Add setup script
This commit is contained in:
parent
1823f15611
commit
afeb389e09
25
README.md
25
README.md
@ -7,7 +7,7 @@ Together with a dedicated [μlogger mobile client](https://github.com/bfabiszews
|
||||
- http://flaa.fabiszewski.net/ulogger/
|
||||
|
||||
## Requirements:
|
||||
- PHP 5.5 (5.4 with [password_compat](https://github.com/bfabiszewski/ulogger-server/blob/master/helpers/user.php#L24))
|
||||
- PHP 5.5 (5.4 with [password_compat](https://github.com/bfabiszewski/ulogger-server/blob/04b2b771398d8511bfa6fe8a85d58162bd32fc46/helpers/user.php#L24))
|
||||
- MySQL 4.1
|
||||
- browser with javascript enabled, cookies for authentication and saving preferences
|
||||
|
||||
@ -25,20 +25,19 @@ Together with a dedicated [μlogger mobile client](https://github.com/bfabiszews
|
||||
- simple admin menu
|
||||
|
||||
## Install
|
||||
- Download the zip or clone the repository on your computer
|
||||
- Move it to your web server directory
|
||||
- Use script/ulogger.sql file to create database and tables (you can use a MySQL interface such as [PhpMyAdmin](https://www.phpmyadmin.net))
|
||||
- Create a copy of config.default.php and rename it config.php. Add database credentials in it
|
||||
- Make sure you have a web server running, e.g. Apache, also PHP and MySQL
|
||||
- Open a browser and go to http://your_local_server/ulogger-server/
|
||||
- Connect with admin/admin
|
||||
- **Change admin password**
|
||||
- Create other user if needed
|
||||
- Download zipped archive or clone the repository on your computer
|
||||
- Move it to your web server directory (unzip if needed)
|
||||
- Create database and MySQL user (at least SELECT, INSERT, UPDATE, DELETE privileges, CREATE, DROP for setup script)
|
||||
- Create a copy of `config.default.php` and rename it to `config.php`. Customize it and add database credentials
|
||||
- Edit `scripts/setup.php` script, enable it by setting [$enabled](https://github.com/bfabiszewski/ulogger-server/blob/master/scripts/setup.php#L21) value to `true`
|
||||
- Make sure you have a web server running with PHP and MySQL
|
||||
- Open http://YOUR_HOST/ulogger-server/scripts/setup.php page in your browser
|
||||
- Follow instructions in setup script. It will add database tables and set up your μlogger user
|
||||
- **Remember to remove or disable `scripts/setup.php` script**
|
||||
- Log in with your new user on http://YOUR_HOST/ulogger-server/
|
||||
|
||||
## Todo
|
||||
- install script
|
||||
- custom icons
|
||||
- track editing
|
||||
- improve track editing
|
||||
- track display filters (accurracy, provider)
|
||||
|
||||
## License
|
||||
|
@ -137,6 +137,10 @@
|
||||
if (isset($_COOKIE["ulogger_interval"])) { self::$interval = $_COOKIE["ulogger_interval"]; }
|
||||
}
|
||||
|
||||
public function isFileLoaded() {
|
||||
return self::$fileLoaded;
|
||||
}
|
||||
|
||||
/**
|
||||
* Regex to test if password matches strength and length requirements.
|
||||
* Valid for both php and javascript
|
||||
|
@ -45,7 +45,7 @@
|
||||
header("HTTP/1.1 503 Service Unavailable");
|
||||
exit;
|
||||
}
|
||||
die("Database connection error (" . $this->connect_errno . ")");
|
||||
die("Database connection error (" . $this->connect_error . ")");
|
||||
}
|
||||
$this->set_charset('utf8');
|
||||
}
|
||||
|
28
lang/en.php
28
lang/en.php
@ -19,6 +19,34 @@
|
||||
|
||||
// default language for translations
|
||||
|
||||
// strings only used in setup
|
||||
$langSetup["dbconnectfailed"] = "Database connection failed.";
|
||||
$langSetup["serversaid"] = "Server said: %s"; // substitutes server error message
|
||||
$langSetup["checkdbsettings"] = "Please check database settings in 'config.php' file.";
|
||||
$langSetup["dbqueryfailed"] = "Database query failed.";
|
||||
$langSetup["dbtablessuccess"] = "Database tables successfully created!";
|
||||
$langSetup["setupuser"] = "Now please set up your µlogger user.";
|
||||
$langSetup["congratulations"] = "Congratulations!";
|
||||
$langSetup["setupcomplete"] = "Setup is now complete. You may go to the <a href=\"../index.php\">main page</a> now and log in with your new user account.";
|
||||
$langSetup["disablewarn"] = "IMPORTANT! YOU MUST DISABLE 'setup.php' SCRIPT OR REMOVE IT FROM YOUR SERVER.";
|
||||
$langSetup["disabledesc"] = "Leaving the script accessible from browser is a major security risk. Anybody will be able to run it, delete your database and set up new user account. Delete the file or disable it by setting %s value back to %s."; // substitutes variable name and value
|
||||
$langSetup["setupfailed"] = "Unfortunately something has gone wrong. You may try to find more info in your webserver logs.";
|
||||
$langSetup["welcome"] = "Welcome to µlogger!";
|
||||
$langSetup["phpversionwarn"] = "Warning! Your PHP version (%s) is probably too low. This application may not function properly with PHP versions lower than 5.4."; // substitutes php version number
|
||||
$langSetup["disabledwarn"] = "For security reasons this script is disabled by default. To enable it you must edit 'scripts/setup.php' file in text editor and set %s variable at the beginning of the file to %s."; // substitutes variable name and value
|
||||
$langSetup["lineshouldread"] = "Line: %s should read: %s";
|
||||
$langSetup["passfuncwarn"] = "Your PHP version does not support password functions that ship with PHP 5.5. You have to include password_compat library.";
|
||||
$langSetup["passfunchack"] = "Please edit 'helpers/user.php' file and uncomment line including 'helpers/password.php'.";
|
||||
$langSetup["dorestart"] = "Please restart this script when you are done.";
|
||||
$langSetup["createconfig"] = "Please create 'config.php' file in root folder. You may start by copying it from 'config.default.php'. Make sure that you adjust config values to match your needs and your database setup.";
|
||||
$langSetup["nodbsettings"] = "You must provide your database credentials in 'config.php' file (%s)."; // substitutes variable names
|
||||
$langSetup["scriptdesc"] = "This script will set up tables needed for µlogger. They will be created in your database named %s. Warning, if the tables already exist they will be dropped and recreated, their content will be destroyed."; // substitutes db name
|
||||
$langSetup["scriptdesc2"] = "When done the script will ask you to provide user name and password for your µlogger user.";
|
||||
$langSetup["startbutton"] = "Press to start";
|
||||
$langSetup["restartbutton"] = "Restart";
|
||||
|
||||
|
||||
// application strings
|
||||
$lang["title"] = "• μlogger •";
|
||||
$lang["private"] = "You need login and password to access this page.";
|
||||
$lang["authfail"] = "Wrong username or password";
|
||||
|
25
lang/pl.php
25
lang/pl.php
@ -17,6 +17,31 @@
|
||||
* along with this program; if not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
$langSetup["dbconnectfailed"] = "Błąd połączenia z bazą danych.";
|
||||
$langSetup["serversaid"] = "Komunikat serwera: %s";
|
||||
$langSetup["checkdbsettings"] = "Proszę sprawdzić konfigurację bazy danych w pliku 'config.php'.";
|
||||
$langSetup["dbqueryfailed"] = "Błąd zapytania do bazy danych.";
|
||||
$langSetup["dbtablessuccess"] = "Pomyślnie utworzono tablice w bazie danych!";
|
||||
$langSetup["setupuser"] = "Skonfiguruj teraz swojego użytkownika w µloggerze.";
|
||||
$langSetup["congratulations"] = "Gratulacje!";
|
||||
$langSetup["setupcomplete"] = "Konfiguracja zakończona. Możesz teraz przejść do <a href=\"../index.php\">strony głównej</a> i zalogować się na konto utworzonego użytkownika.";
|
||||
$langSetup["disablewarn"] = "WAŻNE! NAZLEŻY DEZAKTYWOWAĆ SKRYPT 'setup.php' ALBO USUNĄĆ GO Z SERWERA.";
|
||||
$langSetup["disabledesc"] = "Pozostawienie dostępu do skryptu z przeglądarki stanowi duże zagrożenie. Każdy będzie mógł go uruchomić, usunąć całą bazę danych i dodać nowego użytkownika. Usuń plik lub dezaktywuj go przywracając zmiennej %s wartość %s.";
|
||||
$langSetup["setupfailed"] = "Niestety coś poszło nie tak. Może znajdziesz więcej wskazówek w logach serwera www.";
|
||||
$langSetup["welcome"] = "Witaj w µloggerze!";
|
||||
$langSetup["phpversionwarn"] = "Uwaga! Twoja wersja PHP (%s) jest prawdopodobnie zbyt stara. Ta aplikacja może nie działać poprawnie z wersjami PHP niższymi od 5.4.";
|
||||
$langSetup["disabledwarn"] = "Ze względów bezpieczeństwa ten skrypt jest domyślnie wyłączony. Aby go aktywować należy otworzyć plik 'scripts/setup.php' w edytorze tekstu i zmienić wartość zmiennej %s na początku pliku na %s.";
|
||||
$langSetup["lineshouldread"] = "Linia: %s powinna zostać zmieniona na: %s";
|
||||
$langSetup["passfuncwarn"] = "Zainstalowana wersja PHP nie zawiera funkcji obsługujących hasła, dostępnych od wersji PHP 5.5. Musisz włączyć bibliotekę 'password_compat'.";
|
||||
$langSetup["passfunchack"] = "Otwórz proszę plik 'helpers/user.php' w edytorze tekstu i odkomentuj linię włączającą 'helpers/password.php'.";
|
||||
$langSetup["dorestart"] = "Uruchom ten skrypt ponownie, kiedy zakończysz.";
|
||||
$langSetup["createconfig"] = "Utwórz proszę plik 'config.php' w głównym folderze. Możesz skopiować jego początkową zawartość z pliku 'config.default.php'. Pamiętaj, żeby dostosować konfiguracje do swoich potrzeb i ustawień bazy danych.";
|
||||
$langSetup["nodbsettings"] = "Musisz skonfigurować parametry dostępu do bazy danych w pliku 'config.php' (%s).";
|
||||
$langSetup["scriptdesc"] = "Ten skrypt utworzy tablice niezbędne do działania aplikacji µlogger. Zostaną one utworzone w bazie danych o nazwie %s. Uwaga, jeśli tablice już istnieją, zostaną usunięte i utworzone ponownie, ich zawartość zostanie skasowana.";
|
||||
$langSetup["scriptdesc2"] = "Następnie skrypt poprosi o utworzenie konta do logowania w aplikacji µlogger.";
|
||||
$langSetup["startbutton"] = "Naciśnij, aby rozpocząć";
|
||||
$langSetup["restartbutton"] = "Uruchom ponownie";
|
||||
|
||||
$lang["title"] = "• μlogger •";
|
||||
$lang["private"] = "Aby się zalogować musisz podać login i hasło";
|
||||
$lang["authfail"] = "błędny login lub hasło";
|
||||
|
235
scripts/setup.php
Normal file
235
scripts/setup.php
Normal file
@ -0,0 +1,235 @@
|
||||
<?php
|
||||
/* μlogger
|
||||
*
|
||||
* Copyright(C) 2017 Bartek Fabiszewski (www.fabiszewski.net)
|
||||
*
|
||||
* This is free software; you can redistribute it and/or modify it under
|
||||
* the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
* General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
// This script is disabled by default. Change below to true before running.
|
||||
$enabled = false;
|
||||
|
||||
|
||||
/* -------------------------------------------- */
|
||||
/* no user modifications should be needed below */
|
||||
|
||||
define("ROOT_DIR", dirname(__DIR__));
|
||||
require_once(ROOT_DIR . "/helpers/user.php");
|
||||
require_once(ROOT_DIR . "/helpers/config.php");
|
||||
$config = new uConfig();
|
||||
|
||||
require_once(ROOT_DIR . "/lang.php");
|
||||
|
||||
$command = isset($_REQUEST['command']) ? $_REQUEST['command'] : NULL;
|
||||
|
||||
$messages = [];
|
||||
switch ($command) {
|
||||
case "setup":
|
||||
$queries = [];
|
||||
// positions
|
||||
$queries[] = "DROP TABLE IF EXISTS `positions`";
|
||||
$queries[] = "CREATE TABLE `positions` (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`time` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
|
||||
`user_id` int(11) NOT NULL,
|
||||
`track_id` int(11) NOT NULL,
|
||||
`latitude` double NOT NULL,
|
||||
`longitude` double NOT NULL,
|
||||
`altitude` double DEFAULT NULL,
|
||||
`speed` double DEFAULT NULL,
|
||||
`bearing` double DEFAULT NULL,
|
||||
`accuracy` int(11) DEFAULT NULL,
|
||||
`provider` varchar(100) DEFAULT NULL,
|
||||
`comment` varchar(255) DEFAULT NULL,
|
||||
`image_id` int(11) DEFAULT NULL,
|
||||
PRIMARY KEY (`id`),
|
||||
KEY `index_trip_id` (`track_id`),
|
||||
KEY `index_user_id` (`user_id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8";
|
||||
|
||||
// tracks
|
||||
$queries[] = "DROP TABLE IF EXISTS `tracks`";
|
||||
$queries[] = "CREATE TABLE `tracks` (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`user_id` int(11) NOT NULL,
|
||||
`name` varchar(255) DEFAULT NULL,
|
||||
`comment` varchar(1024) DEFAULT NULL,
|
||||
PRIMARY KEY (`id`),
|
||||
KEY `user_id` (`user_id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8";
|
||||
|
||||
// users
|
||||
$queries[] = "DROP TABLE IF EXISTS `users`";
|
||||
$queries[] = "CREATE TABLE `users` (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`login` varchar(15) CHARACTER SET latin1 NOT NULL,
|
||||
`password` varchar(255) CHARACTER SET latin1 NOT NULL DEFAULT '',
|
||||
PRIMARY KEY (`id`),
|
||||
UNIQUE KEY `login` (`login`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8";
|
||||
|
||||
$error = false;
|
||||
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
|
||||
try {
|
||||
$mysqli = new mysqli($config::$dbhost, $config::$dbuser, $config::$dbpass, $config::$dbname);
|
||||
} catch (mysqli_sql_exception $e ) {
|
||||
$messages[] = "<span class=\"warn\">{$langSetup["dbconnectfailed"]}</span>";
|
||||
$messages[] = sprintf($langSetup["serversaid"], "<b>" . $e->getMessage() . "</b>");
|
||||
$messages[] = $langSetup["checkdbsettings"];
|
||||
break;
|
||||
}
|
||||
try {
|
||||
$mysqli->set_charset('utf8');
|
||||
foreach ($queries as $query) {
|
||||
$mysqli->query($query);
|
||||
}
|
||||
} catch (mysqli_sql_exception $e) {
|
||||
$messages[] = "<span class=\"warn\">{$langSetup["dbqueryfailed"]}</span>";
|
||||
$messages[] = sprintf($langSetup["serversaid"], "<b>" . $e->getMessage() . "</b>");
|
||||
$error = true;
|
||||
}
|
||||
$mysqli->close();
|
||||
if (!$error) {
|
||||
$messages[] = "<span class=\"ok\">{$langSetup["dbtablessuccess"]}</span>";
|
||||
$messages[] = $langSetup["setupuser"];
|
||||
$form = "<form id=\"userForm\" method=\"post\" action=\"setup.php\" onsubmit=\"return validateForm()\"><input type=\"hidden\" name=\"command\" value=\"adduser\">";
|
||||
$form .= "<label><b>{$lang["username"]}</b></label><input type=\"text\" placeholder=\"{$lang["usernameenter"]}\" name=\"login\" required>";
|
||||
$form .= "<label><b>{$lang["password"]}</b></label><input type=\"password\" placeholder=\"{$lang["passwordenter"]}\" name=\"pass\" required>";
|
||||
$form .= "<label><b>{$lang["passwordrepeat"]}</b></label><input type=\"password\" placeholder=\"{$lang["passwordenter"]}\" name=\"pass2\" required>";
|
||||
$form .= "<div class=\"buttons\"><button type=\"submit\">{$lang["submit"]}</button></div>";
|
||||
$form .= "</form>";
|
||||
$messages[] = $form;
|
||||
}
|
||||
break;
|
||||
|
||||
case "adduser":
|
||||
$login = isset($_REQUEST['login']) ? $_REQUEST['login'] : NULL;
|
||||
$pass = isset($_REQUEST['pass']) ? $_REQUEST['pass'] : NULL;
|
||||
|
||||
$user = new uUser();
|
||||
if ($user->add($login, $pass) !== false) {
|
||||
$messages[] = "<span class=\"ok\">{$langSetup["congratulations"]}</span>";
|
||||
$messages[] = $langSetup["setupcomplete"];
|
||||
$messages[] = "<span class=\"warn\">{$langSetup["disablewarn"]}</span><br>";
|
||||
$messages[] = sprintf($langSetup["disabledesc"], "<b>\$enabled</b>", "<b>false</b>");
|
||||
} else {
|
||||
$messages[] = "<span class=\"warn\">{$langSetup["setupfailed"]}</span>";
|
||||
}
|
||||
break;
|
||||
|
||||
default:
|
||||
$messages[] = $langSetup["welcome"];
|
||||
if (version_compare(PHP_VERSION, '5.4.0', '<')) {
|
||||
$messages[] = "<span class=\"warn\">" . sprintf($langSetup["phpversionwarn"], PHP_VERSION) . "</span>";
|
||||
}
|
||||
if (!isset($enabled) || $enabled === false) {
|
||||
$messages[] = sprintf($langSetup["disabledwarn"], "<b>\$enabled</b>", "<b>true</b>");
|
||||
$messages[] = sprintf($langSetup["lineshouldread"], "<br><span class=\"warn\">\$enabled = false;</span><br>", "<br><span class=\"ok\">\$enabled = true;</span>");
|
||||
break;
|
||||
}
|
||||
if (!function_exists('password_hash')) {
|
||||
$messages[] = $langSetup["passfuncwarn"];
|
||||
$messages[] = $langSetup["passfunchack"];
|
||||
$messages[] = sprintf($langSetup["lineshouldread"], "<br><span class=\"warn\">//require_once(ROOT_DIR . \"/helpers/password.php\");</span><br>", "<br><span class=\"ok\">require_once(ROOT_DIR . \"/helpers/password.php\");</span>");
|
||||
$messages[] = $langSetup["dorestart"];
|
||||
$messages[] = "<form method=\"post\" action=\"setup.php\"><button>{$langSetup["restartbutton"]}</button></form>";
|
||||
break;
|
||||
}
|
||||
if (!$config->isFileLoaded()) {
|
||||
$messages[] = $langSetup["createconfig"];
|
||||
$messages[] = $langSetup["dorestart"];
|
||||
$messages[] = "<form method=\"post\" action=\"setup.php\"><button>{$langSetup["restartbutton"]}</button></form>";
|
||||
break;
|
||||
}
|
||||
if (empty($config::$dbname) || empty($config::$dbhost) || empty($config::$dbuser)) {
|
||||
$messages[] = sprintf($langSetup["nodbsettings"], "\$dbname, \$dbhost, \$dbuser, \$dbpass");
|
||||
$messages[] = $langSetup["dorestart"];
|
||||
$messages[] = "<form method=\"post\" action=\"setup.php\"><button>{$langSetup["restartbutton"]}</button></form>";
|
||||
break;
|
||||
}
|
||||
$messages[] = sprintf($langSetup["scriptdesc"], "<b>{$config::$dbname}</b>");
|
||||
$messages[] = $langSetup["scriptdesc2"];
|
||||
$messages[] = "<form method=\"post\" action=\"setup.php\"><input type=\"hidden\" name=\"command\" value=\"setup\"><button>{$langSetup["startbutton"]}</button></form>";
|
||||
break;
|
||||
}
|
||||
|
||||
?>
|
||||
|
||||
<!DOCTYPE html>
|
||||
<html>
|
||||
<head>
|
||||
<title><?= $lang["title"] ?></title>
|
||||
<meta http-equiv="Content-type" content="text/html;charset=UTF-8">
|
||||
<meta name="viewport" content="initial-scale=1.0, user-scalable=no">
|
||||
<link href="https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i&subset=cyrillic" rel="stylesheet">
|
||||
<link rel="stylesheet" type="text/css" href="../css/main.css">
|
||||
<style>
|
||||
#message {
|
||||
font-family: 'Open Sans', Verdana, sans-serif;
|
||||
font-size: 1.2em;
|
||||
color: #f8f5f7;
|
||||
padding: 10%;
|
||||
}
|
||||
#message input[type=text], #message input[type=password] {
|
||||
width: 40em;
|
||||
padding: 0.4em;
|
||||
margin: 0.8em 0;
|
||||
display: block;
|
||||
border: 1px solid #ccc;
|
||||
box-sizing: border-box;
|
||||
border-radius: 5px;
|
||||
-moz-border-radius: 5px;
|
||||
-webkit-border-radius: 5px;
|
||||
}
|
||||
.warn {
|
||||
color: #ffc747;
|
||||
}
|
||||
.ok {
|
||||
color: #00e700;
|
||||
}
|
||||
</style>
|
||||
<script type="text/javascript">
|
||||
var lang = <?= json_encode($lang) ?>;
|
||||
var pass_regex = <?= $config->passRegex() ?>;
|
||||
|
||||
function validateForm() {
|
||||
var form = document.getElementById('userForm');
|
||||
var login = form.elements['login'].value.trim();
|
||||
var pass = form.elements['pass'].value;
|
||||
var pass2 = form.elements['pass2'].value;
|
||||
if (!login || !pass || !pass2) {
|
||||
alert(lang['allrequired']);
|
||||
return false;
|
||||
}
|
||||
if (pass != pass2) {
|
||||
alert(lang['passnotmatch']);
|
||||
return false;
|
||||
}
|
||||
if (!pass_regex.test(pass)) {
|
||||
alert(lang['passlenmin'] + '\n' + lang['passrules']);
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
}
|
||||
</script>
|
||||
</head>
|
||||
|
||||
<body>
|
||||
<div id="message">
|
||||
<?php foreach ($messages as $message): ?>
|
||||
<p><?= $message ?></p>
|
||||
<?php endforeach; ?>
|
||||
</div>
|
||||
</body>
|
||||
</html>
|
@ -100,6 +100,7 @@ ALTER TABLE `users`
|
||||
--
|
||||
-- This will add default user admin with password admin
|
||||
-- The password should be changed immediatelly after installation
|
||||
-- Uncomment if needed
|
||||
--
|
||||
INSERT INTO `users` (`id`, `login`, `password`) VALUES
|
||||
(1, 'admin', '$2y$10$7OvZrKgonVZM9lkzrTbiou.CVhO3HjPk5y0W9L68fVwPs/osBRIMq');
|
||||
-- INSERT INTO `users` (`id`, `login`, `password`) VALUES
|
||||
-- (1, 'admin', '$2y$10$7OvZrKgonVZM9lkzrTbiou.CVhO3HjPk5y0W9L68fVwPs/osBRIMq');
|
Loading…
x
Reference in New Issue
Block a user