#521 check sql access data on install

2025-02-20 11:23:28 +08:00 · 2015-04-19 10:23:01 +02:00 · 2015-04-19 10:23:01 +02:00 · e7c3d16e14
commit e7c3d16e14
parent 0720c7f593
1 changed files with 46 additions and 32 deletions
--- a/web/install/install.php
+++ b/web/install/install.php
@ -280,11 +280,16 @@ if ($currentStep == 2 and count($systemCheckError) == 0) {

    if ($currentStep == 3 and isset($_POST['db'])) {

-        $configFp = @fopen(EASYWIDIR . '/stuff/config.php', "w+");
+        try {

-        if ($configFp) {
+            $sql = new PDO("mysql:host=${_POST['host']};dbname=${_POST['db']}", $_POST['user'], $_POST['pwd'], array(PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES utf8"));
+            $sql->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

-            $configdata = "<?php
+            $configFp = @fopen(EASYWIDIR . '/stuff/config.php', "w+");
+
+            if ($configFp) {
+
+                $configdata = "<?php

 // This file was generated by the easy-wi.com installer

@ -298,61 +303,70 @@ if ($currentStep == 2 and count($systemCheckError) == 0) {
 " . '$timezone' . " = 'Europe/Berlin';
 ";

-            @fwrite($configFp, $configdata);
+                @fwrite($configFp, $configdata);

-            fclose($configFp);
+                fclose($configFp);

-        }
+            }

+            $keyFp = @fopen(EASYWIDIR . '/stuff/keyphrasefile.php', "w+");

-        $keyFp = @fopen(EASYWIDIR . '/stuff/keyphrasefile.php', "w+");
-
-        if ($keyFp) {
-            $configdata='<?php
+            if ($keyFp) {
+                $configdata='<?php

 // This file was generated by the easy-wi.com installer

 $aeskey = "' . $_POST['aeskey'] . '";
 ';

-            @fwrite($keyFp, $configdata);
+                @fwrite($keyFp, $configdata);
+
+                fclose($keyFp);
+            }
+
+        } catch(PDOException $error) {
+
+            $systemCheckError['config.php'] = "<div class='alert alert-danger'>{$error->getMessage()}</div>";

-            fclose($keyFp);
        }
+
    }

-    if (file_exists(EASYWIDIR . '/stuff/config.php') and file_exists(EASYWIDIR . '/stuff/keyphrasefile.php')) {
+    if (!isset($sql) ) {

-        if ($currentStep == 3 and isset($_POST['db'])) {
-            $displayToUser .= "<div class='alert alert-success'>{$languageObject->ok_files_created}</div>";
-        }
+        if (file_exists(EASYWIDIR . '/stuff/config.php') and file_exists(EASYWIDIR . '/stuff/keyphrasefile.php')) {

-        require_once(EASYWIDIR . '/stuff/config.php');
-        require_once(EASYWIDIR . '/stuff/keyphrasefile.php');
+            if ($currentStep == 3 and isset($_POST['db'])) {
+                $displayToUser .= "<div class='alert alert-success'>{$languageObject->ok_files_created}</div>";
+            }

-        if (isset($host) and isset($db) and isset($user) and isset($pwd)) {
+            require_once(EASYWIDIR . '/stuff/config.php');
+            require_once(EASYWIDIR . '/stuff/keyphrasefile.php');

-            try {
+            if (isset($host) and isset($db) and isset($user) and isset($pwd)) {

-                $sql = new PDO("mysql:host=${host};dbname=${db}", $user, $pwd, array(PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES utf8"));
-                $sql->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+                try {

-            } catch(PDOException $error) {
+                    $sql = new PDO("mysql:host=${host};dbname=${db}", $user, $pwd, array(PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES utf8"));
+                    $sql->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

-                $systemCheckError['config.php'] = "<div class='alert alert-danger'>{$error->getMessage()}</div>";
+                } catch(PDOException $error) {

+                    $systemCheckError['config.php'] = "<div class='alert alert-danger'>{$error->getMessage()}</div>";
+
+                }
+
+            } else {
+                $systemCheckError['config.php'] = "<div class='alert alert-danger'>{$languageObject->error_config_php_data}</div>";
            }

        } else {
-            $systemCheckError['config.php'] = "<div class='alert alert-danger'>{$languageObject->error_config_php_data}</div>";
-        }

-    } else {
-
-        if (isset($_POST['db'])) {
-            $systemCheckError['config.php'] = "<div class='alert alert-danger'>{$languageObject->error_keyphrase_php_create}</div>";
-        } else {
-            $systemCheckError['config.php'] = "<div class='alert alert-danger'>{$languageObject->error_config_keyphrase_php_missing}</div>";
+            if (isset($_POST['db'])) {
+                $systemCheckError['config.php'] = "<div class='alert alert-danger'>{$languageObject->error_keyphrase_php_create}</div>";
+            } else {
+                $systemCheckError['config.php'] = "<div class='alert alert-danger'>{$languageObject->error_config_keyphrase_php_missing}</div>";
+            }
        }
    }
 }