Issues in install.php (development) - Issues in development - imagecms/ImageCMS - Measure and Improve Code Quality continuously with Scrutinizer

Issues (1177)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

application/modules/install/install.php (6 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

if (!defined('BASEPATH')) {
    exit('No direct script access allowed');
}

class Install extends MY_Controller
{

    public $host = '';

    public $useSqlFile = 'sql.sql';

    private $exts = FALSE;

    private $loadedExt = FALSE;

    public function __construct() {
        parent::__construct();
        $lang = new MY_Lang();
        $lang->load('install');
        $lang->load('main');
        //        $this->host = 'http://' . str_replace('index.php', '', $_SERVER['HTTP_HOST'] . $_SERVER['SCRIPT_NAME']) . 'index.php/';
        $this->load->helper('string');
        $this->load->helper('form_csrf');
        $this->host = reduce_multiples($this->host);
        $this->loadedExt = get_loaded_extensions();

    }

    public function index() {

        if (moduleExists('shop')) {
            $data = [
                     'content' => $this->load->view('license_shop', ['next_link' => $this->host . '/install/step_1'], TRUE),
                    ];
        } else {
            $data = [
                     'content' => $this->load->view('license', ['next_link' => $this->host . '/install/step_1'], TRUE),
                    ];
        }
        $this->load->view('main', $data);
    }

    public function step_1() {
        $result = TRUE;

        // Check folders permissions
        $dir_array = [
                      './application/config/config.php' => 'ok',
                      './system/cache'                  => 'ok',
                      './captcha/'                      => 'ok',
                      './system/cache/templates_c'      => 'ok',
                      './uploads/'                      => 'ok',
                      './uploads/images'                => 'ok',
                      './uploads/files'                 => 'ok',
                     ];

        foreach ($dir_array as $k => $v) {
            if (!is_really_writable($k)) {
                $dir_array[$k] = 'err';
                $result = FALSE;
            }
        }

        // Check server params

        $allow_params = [
                         'register_globals' => 'ok',
                         'safe_mode'        => 'ok',
                        ];

        foreach ($allow_params as $k => $v) {
            if (ini_get($k) == 1) {
                $allow_params[$k] = 'warning';
            } else {
                $allow_params[$k] = 'ok';
            }
        }

        if (version_compare(PHP_VERSION, '5.5.0') >= 0) {
            $allow_params['PHP version >= 5.5'] = 'ok';
        } else {
            $allow_params['PHP version >= 5.5'] = 'err';
            $result = false;
        }

        // Check installed php exts.
        $exts = [
                 'curl'     => 'ok',
                 'json'     => 'ok',
                 'mbstring' => 'ok',
                 'iconv'    => 'ok',
                 'gd'       => 'ok',
                 'zlib'     => 'ok',
                 'gettext'  => 'ok',
                 'soap'     => 'ok',
                ];

        if (moduleExists('shop') && end(explode('.', $this->input->server('HTTP_HOST'))) != 'loc') {

            $exts['ionCube Loader'] = 'ok';
        }

        foreach ($exts as $k => $v) {
            //if ($this->_get_ext($k) === FALSE) {
            if ($this->checkExtensions($k) === FALSE) {
                $exts[$k] = 'warning';
                if ($k == 'json') {
                    $exts[$k] = 'err';
                    $result = FALSE;
                }

                if ($k == 'mbstring') {
                    $exts[$k] = 'err';
                    $result = FALSE;
                }

                if ($k == 'gettext') {
                    $exts[$k] = 'err';
                    $result = FALSE;
                }

                if ($k == 'curl') {
                    $exts[$k] = 'err';
                    $result = FALSE;
                }
                if ($k == 'ionCube Loader') {
                    $exts[$k] = 'err';
                    $result = FALSE;
                }
            }
        }

        $locales = [
                    'en_US' => 'ok',
                    'ru_RU' => 'ok',
                   ];

        foreach ($locales as $locale => $v) {
            if (!setlocale(LC_ALL, $locale . '.utf8', $locale . '.utf-8', $locale . '.UTF8', $locale . '.UTF-8', $locale . '.utf-8', $locale . '.UTF-8', $locale)) {
                if (!setlocale(LC_ALL, '')) {
                    $locales[$locale] = 'warning';
                }
            }
        }

        $data = [
                 'dirs'         => $dir_array,
            //            'need_params' => $need_params,
                 'allow_params' => $allow_params,
                 'exts'         => $exts,
                 'locales'      => $locales,
                 'next_link'    => $this->_get_next_link($result, 1),
                ];
        $this->_display($this->load->view('step_1', $data, TRUE));
    }

    /**
     * Check is extension loaded
     * @param string $name extension name
     * @return bool
     */
    private function checkExtensions($name = '') {
        if (in_array($name, $this->loadedExt)) {

            return TRUE;
        }
        return FALSE;
    }

    /**
     * @deprecated since version 4.6
     * @param string $name
     * @return boolean
     */
    protected function _get_ext($name = '') {
        if ($this->exts === FALSE) {
            ob_start();
            phpinfo(INFO_MODULES);
            $this->exts = ob_get_contents();
$answer = 42;

$correct = false;

$correct = (bool) $answer;
            ob_end_clean();
            $this->exts = strip_tags($this->exts, '<h2><th><td>');
$answer = 42;

$correct = false;

$correct = (bool) $answer;
        }

        preg_match("/<h2>.*$name.*<\/h2>/", $this->exts, $m);

        if (count($m) == 0) {

            return FALSE;
        }

        return TRUE;
    }

    public function step_2() {
        $this->load->library('Form_validation');
        $this->form_validation->set_error_delimiters('', '');

        $result = TRUE;
        $other_errors = '';

        if ($this->input->post()) {
            $this->form_validation->set_rules('site_title', lang('Site name', 'install'), 'required');
            $this->form_validation->set_rules('db_host', lang('Host', 'install'), 'required');
            $this->form_validation->set_rules('db_user', lang('Database username', 'install'), 'required');
            //$this->form_validation->set_rules('db_pass', 'Пароль БД', 'required');
            $this->form_validation->set_rules('db_name', lang('Database name', 'install'), 'required');
            //            $this->form_validation->set_rules('admin_login', 'Логин администратора', 'required|min_length[4]');
            $this->form_validation->set_rules('admin_pass', lang('Administrator password', 'install'), 'required|min_length[5]');
            $this->form_validation->set_rules('admin_mail', lang('Administrator E-mail', 'install'), 'required|valid_email');
            $this->form_validation->set_rules('lang_sel', lang('Language', 'install'), 'required');

            if ($this->form_validation->run() == FALSE) {
                $result = FALSE;
            } else {
                // Test database conn.
                if ($this->test_db() == FALSE) {
                    $other_errors .= lang('Database connection error', 'install') . '.<br/>';
                    $result = FALSE;
                }
            }

            if ($result == TRUE) {
                $this->make_install();
            }
        }

        $data = [
                 'next_link'    => $this->_get_next_link($result, 2),
                 'other_errors' => $other_errors,
                 'host'         => $this->host,
                 'sqlFileName'  => $this->useSqlFile,
                ];
        $this->_display($this->load->view('step_2', $data, TRUE));
    }

    private function make_install() {
        $this->load->helper('file');
        $this->load->helper('url');

        $db_server = $this->input->post('db_host');
        $db_user = $this->input->post('db_user');
        $db_pass = $this->input->post('db_pass');
        $db_name = $this->input->post('db_name');

        $link = mysqli_connect($db_server, $db_user, $db_pass, $db_name);

        // Drop all tables in DB
        $tables = [];
        $sql = "SHOW TABLES FROM $db_name";
        if ($result = mysqli_query($link, $sql)) {
            while ($row = mysqli_fetch_row($result)) {
                $tables[] = $row[0];
            }
        }

        if (count($tables) > 0) {
            foreach ($tables as $t) {
                $sql = "DROP TABLE `{$db_name}`.`{$t}`";
                if (!mysqli_query($link, $sql)) {
                    die("MySQL error. Can\'t delete `{$db_name}`.`{$t}`");
                }
            }
        }

        mysqli_query($link, 'SET NAMES `utf8`');
        $sqlFileData = read_file(__DIR__ . '/' . $this->useSqlFile);

        $queries = explode(";\n", str_replace(';\r\n', ';\n', $sqlFileData));

        foreach ($queries as $q) {
            $q = trim($q);

            if (!empty($q)) {
                mysqli_query($link, $q);
            }
        }

        // Update site title
        mysqli_query($link, 'UPDATE `settings_i18n` SET `name`=\'' . mysqli_escape_string($link, $this->input->post('site_title')) . '\' ');
        mysqli_query($link, 'UPDATE `settings_i18n` SET `short_name`=\'' . mysqli_escape_string($link, $this->input->post('site_title')) . '\' ');
        mysqli_query($link, 'UPDATE `settings` SET `lang_sel`=\'' . mysqli_escape_string($link, $this->input->post('lang_sel')) . '\' ');

        // TRUNCATE if "no demodata" checked
        if ($this->input->post('product_samples') != 'on') {
            mysqli_query($link, 'TRUNCATE `category`;');
            mysqli_query('INSERT INTO `category` (`id`, `name`, `url`, `per_page`, `order_by`) VALUES (\'1\', \'test\', \'test\', \'1\', \'publish_date\');', $link);
            mysqli_query('UPDATE `settings` SET `main_type`=\'category\', `main_page_cat`=\'1\';', $link);
            mysqli_query($link, 'TRUNCATE `comments`;');
            mysqli_query($link, 'TRUNCATE `content`;');
            mysqli_query($link, 'TRUNCATE `content_fields`;');
            mysqli_query($link, 'TRUNCATE `content_fields_data`;');
            mysqli_query($link, 'TRUNCATE `content_fields_groups_relations`;');
            mysqli_query($link, 'TRUNCATE `content_field_groups`;');
            mysqli_query($link, 'TRUNCATE `gallery_albums`;');
            mysqli_query($link, 'TRUNCATE `gallery_category`;');
            mysqli_query($link, 'TRUNCATE `gallery_images`;');
            mysqli_query($link, 'TRUNCATE `menus`;');
            mysqli_query($link, 'TRUNCATE `menus_data`;');
            mysqli_query($link, 'TRUNCATE `support_comments`;');
            mysqli_query($link, 'TRUNCATE `support_departments`;');
            mysqli_query($link, 'TRUNCATE `support_tickets`;');
            mysqli_query($link, 'TRUNCATE `tags`;');
            mysqli_query($link, 'TRUNCATE `content_permissions`;');
            mysqli_query($link, 'TRUNCATE `content_tags`;');
            mysqli_query($link, 'TRUNCATE `logs`;');

            $this->load->helper('file');

            if (moduleExists('shop')) {
                delete_files('./uploads/shop', TRUE);

                mysqli_query('UPDATE `settings` SET `main_type`=\'module\', `main_page_module`=\'shop\';', $link);
                mysqli_query($link, 'TRUNCATE `shop_category`;');
                mysqli_query($link, 'TRUNCATE `shop_category_i18n`;');
                mysqli_query($link, 'TRUNCATE `shop_comulativ_discount`;');
                mysqli_query($link, 'TRUNCATE `shop_discounts`;');
                mysqli_query($link, 'TRUNCATE `shop_gifts`;');
                mysqli_query($link, 'TRUNCATE `shop_kit`;');
                mysqli_query($link, 'TRUNCATE `shop_kit_product`;');
                mysqli_query($link, 'TRUNCATE `shop_notifications`;');
                mysqli_query($link, 'TRUNCATE `shop_notification_statuses`;');
                mysqli_query($link, 'TRUNCATE `shop_notification_statuses_i18n`;');
                mysqli_query($link, 'TRUNCATE `shop_orders`;');
                mysqli_query($link, 'TRUNCATE `shop_orders_products`;');
                mysqli_query($link, 'TRUNCATE `shop_orders_status_history`;');
                mysqli_query($link, 'TRUNCATE `shop_products`;');
                mysqli_query($link, 'TRUNCATE `shop_products_i18n`;');
                mysqli_query($link, 'TRUNCATE `shop_product_categories`;');
                mysqli_query($link, 'TRUNCATE `shop_product_images`;');
                mysqli_query($link, 'TRUNCATE `shop_product_properties`;');
                mysqli_query($link, 'TRUNCATE `shop_product_properties`;');
                mysqli_query($link, 'TRUNCATE `shop_product_properties_categories`;');
                mysqli_query($link, 'TRUNCATE `shop_product_properties_data`;');
                mysqli_query($link, 'TRUNCATE `shop_product_properties_data_i18n`;');
                mysqli_query($link, 'TRUNCATE `shop_product_properties_i18n`;');
                mysqli_query($link, 'TRUNCATE `shop_product_variants`;');
                mysqli_query($link, 'TRUNCATE `shop_product_variants_i18n`;');
                mysqli_query($link, 'TRUNCATE `shop_banners`;');
                mysqli_query($link, 'TRUNCATE `shop_banners_i18n`;');
                mysqli_query($link, 'TRUNCATE `shop_brands`;');
                mysqli_query($link, 'TRUNCATE `shop_brands_i18n`;');
                mysqli_query($link, 'TRUNCATE `shop_spy`;');
                mysqli_query($link, 'TRUNCATE `shop_warehouse`;');
                mysqli_query($link, 'TRUNCATE `shop_warehouse_data`;');
            }

            delete_files('./uploads/gallery', TRUE);
            delete_files('./uploads/images', TRUE);
        }

        $this->writeDatabaseConfig(
            [
             'hostname' => $this->input->post('db_host'),
             'username' => $this->input->post('db_user'),
             'password' => $this->input->post('db_pass'),
             'database' => $this->input->post('db_name'),
            ]
        );

        $this->writeCmsConfig(
            ['is_installed' => 'TRUE']
        );

        $this->load->database();

        // Create admin account
        $this->load->helper('cookie');
        delete_cookie('autologin');
        $this->load->library('DX_Auth');
        $admin_pass = crypt($this->dx_auth->_encode($this->input->post('admin_pass')));

        //        $admin_login = $this->input->post('admin_login');
        $admin_mail = $this->input->post('admin_mail');

        $admin_created = date('Y-m-d H:i:s', time());

        $sql = "INSERT INTO `users` (`id`, `role_id`, `username`, `password`, `email`, `banned`, `ban_reason`, `newpass`, `newpass_key`, `newpass_time`, `last_ip`, `last_login`, `created`, `modified`)
                        VALUES (1, 1, 'Administrator', '$admin_pass', '$admin_mail', 0, NULL, NULL, NULL, NULL, '127.0.0.1', '0000-00-00 00:00:00', '$admin_created', '0000-00-00 00:00:00'); ";

        mysqli_query($link, $sql);

        $this->cache->delete_all();

        $this->writeDatabaseConfig(
            [
             'hostname' => $this->input->post('db_host'),
             'username' => $this->input->post('db_user'),
             'password' => $this->input->post('db_pass'),
             'database' => $this->input->post('db_name'),
            ]
        );

        // login admin
        $this->dx_auth->login($this->input->post('admin_login'), $this->input->post('admin_pass'), true);

        //redirect('install/done','refresh');
        header('Location: ' . $this->host . '/install/done');
    }

    public function done() {
        chmod(getModulePath('install') . '/install.php', 0777);
        rename(getModulePath('install') . '/install.php', getModulePath('install') . '/_install.php');
        chmod(getModulePath('install') . '/install.php', 0755);
        $this->_display($this->load->view('done', '', TRUE));
    }

    /**
     *
     * @param array $data
     *  - hostname
     *  - username
     *  - password
     *  - database
     */
    public function writeDatabaseConfig($data) {
        $configFile = APPPATH . 'config/database.php';

        $this->load->helper('file');
        $configContent = read_file($configFile);

        $basePattern = "/db\['default'\]\['__KEY__'\] = '([a-zA-Z0-9\-\_]*)';/";
        $baseReplacement = "db['default']['__KEY__'] = '__VALUE__';";

        foreach ($data as $key => $value) {
            $keyPattern = str_replace('__KEY__', $key, $basePattern);
            $replacement = str_replace(['__KEY__', '__VALUE__'], [$key, $value], $baseReplacement);
            $configContent = preg_replace($keyPattern, $replacement, $configContent);
        }

        if (!write_file($configFile, $configContent)) {
            die(lang('Error writing file config.php', 'install'));
        }
    }

    /**
     * @param bool $result
     * @param int $step
     * @return string
     */
    private function _get_next_link($result = FALSE, $step = 1) {
        if ($result === TRUE) {
            $next_link = $this->host . '/install/step_' . ($step + 1);
        } else {
            $next_link = $this->host . '/install/step_' . $step;
        }

        return $next_link;
    }

    public function _display($content) {
        $data = ['content' => $content];

        $this->load->view('main', $data);
    }

    private function test_db() {
        $result = TRUE;

        $db_server = $this->input->post('db_host');
        $db_user = $this->input->post('db_user');
        $db_pass = $this->input->post('db_pass');
        $db_name = $this->input->post('db_name');

        $link = mysqli_connect($db_server, $db_user, $db_pass, $db_name);

        if ($link == FALSE) {
            $result = FALSE;
        }

        mysqli_close($link);

        return $result;
    }

    public function writeCmsConfig($data) {
        $configFile = APPPATH . 'config/cms.php';

        $this->load->helper('file');
        $configContent = read_file($configFile);

        $basePattern = "/config\[[\'\"]{1}__KEY__[\'\"]{1}\][\s]*=[\s]*([a-zA-Z0-9\-\_]*);/";
        $baseReplacement = "config['__KEY__'] = __VALUE__;";

        foreach ($data as $key => $value) {
            $keyPattern = str_replace('__KEY__', $key, $basePattern);
            $replacement = str_replace(['__KEY__', '__VALUE__'], [$key, $value], $baseReplacement);
            $configContent = preg_replace($keyPattern, $replacement, $configContent);
        }

        if (!file_put_contents($configFile, $configContent)) {
            die(lang('Error writing file config.php', 'install'));
        }
    }

    public function change_language() {
        $language = $this->input->post('language');
        if ($language) {
            $this->session->set_userdata('language', $language);

            redirect($this->input->server('HTTP_REFERER'));
        }
    }

}

1		<?php
2
3		if (!defined('BASEPATH')) {
4		exit('No direct script access allowed');
5		}
6
7		class Install extends MY_Controller
8		{
9
10		public $host = '';
11
12		public $useSqlFile = 'sql.sql';
13
14		private $exts = FALSE;
15
16		private $loadedExt = FALSE;
17
18		public function __construct() {
19		parent::__construct();
20		$lang = new MY_Lang();
21		$lang->load('install');
22		$lang->load('main');
23		// $this->host = 'http://' . str_replace('index.php', '', $_SERVER['HTTP_HOST'] . $_SERVER['SCRIPT_NAME']) . 'index.php/';
24		$this->load->helper('string');
25		$this->load->helper('form_csrf');
26		$this->host = reduce_multiples($this->host);
27		$this->loadedExt = get_loaded_extensions();
		0 ignored issues – show Documentation Bug introduced 2016-08-26 10:23 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like `get_loaded_extensions()` of type `array` is incompatible with the declared type `boolean` of property `$loadedExt`. Our type inference engine has found an assignment to a property that is incompatible with the declared type of that property. Either this assignment is in error or the assigned type should be added to the documentation/type hint for that property.. Loading history...
28		}
29
30		public function index() {
31
32		if (moduleExists('shop')) {
33		$data = [
34		'content' => $this->load->view('license_shop', ['next_link' => $this->host . '/install/step_1'], TRUE),
35		];
36		} else {
37		$data = [
38		'content' => $this->load->view('license', ['next_link' => $this->host . '/install/step_1'], TRUE),
39		];
40		}
41		$this->load->view('main', $data);
42		}
43
44		public function step_1() {
45		$result = TRUE;
46
47		// Check folders permissions
48		$dir_array = [
49		'./application/config/config.php' => 'ok',
50		'./system/cache' => 'ok',
51		'./captcha/' => 'ok',
52		'./system/cache/templates_c' => 'ok',
53		'./uploads/' => 'ok',
54		'./uploads/images' => 'ok',
55		'./uploads/files' => 'ok',
56		];
57
58		foreach ($dir_array as $k => $v) {
59		if (!is_really_writable($k)) {
60		$dir_array[$k] = 'err';
61		$result = FALSE;
62		}
63		}
64
65		// Check server params
66
67		$allow_params = [
68		'register_globals' => 'ok',
69		'safe_mode' => 'ok',
70		];
71
72		foreach ($allow_params as $k => $v) {
73		if (ini_get($k) == 1) {
74		$allow_params[$k] = 'warning';
75		} else {
76		$allow_params[$k] = 'ok';
77		}
78		}
79
80		if (version_compare(PHP_VERSION, '5.5.0') >= 0) {
81		$allow_params['PHP version >= 5.5'] = 'ok';
82		} else {
83		$allow_params['PHP version >= 5.5'] = 'err';
84		$result = false;
85		}
86
87		// Check installed php exts.
88		$exts = [
89		'curl' => 'ok',
90		'json' => 'ok',
91		'mbstring' => 'ok',
92		'iconv' => 'ok',
93		'gd' => 'ok',
94		'zlib' => 'ok',
95		'gettext' => 'ok',
96		'soap' => 'ok',
97		];
98
99		if (moduleExists('shop') && end(explode('.', $this->input->server('HTTP_HOST'))) != 'loc') {
		0 ignored issues – show Bug introduced 2015-11-28 17:39 UTC by Report Bug Copy Issue Report Show Similar Issues like this `explode('.', $this->input->server('HTTP_HOST'))` cannot be passed to `end()` as the parameter `$array` expects a reference. Loading history...
100		$exts['ionCube Loader'] = 'ok';
101		}
102
103		foreach ($exts as $k => $v) {
104		//if ($this->_get_ext($k) === FALSE) {
105		if ($this->checkExtensions($k) === FALSE) {
106		$exts[$k] = 'warning';
107		if ($k == 'json') {
108		$exts[$k] = 'err';
109		$result = FALSE;
110		}
111
112		if ($k == 'mbstring') {
113		$exts[$k] = 'err';
114		$result = FALSE;
115		}
116
117		if ($k == 'gettext') {
118		$exts[$k] = 'err';
119		$result = FALSE;
120		}
121
122		if ($k == 'curl') {
123		$exts[$k] = 'err';
124		$result = FALSE;
125		}
126		if ($k == 'ionCube Loader') {
127		$exts[$k] = 'err';
128		$result = FALSE;
129		}
130		}
131		}
132
133		$locales = [
134		'en_US' => 'ok',
135		'ru_RU' => 'ok',
136		];
137
138		foreach ($locales as $locale => $v) {
139		if (!setlocale(LC_ALL, $locale . '.utf8', $locale . '.utf-8', $locale . '.UTF8', $locale . '.UTF-8', $locale . '.utf-8', $locale . '.UTF-8', $locale)) {
140		if (!setlocale(LC_ALL, '')) {
141		$locales[$locale] = 'warning';
142		}
143		}
144		}
145
146		$data = [
147		'dirs' => $dir_array,
148		// 'need_params' => $need_params,
149		'allow_params' => $allow_params,
150		'exts' => $exts,
151		'locales' => $locales,
152		'next_link' => $this->_get_next_link($result, 1),
153		];
154		$this->_display($this->load->view('step_1', $data, TRUE));
155		}
156
157		/**
158		* Check is extension loaded
159		* @param string $name extension name
160		* @return bool
161		*/
162		private function checkExtensions($name = '') {
163		if (in_array($name, $this->loadedExt)) {
		0 ignored issues – show Unused Code introduced 2015-11-28 17:39 UTC by Report Bug Copy Issue Report Show Similar Issues like this This `if` statement, and the following `return` statement can be replaced with `return in_array($name, $this->loadedExt);`. Loading history...
164		return TRUE;
165		}
166		return FALSE;
167		}
168
169		/**
170		* @deprecated since version 4.6
171		* @param string $name
172		* @return boolean
173		*/
174		protected function _get_ext($name = '') {
175		if ($this->exts === FALSE) {
176		ob_start();
177		phpinfo(INFO_MODULES);
178		$this->exts = ob_get_contents();
		0 ignored issues – show Documentation Bug introduced 2016-08-26 10:23 UTC by Report Bug Copy Issue Report Show Similar Issues like this The property `$exts` was declared of type `boolean`, but `ob_get_contents()` is of type `string`. Maybe add a type cast? This check looks for assignments to scalar types that may be of the wrong type. To ensure the code behaves as expected, it may be a good idea to add an explicit type cast. $answer = 42; $correct = false; $correct = (bool) $answer; Loading history...
179		ob_end_clean();
180		$this->exts = strip_tags($this->exts, '<h2><th><td>');
		0 ignored issues – show Documentation Bug introduced 2016-08-26 10:23 UTC by Report Bug Copy Issue Report Show Similar Issues like this The property `$exts` was declared of type `boolean`, but `strip_tags($this->exts, '<h2><th><td>')` is of type `string`. Maybe add a type cast? This check looks for assignments to scalar types that may be of the wrong type. To ensure the code behaves as expected, it may be a good idea to add an explicit type cast. $answer = 42; $correct = false; $correct = (bool) $answer; Loading history...
181		}
182
183		preg_match("/<h2>.$name.<\/h2>/", $this->exts, $m);
184
185		if (count($m) == 0) {
		0 ignored issues – show Unused Code introduced 2015-11-28 17:39 UTC by Report Bug Copy Issue Report Show Similar Issues like this This `if` statement, and the following `return` statement can be replaced with `return !(count($m) == 0);`. Loading history...
186		return FALSE;
187		}
188
189		return TRUE;
190		}
191
192		public function step_2() {
193		$this->load->library('Form_validation');
194		$this->form_validation->set_error_delimiters('', '');
195
196		$result = TRUE;
197		$other_errors = '';
198
199		if ($this->input->post()) {
200		$this->form_validation->set_rules('site_title', lang('Site name', 'install'), 'required');
201		$this->form_validation->set_rules('db_host', lang('Host', 'install'), 'required');
202		$this->form_validation->set_rules('db_user', lang('Database username', 'install'), 'required');
203		//$this->form_validation->set_rules('db_pass', 'Пароль БД', 'required');
204		$this->form_validation->set_rules('db_name', lang('Database name', 'install'), 'required');
205		// $this->form_validation->set_rules('admin_login', 'Логин администратора', 'required\|min_length[4]');
206		$this->form_validation->set_rules('admin_pass', lang('Administrator password', 'install'), 'required\|min_length[5]');
207		$this->form_validation->set_rules('admin_mail', lang('Administrator E-mail', 'install'), 'required\|valid_email');
208		$this->form_validation->set_rules('lang_sel', lang('Language', 'install'), 'required');
209
210		if ($this->form_validation->run() == FALSE) {
211		$result = FALSE;
212		} else {
213		// Test database conn.
214		if ($this->test_db() == FALSE) {
215		$other_errors .= lang('Database connection error', 'install') . '.<br/>';
216		$result = FALSE;
217		}
218		}
219
220		if ($result == TRUE) {
221		$this->make_install();
222		}
223		}
224
225		$data = [
226		'next_link' => $this->_get_next_link($result, 2),
227		'other_errors' => $other_errors,
228		'host' => $this->host,
229		'sqlFileName' => $this->useSqlFile,
230		];
231		$this->_display($this->load->view('step_2', $data, TRUE));
232		}
233
234		private function make_install() {
235		$this->load->helper('file');
236		$this->load->helper('url');
237
238		$db_server = $this->input->post('db_host');
239		$db_user = $this->input->post('db_user');
240		$db_pass = $this->input->post('db_pass');
241		$db_name = $this->input->post('db_name');
242
243		$link = mysqli_connect($db_server, $db_user, $db_pass, $db_name);
244
245		// Drop all tables in DB
246		$tables = [];
247		$sql = "SHOW TABLES FROM $db_name";
248		if ($result = mysqli_query($link, $sql)) {
249		while ($row = mysqli_fetch_row($result)) {
250		$tables[] = $row[0];
251		}
252		}
253
254		if (count($tables) > 0) {
255		foreach ($tables as $t) {
256		$sql = "DROP TABLE `{$db_name}`.`{$t}`";
257		if (!mysqli_query($link, $sql)) {
258		die("MySQL error. Can\'t delete `{$db_name}`.`{$t}`");
259		}
260		}
261		}
262
263		mysqli_query($link, 'SET NAMES `utf8`');
264		$sqlFileData = read_file(__DIR__ . '/' . $this->useSqlFile);
265
266		$queries = explode(";\n", str_replace(';\r\n', ';\n', $sqlFileData));
267
268		foreach ($queries as $q) {
269		$q = trim($q);
270
271		if (!empty($q)) {
272		mysqli_query($link, $q);
273		}
274		}
275
276		// Update site title
277		mysqli_query($link, 'UPDATE `settings_i18n` SET `name`=\'' . mysqli_escape_string($link, $this->input->post('site_title')) . '\' ');
278		mysqli_query($link, 'UPDATE `settings_i18n` SET `short_name`=\'' . mysqli_escape_string($link, $this->input->post('site_title')) . '\' ');
279		mysqli_query($link, 'UPDATE `settings` SET `lang_sel`=\'' . mysqli_escape_string($link, $this->input->post('lang_sel')) . '\' ');
280
281		// TRUNCATE if "no demodata" checked
282		if ($this->input->post('product_samples') != 'on') {
283		mysqli_query($link, 'TRUNCATE `category`;');
284		mysqli_query('INSERT INTO `category` (`id`, `name`, `url`, `per_page`, `order_by`) VALUES (\'1\', \'test\', \'test\', \'1\', \'publish_date\');', $link);
285		mysqli_query('UPDATE `settings` SET `main_type`=\'category\', `main_page_cat`=\'1\';', $link);
286		mysqli_query($link, 'TRUNCATE `comments`;');
287		mysqli_query($link, 'TRUNCATE `content`;');
288		mysqli_query($link, 'TRUNCATE `content_fields`;');
289		mysqli_query($link, 'TRUNCATE `content_fields_data`;');
290		mysqli_query($link, 'TRUNCATE `content_fields_groups_relations`;');
291		mysqli_query($link, 'TRUNCATE `content_field_groups`;');
292		mysqli_query($link, 'TRUNCATE `gallery_albums`;');
293		mysqli_query($link, 'TRUNCATE `gallery_category`;');
294		mysqli_query($link, 'TRUNCATE `gallery_images`;');
295		mysqli_query($link, 'TRUNCATE `menus`;');
296		mysqli_query($link, 'TRUNCATE `menus_data`;');
297		mysqli_query($link, 'TRUNCATE `support_comments`;');
298		mysqli_query($link, 'TRUNCATE `support_departments`;');
299		mysqli_query($link, 'TRUNCATE `support_tickets`;');
300		mysqli_query($link, 'TRUNCATE `tags`;');
301		mysqli_query($link, 'TRUNCATE `content_permissions`;');
302		mysqli_query($link, 'TRUNCATE `content_tags`;');
303		mysqli_query($link, 'TRUNCATE `logs`;');
304
305		$this->load->helper('file');
306
307		if (moduleExists('shop')) {
308		delete_files('./uploads/shop', TRUE);
309
310		mysqli_query('UPDATE `settings` SET `main_type`=\'module\', `main_page_module`=\'shop\';', $link);
311		mysqli_query($link, 'TRUNCATE `shop_category`;');
312		mysqli_query($link, 'TRUNCATE `shop_category_i18n`;');
313		mysqli_query($link, 'TRUNCATE `shop_comulativ_discount`;');
314		mysqli_query($link, 'TRUNCATE `shop_discounts`;');
315		mysqli_query($link, 'TRUNCATE `shop_gifts`;');
316		mysqli_query($link, 'TRUNCATE `shop_kit`;');
317		mysqli_query($link, 'TRUNCATE `shop_kit_product`;');
318		mysqli_query($link, 'TRUNCATE `shop_notifications`;');
319		mysqli_query($link, 'TRUNCATE `shop_notification_statuses`;');
320		mysqli_query($link, 'TRUNCATE `shop_notification_statuses_i18n`;');
321		mysqli_query($link, 'TRUNCATE `shop_orders`;');
322		mysqli_query($link, 'TRUNCATE `shop_orders_products`;');
323		mysqli_query($link, 'TRUNCATE `shop_orders_status_history`;');
324		mysqli_query($link, 'TRUNCATE `shop_products`;');
325		mysqli_query($link, 'TRUNCATE `shop_products_i18n`;');
326		mysqli_query($link, 'TRUNCATE `shop_product_categories`;');
327		mysqli_query($link, 'TRUNCATE `shop_product_images`;');
328		mysqli_query($link, 'TRUNCATE `shop_product_properties`;');
329		mysqli_query($link, 'TRUNCATE `shop_product_properties`;');
330		mysqli_query($link, 'TRUNCATE `shop_product_properties_categories`;');
331		mysqli_query($link, 'TRUNCATE `shop_product_properties_data`;');
332		mysqli_query($link, 'TRUNCATE `shop_product_properties_data_i18n`;');
333		mysqli_query($link, 'TRUNCATE `shop_product_properties_i18n`;');
334		mysqli_query($link, 'TRUNCATE `shop_product_variants`;');
335		mysqli_query($link, 'TRUNCATE `shop_product_variants_i18n`;');
336		mysqli_query($link, 'TRUNCATE `shop_banners`;');
337		mysqli_query($link, 'TRUNCATE `shop_banners_i18n`;');
338		mysqli_query($link, 'TRUNCATE `shop_brands`;');
339		mysqli_query($link, 'TRUNCATE `shop_brands_i18n`;');
340		mysqli_query($link, 'TRUNCATE `shop_spy`;');
341		mysqli_query($link, 'TRUNCATE `shop_warehouse`;');
342		mysqli_query($link, 'TRUNCATE `shop_warehouse_data`;');
343		}
344
345		delete_files('./uploads/gallery', TRUE);
346		delete_files('./uploads/images', TRUE);
347		}
348
349		$this->writeDatabaseConfig(
350		[
351		'hostname' => $this->input->post('db_host'),
352		'username' => $this->input->post('db_user'),
353		'password' => $this->input->post('db_pass'),
354		'database' => $this->input->post('db_name'),
355		]
356		);
357
358		$this->writeCmsConfig(
359		['is_installed' => 'TRUE']
360		);
361
362		$this->load->database();
363
364		// Create admin account
365		$this->load->helper('cookie');
366		delete_cookie('autologin');
367		$this->load->library('DX_Auth');
368		$admin_pass = crypt($this->dx_auth->_encode($this->input->post('admin_pass')));
369
370		// $admin_login = $this->input->post('admin_login');
371		$admin_mail = $this->input->post('admin_mail');
372
373		$admin_created = date('Y-m-d H:i:s', time());
374
375		$sql = "INSERT INTO `users` (`id`, `role_id`, `username`, `password`, `email`, `banned`, `ban_reason`, `newpass`, `newpass_key`, `newpass_time`, `last_ip`, `last_login`, `created`, `modified`)
376		VALUES (1, 1, 'Administrator', '$admin_pass', '$admin_mail', 0, NULL, NULL, NULL, NULL, '127.0.0.1', '0000-00-00 00:00:00', '$admin_created', '0000-00-00 00:00:00'); ";
377
378		mysqli_query($link, $sql);
379
380		$this->cache->delete_all();
381
382		$this->writeDatabaseConfig(
383		[
384		'hostname' => $this->input->post('db_host'),
385		'username' => $this->input->post('db_user'),
386		'password' => $this->input->post('db_pass'),
387		'database' => $this->input->post('db_name'),
388		]
389		);
390
391		// login admin
392		$this->dx_auth->login($this->input->post('admin_login'), $this->input->post('admin_pass'), true);
393
394		//redirect('install/done','refresh');
395		header('Location: ' . $this->host . '/install/done');
396		}
397
398		public function done() {
399		chmod(getModulePath('install') . '/install.php', 0777);
400		rename(getModulePath('install') . '/install.php', getModulePath('install') . '/_install.php');
401		chmod(getModulePath('install') . '/install.php', 0755);
402		$this->_display($this->load->view('done', '', TRUE));
403		}
404
405		/**
406		*
407		* @param array $data
408		* - hostname
409		* - username
410		* - password
411		* - database
412		*/
413	View Code Duplication	public function writeDatabaseConfig($data) {
414		$configFile = APPPATH . 'config/database.php';
415
416		$this->load->helper('file');
417		$configContent = read_file($configFile);
418
419		$basePattern = "/db\['default'\]\['__KEY__'\] = '([a-zA-Z0-9\-\_]*)';/";
420		$baseReplacement = "db['default']['__KEY__'] = '__VALUE__';";
421
422		foreach ($data as $key => $value) {
423		$keyPattern = str_replace('__KEY__', $key, $basePattern);
424		$replacement = str_replace(['__KEY__', '__VALUE__'], [$key, $value], $baseReplacement);
425		$configContent = preg_replace($keyPattern, $replacement, $configContent);
426		}
427
428		if (!write_file($configFile, $configContent)) {
429		die(lang('Error writing file config.php', 'install'));
430		}
431		}
432
433		/**
434		* @param bool $result
435		* @param int $step
436		* @return string
437		*/
438		private function _get_next_link($result = FALSE, $step = 1) {
439		if ($result === TRUE) {
440		$next_link = $this->host . '/install/step_' . ($step + 1);
441		} else {
442		$next_link = $this->host . '/install/step_' . $step;
443		}
444
445		return $next_link;
446		}
447
448		public function _display($content) {
449		$data = ['content' => $content];
450
451		$this->load->view('main', $data);
452		}
453
454		private function test_db() {
455		$result = TRUE;
456
457		$db_server = $this->input->post('db_host');
458		$db_user = $this->input->post('db_user');
459		$db_pass = $this->input->post('db_pass');
460		$db_name = $this->input->post('db_name');
461
462		$link = mysqli_connect($db_server, $db_user, $db_pass, $db_name);
463
464		if ($link == FALSE) {
465		$result = FALSE;
466		}
467
468		mysqli_close($link);
469
470		return $result;
471		}
472
473	View Code Duplication	public function writeCmsConfig($data) {
474		$configFile = APPPATH . 'config/cms.php';
475
476		$this->load->helper('file');
477		$configContent = read_file($configFile);
478
479		$basePattern = "/config\[[\'\"]{1}__KEY__[\'\"]{1}\][\s]=[\s]([a-zA-Z0-9\-\_]*);/";
480		$baseReplacement = "config['__KEY__'] = __VALUE__;";
481
482		foreach ($data as $key => $value) {
483		$keyPattern = str_replace('__KEY__', $key, $basePattern);
484		$replacement = str_replace(['__KEY__', '__VALUE__'], [$key, $value], $baseReplacement);
485		$configContent = preg_replace($keyPattern, $replacement, $configContent);
486		}
487
488		if (!file_put_contents($configFile, $configContent)) {
489		die(lang('Error writing file config.php', 'install'));
490		}
491		}
492
493		public function change_language() {
494		$language = $this->input->post('language');
495		if ($language) {
496		$this->session->set_userdata('language', $language);
497
498		redirect($this->input->server('HTTP_REFERER'));
499		}
500		}
501
502		}

imagecms / ImageCMS

Issues (1177)

Security Analysis not enabled

application/modules/install/install.php (6 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like