
73                 }
74         }
75         if ($_POST['form_account_password_hidden'] == '') {
76                 $errors[] = 'Personal Account Password cannot be empty.';
77         }
78         if ($_POST['account_email'] == '') {
79                 $errors[] = 'Personal Account email cannot be empty.';
80         } else if (!preg_match("/^[a-z0-9\._-]+@+[a-z0-9\._-]+\.+[a-z]{2,6}$/i", $_POST['account_email'])) {
81                 $errors[] = 'Invalid Personal Account email is not valid.';
82         }
83         if ($_POST['account_fname'] == '') {
84                 $errors[] = 'Personal Account First Name cannot be empty.';
85         }
86         if ($_POST['account_lname'] == '') {
87                 $errors[] = 'Personal Account Last Name cannot be empty.';
88         }
89         if ($_POST['account_organization'] == '') {
90                 $errors[] = 'Personal Account Organization cannot be empty.';
91         }
92         if ($_POST['account_phone'] == '') {
93                 $errors[] = 'Personal Account Phone cannot be empty.';
94         }
95         if ($_POST['account_address'] == '') {
96                 $errors[] = 'Personal Account Address cannot be empty.';
97         }
98         if ($_POST['account_city'] == '') {
99                 $errors[] = 'Personal Account City cannot be empty.';
100         }
101         if ($_POST['account_province'] == '') {
102                 $errors[] = 'Personal Account Province cannot be empty.';
103         }
104         if ($_POST['account_country'] == '') {
105                 $errors[] = 'Personal Account Country cannot be empty.';
106         }
107         if ($_POST['account_postal_code'] == '') {
108                 $errors[] = 'Personal Account Postal Code cannot be empty.';
109         }
110         
111         if (!isset($errors)) {
112                 $db = @mysql_connect($_POST['step2']['db_host'] . ':' . $_POST['step2']['db_port'], $_POST['step2']['db_login'], urldecode($_POST['step2']['db_password']));
113                 @mysql_select_db($_POST['step2']['db_name'], $db);
114
115                 // for admin account
116                 $sql = "INSERT INTO ".$_POST['step2']['tb_prefix']."users 
117                         (login, password, user_group_id, email, web_service_id, create_date)
118                         VALUES ('".$addslashes($_POST[admin_username])."', 
119                                 '".$_POST[form_admin_password_hidden]."', 
120                                 1, 
121                                 '".$addslashes($_POST[admin_email])."', 
122                                 '".substr(md5(uniqid(rand(), true)),0,32)."', 
123                                 NOW())";
124                 $result= mysql_query($sql, $db);
125
126                 // for author account
127                 $sql = "INSERT INTO ".$_POST['step2']['tb_prefix']."users
128                (login, password, user_group_id, first_name, last_name, email, is_author, organization, phone,
129                address, city, province, country, postal_code, web_service_id, status, create_date)
130                VALUES ('".$addslashes($_POST['account_username'])."',
131                '".$_POST['form_account_password_hidden']."',
132                2,
133                '".$addslashes($_POST['account_fname'])."',
134                '".$addslashes($_POST['account_lname'])."', 
135                '".$addslashes($_POST['account_email'])."',
136                1,
137                '".$addslashes($_POST['account_organization'])."',
138                '".$addslashes($_POST['account_phone'])."',
139                '".$addslashes($_POST['account_address'])."',
140                '".$addslashes($_POST['account_city'])."',
141                '".$addslashes($_POST['account_province'])."',
142                '".$addslashes($_POST['account_country'])."',
143                '".$addslashes($_POST['account_postal_code'])."',
144                        '".substr(md5(uniqid(rand(), true)),0,32)."', 
145                1, 
146                now())";
147                 $result = mysql_query($sql ,$db);
148                 $user_id = mysql_insert_id();
149                 
150                 // associate the default HowTo lesson with this author account 
151                 $sql = "UPDATE ".$_POST['step2']['tb_prefix']."courses SET user_id=".$user_id." WHERE course_id=1";
152                 $result = mysql_query($sql ,$db);
153                 
154                 $sql = "INSERT INTO ".$_POST['step2']['tb_prefix']."user_courses (user_id, course_id, role) VALUES (".$user_id.", 1, 1)";
155                 $result = mysql_query($sql ,$db);
156                 
157                 // configurations
158                 $_POST['site_name'] = $addslashes($_POST['site_name']);
159                 $sql = "INSERT INTO ".$_POST['step2']['tb_prefix']."config (name, value) VALUES ('site_name', '$_POST[site_name]')";
160                 $result = mysql_query($sql ,$db);
161
162                 $_POST['email'] = $addslashes($_POST['email']);
163                 $sql = "INSERT INTO ".$_POST['step2']['tb_prefix']."config (name, value) VALUES ('contact_email', '$_POST[email]')";
164                 $result = mysql_query($sql ,$db);
165
166                 unset($_POST['admin_username']);
167                 unset($_POST['form_admin_password_hidden']);
168                 unset($_POST['admin_email']);
169                 unset($_POST['email']);
170                 unset($_POST['site_name']);
171                 unset($_POST['account_username']);
172                 unset($_POST['form_account_password_hidden']);
173                 unset($_POST['account_email']);
174                 unset($_POST['account_fname']);
175                 unset($_POST['account_lname']);
176                 unset($_POST['account_organization']);
177                 unset($_POST['account_phone']);
178                 unset($_POST['account_address']);
179                 unset($_POST['account_city']);
180                 unset($_POST['account_province']);
181                 unset($_POST['account_country']);
182                 unset($_POST['account_postal_code']);
183                                                                                                 
184                 unset($errors);
185                 unset($_POST['submit']);
186                 unset($action);
187                 store_steps($step);
188                 $step++;
189                 return;
190         }
191 }
192
193 print_progress($step);
194
195 if (isset($errors)) {
196         print_errors($errors);
197 }
198
199 if (isset($_POST['step1']['old_version']) && $_POST['upgrade_action']) {
200         $defaults['admin_username'] = urldecode($_POST['step1']['admin_username']);
201         $defaults['admin_email']    = urldecode($_POST['step1']['admin_email']);
202
203         $defaults['site_name']   = urldecode($_POST['step1']['site_name']);
204         $defaults['header_img']  = urldecode($_POST['step1']['header_img']);
205         $defaults['header_logo'] = urldecode($_POST['step1']['header_logo']);
206         $defaults['home_url']    = urldecode($_POST['step1']['home_url']);
207 } else {
208         $defaults = $_defaults;
209 }
210
211 ?>
212 <script language="JavaScript" src="<?php echo TR_INCLUDE_PATH; ?>../../include/jscripts/sha-1factory.js" type="text/javascript"></script>
213
214 <script type="text/javascript">
215 function encrypt_password()
216 {
217         if (document.form.admin_password.value != "") {
218                 document.form.form_admin_password_hidden.value = hex_sha1(document.form.admin_password.value);
219                 document.form.admin_password.value = "";
220         }
221         
222         if (document.form.account_password.value != "") {
223                 document.form.form_account_password_hidden.value = hex_sha1(document.form.account_password.value);
224                 document.form.account_password.value = "";
225         }
226 }
227 </script>
228
229 <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" name="form">
230         <input type="hidden" name="action" value="process" />
231         <input type="hidden" name="form_admin_password_hidden" value="" />
232         <input type="hidden" name="form_account_password_hidden" value="" />
233         <input type="hidden" name="step" value="<?php echo $step; ?>" />
234         <?php print_hidden($step); ?>
235
236         <?php
237                 /* detect mail settings. if sendmail_path is empty then use SMTP. */
238                 if (@ini_get('sendmail_path') == '') { 
239                         echo '<input type="hidden" name="smtp" value="true" />';
240                 } else {
241                         echo '<input type="hidden" name="smtp" value="false" />';
242                 }
243         ?>
244         <br />
245                 <table width="70%" class="tableborder" cellspacing="0" cellpadding="1" align="center">
246                 <tr>
247                         <th colspan="2">Super Administrator Account</th>
248                 </tr>
249                 <tr>
250                         <td colspan="2" class="row1">The Super Administrator account is used for managing AContent. The Super Administrator can also create additional Administrators each with their own privileges and roles. </td>
251                 </tr>
252                 <tr>
253                         <td class="row1"><div class="required" title="Required Field">*</div><b><label for="username">Administrator Username:</label></b><br />
254                         May contain only letters, numbers, or underscores.</td>
255                         <td class="row1"><input type="text" name="admin_username" id="username" maxlength="20" size="20" value="<?php if (!empty($_POST['admin_username'])) { echo stripslashes(htmlspecialchars($_POST['admin_username'])); } else { echo $defaults['admin_username']; } ?>" class="formfield" /></td>
256                 </tr>
257                 <tr>
258                         <td class="row1"><div class="required" title="Required Field">*</div><b><label for="password">Administrator Password:</label></b></td>
259                         <td class="row1"><input type="text" name="admin_password" id="password" maxlength="15" size="15" class="formfield" /></td>
260                 </tr>
261                 <tr>
262                         <td class="row1"><div class="required" title="Required Field">*</div><b><label for="email">Administrator Email:</label></b></td>
263                         <td class="row1"><input type="text" name="admin_email" id="email" size="40" value="<?php if (!empty($_POST['admin_email'])) { echo stripslashes(htmlspecialchars($_POST['admin_email'])); } else { echo $defaults['admin_email']; } ?>" class="formfield" /></td>
264                 </tr>
265                 </table>
266
267         <br />
268
269                 <table width="70%" class="tableborder" cellspacing="0" cellpadding="1" align="center">
270                 <tr>
271                         <th colspan="2">System Preferences</th>
272                 </tr>
273                 <tr>
274                         <td class="row1"><div class="required" title="Required Field">*</div><b><label for="sitename">Site Name:</label></b><br />
275                         The name of your course server website.<br />Default: <kbd><?php echo $defaults['site_name']; ?></kbd></td>
276                         <td class="row1"><input type="text" name="site_name" size="28" maxlength="60" id="sitename" value="<?php if (!empty($_POST['site_name'])) { echo stripslashes(htmlspecialchars($_POST['site_name'])); } else { echo $defaults['site_name']; } ?>" class="formfield" /></td>
277                 </tr>
278                 <tr>
279                         <td class="row1"><div class="required" title="Required Field">*</div><b><label for="cemail">Contact Email:</label></b><br />
280                         The email that will be used as the return email when needed.</td>
281                         <td class="row1"><input type="text" name="email" id="cemail" size="40" value="<?php if (!empty($_POST['email'])) { echo stripslashes(htmlspecialchars($_POST['email'])); } else { echo $defaults['email']; } ?>" class="formfield" /></td>
282                 </tr>
283                 </table>
284
285         <br />
286
287                 <table width="70%" class="tableborder" cellspacing="0" cellpadding="1" align="center">
288                 <tr>
289                         <th colspan="2">Author Account</th>
290                 </tr>
291                 <tr>
292                         <td colspan="2" class="row1">You will need an author account to create lessons.</td>
293                 </tr>
294                 <tr>
295                         <td class="row1"><div class="required" title="Required Field">*</div><b><label for="account_username">Username:</label></b><br />
296                         May contain only letters, numbers, and underscores.</td>
297                         <td class="row1"><input type="text" name="account_username" id="account_username" maxlength="20" size="20" value="<?php if (!empty($_POST['account_username'])) { echo stripslashes(htmlspecialchars($_POST['account_username'])); } ?>" class="formfield" /></td>
298                 </tr>
299                 <tr>
300                         <td class="row1"><div class="required" title="Required Field">*</div><b><label for="account_password">Password:</label></b></td>
301                         <td class="row1"><input type="text" name="account_password" id="account_password" maxlength="15" size="15" class="formfield" /></td>
302                 </tr>
303                 <tr>
304                         <td class="row1"><div class="required" title="Required Field">*</div><b><label for="account_email">Email:</label></b></td>
305                         <td class="row1"><input type="text" name="account_email" id="account_email" size="40" maxlength="60" value="<?php if (!empty($_POST['account_email'])) { echo stripslashes(htmlspecialchars($_POST['account_email'])); } ?>" class="formfield" /></td>
306                 </tr>
307                 <tr>
308                         <td class="row1"><div class="required" title="Required Field">*</div><b><label for="account_fname">First Name:</label></b></td>
309                         <td class="row1"><input type="text" name="account_fname" id="account_fname" size="40" maxlength="60" value="<?php if (!empty($_POST['account_fname'])) { echo stripslashes(htmlspecialchars($_POST['account_fname'])); } ?>" class="formfield" /></td>
310                 </tr>
311                 <tr>
312                         <td class="row1"><div class="required" title="Required Field">*</div><b><label for="account_lname">Last Name:</label></b></td>
313                         <td class="row1"><input type="text" name="account_lname" id="account_lname" size="40" maxlength="60" value="<?php if (!empty($_POST['account_lname'])) { echo stripslashes(htmlspecialchars($_POST['account_lname'])); } ?>" class="formfield" /></td>
314                 </tr>
315                 <tr>
316                         <td class="row1"><div class="required" title="Required Field">*</div><b><label for="">Organization:</label></b></td>
317                         <td class="row1"><input type="text" name="account_organization" id="account_organization" size="40" maxlength="60" value="<?php if (!empty($_POST['account_organization'])) { echo stripslashes(htmlspecialchars($_POST['account_organization'])); } ?>" class="formfield" /></td>
318                 </tr>
319                 <tr>
320                         <td class="row1"><div class="required" title="Required Field">*</div><b><label for="">Phone:</label></b></td>
321                         <td class="row1"><input type="text" name="account_phone" id="account_phone" size="40" maxlength="60" value="<?php if (!empty($_POST['account_phone'])) { echo stripslashes(htmlspecialchars($_POST['account_phone'])); } ?>" class="formfield" /></td>
322                 </tr>
323                 <tr>
324                         <td class="row1"><div class="required" title="Required Field">*</div><b><label for="">Address:</label></b></td>
325                         <td class="row1"><input type="text" name="account_address" id="account_address" size="40" maxlength="60" value="<?php if (!empty($_POST['account_address'])) { echo stripslashes(htmlspecialchars($_POST['account_address'])); } ?>" class="formfield" /></td>
326                 </tr>
327                 <tr>
328                         <td class="row1"><div class="required" title="Required Field">*</div><b><label for="">City:</label></b></td>
329                         <td class="row1"><input type="text" name="account_city" id="account_city" size="40" maxlength="60" value="<?php if (!empty($_POST['account_city'])) { echo stripslashes(htmlspecialchars($_POST['account_city'])); } ?>" class="formfield" /></td>
330                 </tr>
331                 <tr>
332                         <td class="row1"><div class="required" title="Required Field">*</div><b><label for="">Province:</label></b></td>
333                         <td class="row1"><input type="text" name="account_province" id="account_province" size="40" maxlength="60" value="<?php if (!empty($_POST['account_province'])) { echo stripslashes(htmlspecialchars($_POST['account_province'])); } ?>" class="formfield" /></td>
334                 </tr>
335                 <tr>
336                         <td class="row1"><div class="required" title="Required Field">*</div><b><label for="">Country:</label></b></td>
337                         <td class="row1"><input type="text" name="account_country" id="account_country" size="40" maxlength="60" value="<?php if (!empty($_POST['account_country'])) { echo stripslashes(htmlspecialchars($_POST['account_country'])); } ?>" class="formfield" /></td>
338                 </tr>
339                 <tr>
340                         <td class="row1"><div class="required" title="Required Field">*</div><b><label for="">Postal Code:</label></b></td>
341                         <td class="row1"><input type="text" name="account_postal_code" id="account_postal_code" size="40" maxlength="60" value="<?php if (!empty($_POST['account_postal_code'])) { echo stripslashes(htmlspecialchars($_POST['account_postal_code'])); } ?>" class="formfield" /></td>
342                 </tr>
343                 </table>
344         <br />
345         <br />
346         <div align="center"><input type="submit" class="button" value=" Next &raquo;" name="submit" onclick="return encrypt_password();" /></div>
347 </form>
AContent learning content authoring system