X-Git-Url: http://git.osdn.net/view?a=blobdiff_plain;f=install%2Findex.php;h=01f0d0ae21349b2f82041af6470b1dcb3c47f130;hb=2bcc50379ce985545d26b42ffd5717ab265b5635;hp=10754db32f52c3513e964bd4be474bfe76501c27;hpb=c14f0004239c015178e0427d308cef612f916b3f;p=nucleus-jp%2Fnucleus-next.git

diff --git a/install/index.php b/install/index.php
index 10754db..01f0d0a 100644
--- a/install/index.php
+++ b/install/index.php
@@ -16,7 +16,7 @@
 /**
  * @license http://nucleuscms.org/license.txt GNU General Public License
  * @copyright Copyright (C) 2002-2012 The Nucleus Group
- * @version $Id: index.php 1745 2012-04-12 23:45:47Z sakamocchi $
+ * @version $Id: index.php 1745 2012-04-12 23:45:47Z sakamocchi $
  */
 
 /* global values initialize */
@@ -43,27 +43,20 @@ if ( version_compare(PHP_VERSION, '5.3.0', '<') )
 }
 
 /* default installed plugins and skins */
-$aConfPlugsToInstall = array('NP_SecurityEnforcer', 'NP_SkinFiles', 'NP_Text');
-$aConfSkinsToImport = array('atom', 'rss2.0', 'rsd', 'default', 'defaultadmin');
+$aConfPlugsToInstall = array('NP_SecurityEnforcer', 'NP_SkinFiles', 'NP_Medium');
+$aConfSkinsToImport = array('atom', 'rss2.0', 'rsd', 'default', 'admin/default', 'admin/bookmarklet');
 
 // Check if some important files
 do_check_files();
 
 /* i18n class is needed for internationalization */
 include_once('../nucleus/libs/i18n.php');
-if ( !i18n::init('UTF-8', './locales') )
+if ( !i18n::init('UTF-8', '../nucleus/locales') )
 {
 	exit('<div style="font-size: xx-large;"> Failed to initialize iconv or mbstring extension. Would you please contact the administrator of your PHP server? </div>');
 }
 
-// check if mysql support is installed; this check may not make sense, as is, in a version past 3.5x
-if ( !function_exists('mysql_query') && !function_exists('mysqli_query') )
-{
-	exit('<div style="font-size: xx-large;"> Your PHP version does not have support for MySQL :( </div>');
-}
-
 // include core classes that are needed for login & plugin handling
-include_once('../nucleus/libs/mysql.php');
 
 // added for 3.5 sql_* wrapper
 global $MYSQL_HANDLER;
@@ -71,8 +64,14 @@ global $MYSQL_HANDLER;
 if ( !isset($MYSQL_HANDLER) )
 {
 	$MYSQL_HANDLER = array('mysql', '');
+	
+	// check if mysql support is installed; this check may not make sense, as is, in a version past 3.5x
+	if ( !function_exists('mysql_query') && !function_exists('mysqli_query') )
+	{
+		exit('<div style="font-size: xx-large;"> Your PHP version does not have support for MySQL :( </div>');
+	}
 }
-include_once('../nucleus/libs/sql/' . $MYSQL_HANDLER[0] . '.php');
+include_once('../nucleus/libs/sql/sql.php');
 
 session_start();
 if ( count($_GET) == 0 && count($_POST) == 0 )
@@ -297,19 +296,13 @@ function show_footer()
  */
 function show_select_locale_form()
 {
-	// Get the browser language that can be displayed
-	// TODO: default locale select simple implementation
-	$languages = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']);
-	foreach ( $languages as $language )
-	{
-		$language = preg_replace('#([\w]+).*#', '$1', $language);
-		break;
+	// get locale list
+	$localelist = i18n::get_available_locale_list();
+	$locales = array();
+	foreach ( $localelist as $locale ) {
+		$checkfile = './locales/' . $locale . '.' . i18n::get_current_charset() . '.php';
+		$locales[] = array( $locale, (!file_exists($checkfile) ? '*&nbsp;' : '') . $locale );
 	}
-
-	$locales = array(
-		array('en_Latn_US', 'English - United States'),
-		array('ja_Jpan_JP', 'Japanese - Japan')
-	);
 ?>
 		<div id="container">
 			<p style="font-size:152%;font-weight:bold;">
@@ -320,6 +313,11 @@ function show_select_locale_form()
 				<div class="prt">
 					<select name="locale">
 <?php
+	// Get the browser language that can be displayed
+	// TODO: default locale select simple implementation
+	$languages = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']);
+	$language = (is_array($languages) && count($languages) > 0) ? preg_replace('#^([\w]+).*$#', '$1', $languages[0]) : '';
+
 	foreach ( $locales as $locale )
 	{
 		echo "<option value=\"$locale[0]\"";
@@ -331,6 +329,9 @@ function show_select_locale_form()
 	}
 ?>
 					</select>
+					<p>Nucleus is installed in the selected locale, the locale of the Asterisk prefixed will be displayed in English because there is no translation of the installer file.</p>
+					<p>We will wait for the translator by volunteers!</p>
+					</p>
 					<p class="sbt">
 						<button type="submit" name="action" value="locale" class="sbt_arw">START</button>
 					</p>
@@ -809,7 +810,7 @@ function show_install_complete_form()
 function do_install()
 {
 	global $param;
-	global $MYSQL_HOST, $MYSQL_USER, $MYSQL_PASSWORD, $MYSQL_DATABASE, $MYSQL_PREFIX, $MYSQL_CONN;
+	global $MYSQL_HANDLER, $MYSQL_HOST, $MYSQL_USER, $MYSQL_PASSWORD, $MYSQL_DATABASE, $MYSQL_PREFIX, $MYSQL_CONN;
 	global $DIR_NUCLEUS, $DIR_MEDIA, $DIR_SKINS, $DIR_PLUGINS, $DIR_LANG, $DIR_LIBS;
 	$errors = array();
 
@@ -832,8 +833,8 @@ function do_install()
 	/*
 	 * 2.open mySQL connection
 	 */
-	$MYSQL_CONN = @sql_connect_args($MYSQL_HOST, $MYSQL_USER, $MYSQL_PASSWORD);
-	if ( $MYSQL_CONN == false )
+	$MYSQL_CONN = @DB::setConnectionInfo($MYSQL_HANDLER[1], $MYSQL_HOST, $MYSQL_USER, $MYSQL_PASSWORD);
+	if ( $MYSQL_CONN == FALSE )
 	{
 		$errors[] = _DBCONNECT_ERROR;
 		return $errors;
@@ -842,19 +843,20 @@ function do_install()
 	/*
 	 * 3. try to create database if needed
 	 */
-	if ( !sql_query("CREATE DATABASE IF NOT EXISTS {$MYSQL_DATABASE}") )
+	if ( DB::execute("CREATE DATABASE IF NOT EXISTS {$MYSQL_DATABASE}") === FALSE )
 	{
-		$errors[] = _INST_ERROR1 . ': ' . sql_error();
+		$errinfo = DB::getError();
+		$errors[] = _INST_ERROR1 . ': ' . $errinfo[2];
 	}
 
 	/*
 	 * 4. try to select database
 	 */
-	if ( !sql_select_db($MYSQL_DATABASE) )
+	$MYSQL_CONN = @DB::setConnectionInfo($MYSQL_HANDLER[1], $MYSQL_HOST, $MYSQL_USER, $MYSQL_PASSWORD, $MYSQL_DATABASE);
+	if ( !$MYSQL_CONN )
 	{
 		$errors[] = _INST_ERROR2;
 	}
-	sql_set_charset('utf8');
 
 	if ( count($errors) > 0 )
 	{
@@ -889,8 +891,8 @@ function do_install()
 	}
 
 	// table exists check
-	$result = sql_query('SHOW TABLES');
-	while ( $row = mysql_fetch_array($result, MYSQL_NUM) )
+	$result = DB::getResult('SHOW TABLES');
+	foreach ( $result as $row )
 	{
 		if ( in_array($row[0], $prefixed_table_names) )
 		{
@@ -919,9 +921,10 @@ function do_install()
 				$query = str_replace($table_names, $prefixed_table_names, $query);
 			}
 
-			if ( !sql_query($query) )
+			if ( DB::execute($query) === FALSE )
 			{
-				$errors[] = _INST_ERROR4 . ' (<small>' . $query . '</small>): ' . sql_error();
+				$errinfo = DB::getError();
+				$errors[] = _INST_ERROR4 . ' (<small>' . $query . '</small>): ' . $errinfo[2];
 			}
 		}
 	}
@@ -930,11 +933,18 @@ function do_install()
 	 * 6. put needed records
 	 */
 	/* push first post */
-	$query = "INSERT INTO %s VALUES (1, '%s', '%s', '%s', 1, 1, '%s', 0, 0, 0, 1, 0, 1)";
-	$query = sprintf($query, tableName('nucleus_item'), _1ST_POST_TITLE, _1ST_POST, _1ST_POST2, i18n::formatted_datetime('mysql', time()));
-	if ( !sql_query($query) )
+	$query = "INSERT INTO %s VALUES (1, %s, %s, %s, 1, 1, %s, 0, 0, 0, 1, 0, 1)";
+	$query = sprintf($query,
+		tableName('nucleus_item'),
+		DB::quoteValue(_1ST_POST_TITLE),
+		DB::quoteValue(_1ST_POST),
+		DB::quoteValue(_1ST_POST2),
+		DB::formatDateTime()
+	);
+	if ( DB::execute($query) === FALSE )
 	{
-		$errors[] = _INST_ERROR4 . ' (<small>' . $newpost . '</small>): ' . sql_error();
+		$errinfo = DB::getError();
+		$errors[] = _INST_ERROR4 . ' (<small>' . $newpost . '</small>): ' . $errinfo[2];
 	}
 
 	/* push configurations */
@@ -948,41 +958,49 @@ function do_install()
 	array_merge($errors, updateConfig('SiteName', $param->blog_name));
 	array_merge($errors, updateConfig('Locale', i18n::get_current_locale()));
 
-	/* escape strings for SQL */
-	$user_name			= sql_real_escape_string($param->user_name);
-	$user_realname		= sql_real_escape_string($param->user_realname);
-	$user_password		= sql_real_escape_string(md5($param->user_password));
-	$user_email			= sql_real_escape_string($param->user_email);
-	$blog_name			= sql_real_escape_string($param->blog_name);
-	$blog_shortname		= sql_real_escape_string($param->blog_shortname);
-	$config_indexurl	= sql_real_escape_string($param->IndexURL);
-
 	/* push super admin */
-	$query = "UPDATE %s SET mname = '%s', mrealname = '%s', mpassword = '%s', memail = '%s', murl = '%s', madmin = 1, mcanlogin = 1 WHERE mnumber = 1";
-	$query = sprintf($query, tableName('nucleus_member'), $user_name, $user_realname, $user_password, $user_email, $config_indexurl);
-	if ( !sql_query($query) )
+	$query = "UPDATE %s SET mname = %s, mrealname = %s, mpassword = %s, memail = %s, murl = %s, madmin = 1, mcanlogin = 1 WHERE mnumber = 1";
+	$query = sprintf($query,
+		tableName('nucleus_member'),
+		DB::quoteValue($param->user_name),
+		DB::quoteValue($param->user_realname),
+		DB::quoteValue(md5($param->user_password)),
+		DB::quoteValue($param->user_email),
+		DB::quoteValue($param->IndexURL)
+	);
+	if ( DB::execute($query) === FALSE )
 	{
-		$errors[] = _INST_ERROR5 . ': ' . sql_error();
+		$errinfo = DB::getError();
+		$errors[] = _INST_ERROR5 . ': ' . $errinfo[2];
 	}
 
 	/* push new weblog */
-	$query = "UPDATE %s SET bname = '%s', bshortname = '%s', burl = '%s' WHERE bnumber = 1";
-	$query = sprintf($query, tableName('nucleus_blog'), $blog_name, $blog_shortname, $config_indexurl);
-	if ( !sql_query($query) )
+	$query = "UPDATE %s SET bname = %s, bshortname = %s, burl = %s WHERE bnumber = 1";
+	$query = sprintf($query,
+		tableName('nucleus_blog'),
+		DB::quoteValue($param->blog_name),
+		DB::quoteValue($param->blog_shortname),
+		DB::quoteValue($param->IndexURL)
+	);
+	if ( DB::execute($query) === FALSE )
 	{
-		$errors[] = _INST_ERROR6 . ': ' . sql_error();
+		$errinfo = DB::getError();
+		$errors[] = _INST_ERROR6 . ': ' . $errinfo[2];
 	}
 
 	/* push default category */
-	$query = "UPDATE %s SET cname = '%s', cdesc = '%s' WHERE catid = 1";
-	$query = sprintf($query, tableName('nucleus_category'), _GENERALCAT_NAME, _GENERALCAT_DESC);
-	if ( !sql_query($query) )
+	$query = "UPDATE %s SET cname = %s, cdesc = %s WHERE catid = 1";
+	$query = sprintf($query,
+		tableName('nucleus_category'),
+		DB::quoteValue(_GENERALCAT_NAME),
+		DB::quoteValue(_GENERALCAT_DESC)
+	);
+	if ( DB::execute($query) === FALSE )
 	{
-		$errors[] = _INST_ERROR6 . ': ' . sql_error();
+		$errinfo = DB::getError();
+		$errors[] = _INST_ERROR6 . ': ' . $errinfo[2];
 	}
 
-	sql_close();
-
 	/*
 	 * 7. install default plugins and skins
 	 */
@@ -1006,19 +1024,28 @@ function do_install()
 		{
 			array_merge($errors, $aSkinErrors);
 		}
-
+		
+		$query	= "SELECT sdnumber FROM %s WHERE sdname='admin/default'";
+		$query	= sprintf($query, tableName('nucleus_skin_desc'));
+		$res	= intval(DB::getValue($query));
+		array_merge($errors, updateConfig('AdminSkin', $res));
+		
+		$query	= "SELECT sdnumber FROM %s WHERE sdname='admin/bookmarklet'";
+		$query	= sprintf($query, tableName('nucleus_skin_desc'));
+		$res	= intval(DB::getValue($query));
+		array_merge($errors, updateConfig('BookmarkletSkin', $res));
+		
 		$query		= "SELECT sdnumber FROM %s WHERE sdname='default'";
 		$query		= sprintf($query, tableName('nucleus_skin_desc'));
-		$res		= sql_query($query);
-		$obj		= sql_fetch_assoc($res);
-		$defSkinID	= (integer) $obj['sdnumber'];
+		$defSkinID	= intval(DB::getValue($query));
 
 		$query = "UPDATE %s SET bdefskin=%d WHERE bnumber=1";
 		$query = sprintf($query, tableName('nucleus_blog'), $defSkinID);
-		sql_query($query);
+		DB::execute($query);
+		
 		$query = "UPDATE %s SET value=%d WHERE name='BaseSkin'";
 		$query = sprintf($query, tableName('nucleus_config'), $defSkinID);
-		sql_query($query);
+		DB::execute($query);
 
 		$aPlugErrors = installCustomPlugs();
 		if ( count($aPlugErrors) > 0 )
@@ -1116,28 +1143,26 @@ function canConfigFileWritable()
  */
 function getMySqlVersion()
 {
-	global $minimum_mysql_version, $errors;
+	global $MYSQL_HANDLER, $minimum_mysql_version, $errors;
 	// Turn on output buffer
 	// Needed to repress the output of the sql function that are
 	// not part of php (in this case the @ operator doesn't work)
 	ob_start();
 
 	// note: this piece of code is taken from phpMyAdmin
-	$conn = sql_connect_args('localhost', '', '');
-	$result = @sql_query('SELECT VERSION() AS version', $conn);
+	$conn = @DB::setConnectionInfo($MYSQL_HANDLER[1], 'localhost', '', '');
 
-	if ( $result != FALSE && sql_num_rows($result) > 0 )
+	if ( $conn )
 	{
-		$row = sql_fetch_array($result);
-		$match = preg_split('#\.#', $row['version']);
+		$row = DB::getAttribute(PDO::ATTR_SERVER_VERSION);
+		$match = preg_split('#\.#', $row);
 	}
 	else
 	{
-		$result = @sql_query('SHOW VARIABLES LIKE \'version\'', $conn);
+		$row = @DB::getRow('SHOW VARIABLES LIKE \'version\'');
 
-		if ( $result != FALSE && @sql_num_rows($result) > 0 )
+		if ( $row )
 		{
-			$row = sql_fetch_row($result);
 			$match = preg_split('#\.#', $row[1]);
 		}
 		else
@@ -1153,7 +1178,7 @@ function getMySqlVersion()
 		}
 	}
 
-	@sql_disconnect($conn);
+	@DB::disConnect();
 
 	//End and clean output buffer
 	ob_end_clean();
@@ -1193,13 +1218,17 @@ function installCustomPlugs()
 		return $aErrors;
 	}
 
-	$res = sql_query('SELECT * FROM ' . tableName('nucleus_plugin'));
-	$numCurrent = sql_num_rows($res);
+	$query = sprintf('SELECT * FROM %s', tableName('nucleus_plugin'));
+	$res = DB::getResult($query);
+	$numCurrent = $res->rowCount();
 
 	foreach ( $aConfPlugsToInstall as $plugName )
 	{
-		$query = 'INSERT INTO ' . tableName('nucleus_plugin') . ' (porder, pfile) VALUES (' . (++$numCurrent) . ", '" . sql_real_escape_string($plugName) . "')";
-		sql_query($query);
+		$query = sprintf('INSERT INTO %s (porder, pfile) VALUES (%d, %s)',
+			tableName('nucleus_plugin'),
+			(++$numCurrent),
+			DB::quoteValue($plugName));
+		DB::execute($query);
 
 		$manager->clearCachedInfo('installedPlugins');
 		$plugin =& $manager->getPlugin($plugName);
@@ -1207,7 +1236,10 @@ function installCustomPlugs()
 
 		if ( !$plugin )
 		{
-			sql_query('DELETE FROM ' . tableName('nucleus_plugin') . " WHERE pfile = '" . sql_real_escape_string($plugName) . "'");
+			$query = sprintf('DELETE FROM %s WHERE pfile = %s',
+				tableName('nucleus_plugin'),
+				DB::quoteValue($plugName));
+			DB::execute($query);
 			$numCurrent--;
 			array_push($aErrors, sprintf(_INST_ERROR9, $plugName));
 			continue;
@@ -1215,20 +1247,25 @@ function installCustomPlugs()
 		$plugin->install();
 	}
 
-	sql_query('DELETE FROM ' . tableName('nucleus_plugin_event'));
-	$res = sql_query('SELECT pid, pfile FROM ' . tableName('nucleus_plugin'));
+	$query = sprintf('DELETE FROM %s', tableName('nucleus_plugin_event'));
+	DB::execute($query);
+	$query = sprintf('SELECT pid, pfile FROM %s', tableName('nucleus_plugin'));
+	$res = DB::getResult($query);
 
-	while ( $o = sql_fetch_object($res) )
+	foreach ( $res as $row )
 	{
-		$pid = $o->pid;
-		$plug =& $manager->getPlugin($o->pfile);
+		$plug =& $manager->getPlugin($row['pfile']);
 
 		if ( $plug )
 		{
 			$eventList = $plug->getEventList();
 			foreach ( $eventList as $eventName )
 			{
-				sql_query('INSERT INTO ' . tableName('nucleus_plugin_event') . ' (pid, event) VALUES (' . $pid . ", '" . $eventName . "')");
+				$query = sprintf('INSERT INTO %s (pid, event) VALUES (%d, %s)',
+					tableName('nucleus_plugin_event'),
+					intval($row['pid']),
+					DB::quoteValue($eventName));
+				DB::execute($query);
 			}
 		}
 	}
@@ -1304,7 +1341,6 @@ function do_check_files()
 		'../nucleus/libs/COMMENT.php',
 		'../nucleus/libs/COMMENTACTIONS.php',
 		'../nucleus/libs/COMMENTS.php',
-		'../nucleus/libs/ENCAPSULATE.php',
 		'../nucleus/libs/ENTITY.php',
 		'../nucleus/libs/globalfunctions.php',
 		'../nucleus/libs/i18n.php',
@@ -1314,9 +1350,7 @@ function do_check_files()
 		'../nucleus/libs/MANAGER.php',
 		'../nucleus/libs/MEDIA.php',
 		'../nucleus/libs/MEMBER.php',
-		'../nucleus/libs/mysql.php',
 		'../nucleus/libs/NOTIFICATION.php',
-		'../nucleus/libs/PAGEFACTORY.php',
 		'../nucleus/libs/PARSER.php',
 		'../nucleus/libs/PLUGIN.php',
 		'../nucleus/libs/PLUGINADMIN.php',
@@ -1327,7 +1361,8 @@ function do_check_files()
 		'../nucleus/libs/vars4.1.0.php',
 		'../nucleus/libs/xmlrpc.inc.php',
 		'../nucleus/libs/xmlrpcs.inc.php',
-		'../nucleus/libs/sql/mysql.php'
+		'../nucleus/libs/sql/DB.php',
+		'../nucleus/libs/sql/MYSQLPDO.php'
 	);
 
 	$count = count($files);
@@ -1355,15 +1390,14 @@ function do_check_files()
 function updateConfig($name, $value)
 {
 	$errors = array();
-	$name = sql_real_escape_string($name);
-	$value = trim(sql_real_escape_string($value));
 
-	$query = "UPDATE %s SET value = '%s' WHERE name = '%s'";
-	$query = sprintf($query, tableName('nucleus_config'), $value, $name);
+	$query = "UPDATE %s SET value = %s WHERE name = %s";
+	$query = sprintf($query, tableName('nucleus_config'), DB::quoteValue(trim($value)), DB::quoteValue($name));
 
-	if ( !sql_query($query) )
+	if ( DB::execute($query) === FALSE )
 	{
-		$errors[] = _INST_ERROR4 . ': ' . sql_error();
+		$errinfo = DB::getError();
+		$errors[] = _INST_ERROR4 . ': ' . $errinfo[2];
 	}
 	return $errors;
 }
@@ -1486,6 +1520,8 @@ class ParamManager
 
 	public function check_mysql_parameters()
 	{
+		global $MYSQL_HANDLER;
+		
 		$parameters = array('mysql_host', 'mysql_user', 'mysql_password', 'mysql_database', 'mysql_tablePrefix');
 		$this->read_parameter($parameters);
 
@@ -1525,14 +1561,14 @@ class ParamManager
 		
 		if ( count($errors) == 0 )
 		{
-			$mysql_conn = @sql_connect_args($this->mysql_host, $this->mysql_user, $this->mysql_password);
+			$mysql_conn = @DB::setConnectionInfo($MYSQL_HANDLER[1], $this->mysql_host, $this->mysql_user, $this->mysql_password);
 			if ( $mysql_conn == false )
 			{
 				$errors[] = _DBCONNECT_ERROR;
 			}
 			else
 			{
-				@sql_disconnect($mysql_conn);
+				@DB::disConnect();
 			}
 		}