www.gusucode.com > citySHOP B2C商城系统 进销存 2.0.6码程序 > upload/install/index.php
<?php error_reporting(E_ERROR | E_WARNING | E_PARSE); @set_time_limit(1000); set_magic_quotes_runtime(0); define('IN_APP', TRUE); define('APP_ROOT', substr(dirname(__FILE__), 0, -7)); if(PHP_VERSION < '4.1.0') { $_GET = &$HTTP_GET_VARS; $_POST = &$HTTP_POST_VARS; $_COOKIE = &$HTTP_COOKIE_VARS; $_SERVER = &$HTTP_SERVER_VARS; $_ENV = &$HTTP_ENV_VARS; $_FILES = &$HTTP_POST_FILES; } foreach(array('_COOKIE', '_POST', '_GET') as $_request) { foreach($$_request as $_key => $_value) { $_key{0} != '_' && $$_key = addslashes($_value); } } //functions if(!function_exists('file_put_contents')) { function file_put_contents($filename, $s) { $fp = @fopen($filename, 'w'); @fwrite($fp, $s); @fclose($fp); return TRUE; } } function getip() { if (getenv('HTTP_CLIENT_IP') && strcasecmp(getenv('HTTP_CLIENT_IP'), 'unknown')) { $onlineip = getenv('HTTP_CLIENT_IP'); } elseif (getenv('HTTP_X_FORWARDED_FOR') && strcasecmp(getenv('HTTP_X_FORWARDED_FOR'), 'unknown')) { $onlineip = getenv('HTTP_X_FORWARDED_FOR'); } elseif (getenv('REMOTE_ADDR') && strcasecmp(getenv('REMOTE_ADDR'), 'unknown')) { $onlineip = getenv('REMOTE_ADDR'); } elseif (isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp ($_SERVER['REMOTE_ADDR'], 'unknown')) { $onlineip = $_SERVER['REMOTE_ADDR']; } preg_match("/[\d\.]{7,15}/", $onlineip, $onlineipmatches); $onlineip = $onlineipmatches[0] ? $onlineipmatches[0] : 'unknown'; unset($onlineipmatches); return $onlineip; } function createtable($sql, $dbcharset) { $type = strtoupper(preg_replace("/^\s*CREATE TABLE\s+.+\s+\(.+?\).*(ENGINE|TYPE)\s*=\s*([a-z]+?).*$/isU", "\\2", $sql)); $type = in_array($type, array('MYISAM', 'HEAP')) ? $type : 'MYISAM'; return preg_replace("/^\s*(CREATE TABLE\s+.+\s+\(.+?\)).*$/isU", "\\1", $sql). (mysql_get_server_info() > '4.1' ? " ENGINE=$type DEFAULT CHARSET=$dbcharset" : " TYPE=$type"); } function dir_writeable($dir) { if(!is_dir($dir)) { @mkdir($dir, 0777); } if(is_dir($dir)) { if($fp = @fopen("$dir/test.txt", 'w')) { @fclose($fp); @unlink("$dir/test.txt"); $writeable = 1; } else { $writeable = 0; } } return $writeable; } function dir_clear($dir) { global $lang; showjsmessage($lang['clear_dir'].' '.$dir); $directory = dir($dir); while($entry = $directory->read()) { $filename = $dir.'/'.$entry; if(is_file($filename)) { @unlink($filename); } } $directory->close(); @touch($dir.'/index.htm'); } function random($length) { $hash = ''; $chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz'; $max = strlen($chars) - 1; PHP_VERSION < '4.2.0' && mt_srand((double)microtime() * 1000000); for($i = 0; $i < $length; $i++) { $hash .= $chars[mt_rand(0, $max)]; } return $hash; } function redirect($url) { echo "<script>". "function redirect() {window.location.replace('$url');}\n". "setTimeout('redirect();', 0);\n". "</script>"; exit(); } function insertconfig($s, $find, $replace) { if(preg_match($find, $s)) { $s = preg_replace($find, $replace, $s); } else { // 插入到最后一行 $s .= "\r\n".$replace; } return $s; } function runquery($sql) { global $dbcharset, $tablepre, $db; $sql = str_replace("\r", "\n", str_replace('`city_','`'.$tablepre, $sql)); $ret = array(); $num = 0; foreach(explode(";\n", trim($sql)) as $query) { $queries = explode("\n", trim($query)); foreach($queries as $query) { $ret[$num] .= $query[0] == '#' || $query[0].$query[1] == '--' ? '' : $query; } $num++; } unset($sql); foreach($ret as $query) { $query = trim($query); if($query) { if($query == 'INSTALL COMPLETE'){ echo "<script type=\"text/javascript\">showmessage('安装完成!');$('#nextbtn').removeAttr('disabled');</script>"."\r\n"; flush(); break; } if(substr($query, 0, 12) == 'CREATE TABLE') { $name = preg_replace("/CREATE TABLE `([a-z0-9_]+)` .*/is", "\\1", $query); echo "<script type=\"text/javascript\">showmessage(\"create_table '.$name.' ... 成功 \");</script>"."\r\n"; flush(); $db->query(createtable($query, $dbcharset)); } else { $db->query($query); } } } } if(isset($_GET['act']) && $act=='dbcheck'){ header("Content-type: text/html; charset=gbk"); if(function_exists('mysql_connect')){ $cdbhost = preg_replace("/[\s\'\",]+/",'',$dbhostnew); $cdbuser = preg_replace("/[\s\'\",]+/",'',$dbusernew); $cdbpw = preg_replace("/[\s\'\",]+/",'',$dbpwnew); $cdbname = preg_replace("/[\s\'\",]+/",'',$dbnamenew); if(!$link = @mysql_connect($cdbhost,$cdbuser,$cdbpw)){ echo '不能连接到数据库,请重新输入: '.mysql_error(); }elseif(mysql_get_server_info() < '3.23') { echo 'mysql版本太低,请选择高于3.23的版本。'; }elseif(!@mysql_select_db($cdbname,$link)){ echo '不存在的数据库名称,请重新输入: '.mysql_error(); }else{ echo 'succeed'; } @mysql_close($link); exit; }else{ exit('不能加载mysql模块,请检查php配置。'); } } require APP_ROOT.'./include/db_mysql.class.php'; $self = basename(__FILE__); $step = isset($step)?intval($step) : 0; $sqlfile = APP_ROOT.'./install/malldatabase.sql'; $lockfile = APP_ROOT.'./data/install.lock'; include APP_ROOT.'./include/config.inc.php'; foreach (array('dbhost', 'dbuser', 'dbpw', 'dbname', 'tablepre', 'dbcharset', 'charset') as $key) { if(!isset($$key)) { exit('error_config_vars'); } } if(!ini_get('short_open_tag')) { exit('short_open_tag_invalid'); } elseif(file_exists($lockfile)) { exit('install_locked'); } elseif(!class_exists('dbstuff')) { exit('database_nonexistence'); } if(empty($dbcharset) && in_array(strtolower($charset), array('gbk', 'big5', 'utf-8'))) { $dbcharset = str_replace('-', '', $charset); } //start install ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=gb2312" /> <title>citySHOP <?php echo $vertp.' '.$version;?> 安装程序</title> <link href="images/style.css" rel="stylesheet" type="text/css" /> <link rel="shortcut icon" href="../favicon.ico" /> <link rel="icon" href="../animated_favicon.gif" type="image/gif" /> </head> <script language="javascript" type="text/javascript" src="js/jquery.js"></script> <script language="javascript"> function showmessage(data){ document.getElementById("sqlmsg").innerHTML += data+"<br />"; var div = document.getElementById('sqlmsg'); div.scrollTop = div.scrollHeight; } </script> <body> <div id="top"><img src="../images/logo.png" title="<?php echo $sitename;?>" /></div> <div id="middle"> <div class="m-step-<?php echo $step;?>"></div> <div class="m-font"><?php echo 'citySHOP '.$vertp.' '.$version;?></div> <?php if($step == 0) { ?> <div class="m-content"> <div style="overflow:auto; height:350px; width:auto;padding:10px"> <h1>citySHOP 使用协议</h1> <p class="subtitle">中文版使用协议 适用于中文用户</p> 1、citySHOP系列管理系统(phpjz.com)为独立开发,并受中华人民共和国法律保护,未经书面允许不能以任何方式复制、传播、使用,违者必究 。<br /> 2、免费版本提供给个人网站学习研究和非商业性使用。<br /> 3、您可以根据需要对本系统进行必要的修改和美化,但必须保留完整的版权信息。如需用于商业,必须注册或购买商业版本。<br /> 4、您可以复制、转载和传播索免费版,但未经书面授权,不得向任何第三方提供个人更名的修改版本,更不能和于其他图利行为,否则,我们将依法追究你的法律责任和经济责任。<br /> 5、下载版为免费软件,您在使用或传播中如果出现任何问题和由此造成的任何损失,citySHOP(phpjz.com)将不承担任何责任。利用本系统建设的网站的内容以及导致的任何法律争议和后果与citySHOP(phpjz.com)无关。 <br /> 6、如果您的网站正式起用了这个系统,请您通知我们,以便我们能够知晓。谢谢!<br /> 7、未尽事宜以网站最新公告和相关法律为准。<br /> <br /> 请自觉遵守上述版权声明。凡有侵权行为的个人、法人或其它组织,必须立即停止侵权并对其因侵权造成的一切后果承担全部责任和相应赔偿。否则我们将依据中华人民共和国《著作权法》、《计算机软件保护条例》等相关法律、法规追究其经济和法律责任。 </div> </div> <div class="m-btn"> <button onclick="window.opener=null;window.open('','_self');window.close();" class="btn-quit"></button> <button onclick="location.href='index.php?step=1';" class="btn-agree" style="margin-right:10px;"></button> </div> <?php }elseif($step == 1){ function show_list($path){ if(is_dir($path)){ echo "<tr> <td>$path</td> <td>可写</td> <td>".(is_writeable($path) ? '可写' : '<span class="system_error" style="color:red">不可写</span>')."</td> </tr>"; $dp=dir($path); while($file = $dp->read()){ if($file != '.' && $file != '..'){ show_list($path.'/'.$file,$mod); } } $dp->close(); } } ?> <div class="m-content"> <table> <tr> <th>说明:</th> </tr> <tr> <td style="padding-left:60px;"> # 将压缩包中 upload! 目录下全部文件和目录上传到服务器。<br /> # 如果您使用非 WINNT 系统请修改以下属性:<br /> ./templates 目录及子目录 0755; ./attachments 目录及子目录 0777; ./data 目录及子目录 0777;<br /> # 确认 URL 中 /attachments 可以访问服务器目录 ./attachments 内容。<br /> # 如果config.inc.php文件不可写,请自行修改该文件上传到根目录下include文件夹里。 </td> </tr> <tr> <th>服务器状态:</th> </tr> <tr> <td> <table cellspacing="1" style="border-collapse:collapse; width:750px;" border="1" bordercolor="#CCCCCC" align="center"> <tr class="header"> <td></td> <td>citySHOP 所需配置</td> <td>citySHOP 最佳配置</td> <td>当前服务器</td> </tr> <tr> <td class="heads">操作系统</td> <td>不限</td> <td>UNIX/Linux/FreeBSD</td> <td><?php echo PHP_OS;?></td> </tr> <tr> <td class="heads">PHP 版本</td> <td>4.0.6+</td> <td>4.3.5+</td> <td><?php echo PHP_VERSION;?></td> </tr><tr> <td class="heads">附件上传</td> <td>不限</td> <td>允许</td> <td>允许/最大尺寸 <?php echo @ini_get(upload_max_filesize);?></td> </tr><tr> <td class="heads">MySQL 支持</td> <td>支持</td> <td>支持</td> <td><?php echo function_exists('mysql_connect')?'支持':'<span class="system_error" style="color:red">不支持</span>';?></td> </tr> <tr> <td class="heads">磁盘空间</td> <td>50M+</td> <td>不限</td> <td><?php echo intval(diskfreespace('.') / (1024 * 1024)).'M';?></td> </tr> </table> </td> </tr> <tr> <th>文件及目录权限检测:</th> </tr> <tr> <td> <table cellspacing="1" style="border-collapse:collapse; width:750px;" border="1" bordercolor="#CCCCCC" align="center"> <tr class="header"> <td>目录文件名称</td> <td>所需状态</td> <td>当前状态</td> </tr> <tr> <td>../include/config.inc.php</td> <td>可写</td> <td><?php echo @is_writable(APP_ROOT.'./include/config.inc.php')?'可写':'<span class="system_error" style="color:red">不可写</span>';?></td> </tr> <tr> <td>../templates</td> <td>可读</td> <td><?php echo @is_readable(APP_ROOT.'./templates')?'可读':'<span class="system_error" style="color:red">不可读</span>';?></td> </tr> <?php show_list('../attachments'); show_list('../data'); ?> </table> </td> </tr> </table> </div> <div class="m-btn"> <button onclick="location.href='index.php';" class="btn-prv" style="margin-right:10px;"></button> <button onclick="if($('.system_error').length>0){alert('当前服务器有不支持的项或部分文件不匹配所需状态!\n请仔细阅读顶部说明或更改部分文件权限为可写、可读状态。');}else{location.href='index.php?step=2';}" class="btn-next"></button> </div> <?php }elseif($step == 2){ ?> <script language="javascript" type="text/javascript"> function ajaxchk(data) { var chkajax = false; $('#ajaxtip').ajaxStart(function(){ $('#ajaxtip').show(); $('#ajaxtip td').html('<img src="../images/default/loading.gif" border="0" />正在校验数据库,请稍后...'); }); $.ajax({ url:'index.php', type:'get', data:data, cache:false, async:false, error:function(){ $('#ajaxtip td').html('error...'); }, success:function(e){ if(e=='succeed'){ chkajax = true; }else{ $('#ajaxtip td').html(e); chkajax = false; } $('#ajaxtip').unbind('ajaxStart'); } }); return chkajax; } function dbcheck(){ if($('#username').val()==''){ alert('请输入管理员账号'); }else if($('#adminemailnew').val().match(/^[\w\-\.]+@[\w\-\.]+(\.\w+)+$/)==null){ alert('管理员Email格式不正确'); }else if($('#password').val()!=$('#passwordag').val() || $('#password').val()==''){ alert('两次输入的密码不一致'); }else if(ajaxchk($('#dbtable').serialize())){ $("#dbtable").submit(); }else{ return; } } </script> <div class="m-content"> <table> <form action="index.php?step=3" id="dbtable" method="post"> <tr id="ajaxtip" style="display:none"> <td colspan="2" style="padding-left:40px; font-size:14px; color:#F00"><img src="../images/default/loading.gif" border="0" />正在校验数据库,请稍后...</td> </tr> <tr> <th colspan="2">填写数据库账号信息</th> </tr> <tr> <td width="24%" align="right">数据库服务器:</td> <td width="76%"><input type="hidden" name="act" value="dbcheck" /><input class="border" id="dbhostnew" name="dbhostnew" type="text" value="<?php echo $dbhost;?>" /><span class="msg">数据库服务器地址,一般保持默认。</span></td> </tr> <tr> <td align="right">数据库用户名:</td> <td><input class="border" name="dbusernew" id="dbusernew" type="text" value="<?php echo $dbuser;?>" /></td> </tr> <tr> <td align="right">数据库密码:</td> <td><input class="border" name="dbpwnew" id="dbpwnew" type="text" value="<?php echo $dbpw;?>" /></td> </tr> <tr> <td align="right">数据库名:</td> <td><input class="border" name="dbnamenew" id="dbnamenew" type="text" value="<?php echo $dbname;?>" /></td> </tr> <tr> <td align="right">表名前缀:</td> <td><input class="border" name="tableprenew" id="tableprenew" type="text" value="<?php echo $tablepre;?>" /></td> </tr> <tr> <th colspan="2">管理员账号</th> </tr> <tr> <td width="24%" align="right">管理员账号:</td> <td width="76%"><input class="border" id="username" name="username" type="text" /></td> </tr> <tr> <td align="right">管理员 Email:</td> <td><input class="border" name="adminemailnew" id="adminemailnew" type="text" /></td> </tr> <tr> <td align="right">管理员密码:</td> <td><input class="border" name="password" id="password" type="password" /></td> </tr> <tr> <td align="right">再次输入密码:</td> <td><input class="border" name="passwordag" id="passwordag" type="password" /></td> </tr> </form> </table> </div> <div class="m-btn"> <button onclick="location.href='index.php?step=1';" class="btn-prv" style="margin-right:10px;"></button> <button onclick="dbcheck();" class="btn-next"></button> </div> <?php }elseif($step == 3){ if(!isset($dbhostnew,$dbusernew,$dbpwnew,$dbnamenew,$username,$password)){ exit('error'); } $siteurl = 'http://'.$_SERVER['HTTP_HOST']; $siteroot = substr($_SERVER['PHP_SELF'],0,strrpos($_SERVER['PHP_SELF'],'/install')); ?> <div class="m-content" style="height:350px;border:none;"> <div id="sqlmsg" style="overflow:auto; width:600px;height:350px;padding:10px;margin:0 auto;background:#efefef;border:1px #CCC inset"> </div> </div> <div class="m-btn"> <form action="index.php?step=4" method="post"> <input type="hidden" name="username" value="<?php echo $username;?>" /> <input type="hidden" name="siteurl" value="<?php echo $siteurl;?>" /> <input type="hidden" name="siteroot" value="<?php echo $siteroot;?>" /> <button onclick="location.href='index.php?step=2';" class="btn-prv" style="margin-right:10px;" type="button"></button> <button type="submit" id="nextbtn" disabled="" class="btn-next"></button> </form> </div> <?php $cdbhost = preg_replace("/[\s\'\",]+/",'',$dbhostnew); $cdbuser = preg_replace("/[\s\'\",]+/",'',$dbusernew); $cdbpw = preg_replace("/[\s\'\",]+/",'',$dbpwnew); $cdbname = preg_replace("/[\s\'\",]+/",'',$dbnamenew); $fp = fopen('../include/config.inc.php', 'r'); $configfile = fread($fp, filesize('../include/config.inc.php')); fclose($fp); $configfile = preg_replace("/[$]dbhost\s*\=\s*[\"'].*?[\"'];/is", "\$dbhost = '$cdbhost';", $configfile); $configfile = preg_replace("/[$]dbuser\s*\=\s*[\"'].*?[\"'];/is", "\$dbuser = '$cdbuser';", $configfile); $configfile = preg_replace("/[$]dbpw\s*\=\s*[\"'].*?[\"'];/is", "\$dbpw = '$cdbpw';", $configfile); $configfile = preg_replace("/[$]dbname\s*\=\s*[\"'].*?[\"'];/is", "\$dbname = '$cdbname';", $configfile); $configfile = preg_replace("/[$]adminemail\s*\=\s*[\"'].*?[\"'];/is", "\$adminemail = '$adminemailnew';", $configfile); $configfile = preg_replace("/[$]tablepre\s*\=\s*[\"'].*?[\"'];/is", "\$tablepre = '$tableprenew';", $configfile); $configfile = preg_replace("/[$]cookiepre\s*\=\s*[\"'].*?[\"'];/is", "\$cookiepre = '".random(3)."_';", $configfile); $fp = fopen('../include/config.inc.php', 'w'); fwrite($fp, trim($configfile)); fclose($fp); $fp = fopen($sqlfile, 'rb'); $sql = fread($fp, filesize($sqlfile)); fclose($fp); $db = new dbstuff; $db->connect($cdbhost, $cdbuser, $cdbpw, $cdbname, $pconnect, true, $dbcharset); $cdbuser = $cdbpw = $pconnect = null; $tablepre = $tableprenew; runquery($sql); $timestamp = time(); $authkey = substr(md5($_SERVER['SERVER_ADDR'].$_SERVER['HTTP_USER_AGENT'].$dbhost.$dbuser.$dbpw.$dbname.$username.$password.substr($timestamp, 0, 6)), 8, 6).random(10); $inpassword = md5(md5($password)); $onlineip = getip(); $timestamp = $_SERVER['REQUEST_TIME']; $db->query("REPLACE INTO `{$tablepre}members` (`uid`,`username` , `password` , `regip` , `regdate` , `lastip` , `lastvisit` , `email`,`adminid`,`groupid`) VALUES ('1','$username', '$inpassword', '$onlineip', '$timestamp', '$onlineip', '$timestamp', '$adminemailnew','1','1')"); $db->query("REPLACE INTO {$tablepre}settings (`variable`,`value`) VALUES ('authkey','$authkey')"); $db->query("REPLACE INTO {$tablepre}settings (`variable`,`value`) VALUES ('siteurl','$siteurl')"); $db->query("REPLACE INTO {$tablepre}settings (`variable`,`value`) VALUES ('siteroot','$siteroot')"); include_once(APP_ROOT.'./include/cache.func.php'); updatesettings(); }elseif($step == 4){ if(!file_exists($lockfile)){ $fp = fopen($lockfile,'w'); fwrite($lockfile,''); fclose($fp); } ?> <div class="m-content"> <div style="height:300px;padding:50px"> <h2>恭喜,citySHOP 已成功安装完成!</h2> <h2>以下是安装结果信息:</h2> <div style="padding-left:20px"> 安装版本:<?php echo $vertp.' '.$version;?><br /> 网站访问地址:<a href="<?php echo $siteurl.$siteroot;?>"><?php echo $siteurl.$siteroot;?></a><br /> 后台管理地址:<a href="<?php echo $siteurl.$siteroot.'/admincp.php';?>"><?php echo $siteurl.$siteroot.'/admincp.php';?></a><br /> 网站创始人:<?php echo $username;?> </div> <iframe src="../admincp.php" width="0" height="0"></iframe> </div> </div> <?php } ?> <div id="foot" style="clear:both">© 2009 phpjz.com citySHOP</div> </div> <br /><br /> </body> </html>